Last week cyber news
- Christie’s £670m art auctions hit by cyber attack – Sales at Christie’s auction house hampered because of a cyber-attack. In response to the attack all computer systems were disabled and auctions were postponed. The auction house had a sales volume of 6.2 billion dollars in the past year.
- Banco Santander suffered data breach – Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers. Banco Santander is one of the largest and most significant banks in the world, known for a diverse range of financial products and services, serving over 140 million customers. In a statement published this week, the bank disclosed a data breach incident that has impacted customers and employees in Spain, Chile, and Uruguay.
- New Lunar Malware used to breach European Govt’s Agencies – Security researchers at ESET discovered that Russian hackers used two new backdoors to compromise the Ministry of Foreign Affairs of European country with diplomatic missions in the Middle East. The malware has been active since at least 2020. Per the report, the attack starts with spear-phishing emails that carry Word files with malicious macro code.
- Sophos annual survey on ransomware attacks findings – Sophos published findings of their annual survey on ransomware attacks. The survey had 5,000 respondents from 15 sectors in 14 countries. Some interesting data from the report:
- 59% of organizations were hit by ransomware last year.
- Exploited vulnerabilities are the most commonly identified starting point.
- In most of the attacks, the cybercriminals managed to hit the backups as well.
- In 70% of the attacks data was encrypted.
- The average ransom payment – 2 million dollars.
Google fixes third actively exploited Chrome zero-day in a week
The high-severity zero-day vulnerability (CVE-2024-4947) is caused by a type confusion weakness in the Chrome V8 JavaScript engine reported by Kaspersky’s Vasily Berdnikov and Boris Larin. Although such flaws generally enable threat actors to trigger browser crashes by reading or writing memory out of buffer bounds, they can also exploit them for arbitrary code execution on targeted devices.
Security Updates
Microsoft May 2024 Patch Tuesday Fixes 61 Vulnerabilites, Including 3 Actively Exploited Zero-Days. Microsoft published around 68 security updates for vulnerabilities in supported software. 6 Updates are current versions of existing publications. 2 vulnerabilities actually exploited by attackers (Zero Day). One vulnerability is classified as critical. 4 security updates for vulnerabilities in 3rd party products have been released (1 for Chromium engine, 2 for Github, 1 for Lenovo). 27 vulnerabilities could be exploited by a remote code execution (RCE) attacker.
Severity rating: 1 Critical, 59 Important, 1 Moderate. This is in addition to 30 vulnerabilities resolved in the Chromium-based Edge browser over the past month, including two recently disclosed zero-days (CVE-2024-4671 and CVE-2024-4761) that have been tagged as exploited in attacks.
It is highly recommended to test the updates in a test environment and install them as soon as possible!
