Every week, Information Security Media Group provides updates on cybersecurity incidents and breaches around the world. This week, Microsoft released its August 90 patch, flaws were discovered in Azure Health Bot, Orion lost $60 million in a BEC scam, Schlatter Industries hit by malware, Microsoft announced it would abandon Paint 3-d in November, and Russia limited access to Signal.
See Also: Cyber Insurance Assessment Readiness Checklist
Microsoft has released updates to fix 90 security vulnerabilities in Windows and similar software, six zero-day vulnerabilities that are recently being exploited.
Three zero-day vulnerabilities (CVE-2024-38106, CVE-2024-38107, and CVE-2024-38193) allow attackers to gain system-level privileges; The complexity of its exploitation varies. Another zero-day vulnerability, CVE-2024-38178, is a remote code execution flaw in Edge’s Internet Explorer mode.
CVE-2024-38213 is a zero-day that allows malware to bypass the “web flag” security feature. The latest zero-day, CVE-2024-38189, affects Microsoft Project and exploits VBA macros, but users disable security warnings.
Several elevation of privilege vulnerabilities in the Microsoft Azure Health Bot service exposed the platform to potential server-side request forgery and cross-tenant resource access attacks. The computer giant patched the flaw, known as CVE-2024-38109, the August patch dump.
The Azure AI Health Bot service, used by healthcare organizations to create virtual fitness assistants, integrates internal processes and sensitive fitness information. Tenable researchers found that if exploited, the vulnerabilities can simply grant unauthorized access to manage resources in other Azure tenants. This would allow attackers to access internal metadata and download tokens to manage resources that belong to other Azure customers.
Tenable researchers discovered vulnerabilities in the Data Connections feature, which allows the integration of external APIs, aggregating those of the Fast Healthcare Interoperability Resources format. Attackers can simply exploit those issues by setting up a knowledge connection to respond with redirect codes that leaked IMDS access tokens.
Orion SA, the Luxembourg-based manufacturing and chemical giant, lost $60 million in a business email compromise scam. The company learned of the theft on Saturday and reported the incident to US regulators. The scam concerned a non-executive worker who unknowingly transferred budget to accounts controlled by criminals. Orion expects a one-time pretax loss of $60 million if the budget cannot be recovered.
The FBI is investigating, and Orion plans to continue its recovery efforts, which involve insurance claims.
BEC systems involve identity theft or email phishing to trick workers with monetary access into transferring the budget to fraudulent accounts. Despite some law enforcement successes, FBI knowledge shows that more than $43 billion in losses due to BEC scams and email account compromise between 2016 and 2022.
Swiss engineering firm Schlatter Industries reported a cyberattack on its computer network on Friday, calling it a professional attempt to “blackmail Schlatter,” Reuters reported. The specific main points were revealed. Schlatter has alerted the government and is working to repair the system’s capacity while investigating possible knowledge theft.
Microsoft announced that Paint 3-d will be deprecated on November 4 and will be removed from the Microsoft Store. Released in 2016 as a modern replacement for Paint, Paint 3-d came pre-installed on some Windows 10 devices but not Windows 11. Microsoft recommends switching to Paint, Photos, and 3-D Viewer for 2D and 3-D editing.
Russia’s telecommunications regulator Roskomnadzor has limited itself to messaging app Signal, telling Moscow-based Interfax that the end-to-end encrypted app could be used for terrorist purposes and “extremist purposes. “political dissent, which intensified following the launch of its full-scale invasion of Ukraine in February 2022. The nonprofit Freedom House has called Russia “not free. “
Signal declared the block and pleaded with users to allow tools to circumvent censorship. Android users in Russia who have not yet installed Signal can access Signal directly through the Tor browser to install the app.
Continue »
Sign in now
Complete your profile and get informed
Contact support
Sign in now
Sign in now
Our website uses cookies. Cookies allow us to provide the most productive experience imaginable and help us understand how visitors use our online site. By browsing govinfosecurity. com, you agree to our use of cookies.