InfoSec Dot - Issue #43. 🛡️ SAP Patch Alert | 📞 Phishing Gang Busted | 🇺🇸 U.S. Sanctions China

Hi there,

This thursday’s cybersecurity highlights include critical developments across industries. SAP patched a severe vulnerability in its NetWeaver platform, urging organizations to secure their systems promptly.

Meanwhile, authorities dismantled an international phone phishing syndicate preying on victims in ten countries, and the U.S. sanctioned a Chinese firm for cyberattacks targeting critical infrastructure.

These stories, alongside ongoing threats and vulnerabilities, underscore the importance of staying vigilant and proactive in cybersecurity defense.

Save Yourself From Intoxicated Sleep

Did you know that EMF exposure from your phone, Wi-Fi, and other electronic devices can significantly disrupt your sleep? Studies have shown that EMFs interfere with the body’s natural circadian rhythms, leading to difficulty falling asleep, staying asleep, and achieving deep, restorative rest. Aires Tech offers a scientifically-backed solution designed to neutralize harmful EMFs and support optimal sleep quality. Start sleeping better and wake up feeling more refreshed with Aires Tech’s advanced EMF protection solutions.

Learn More

🗓️ What’s New

International Operation Dismantles Phone Phishing Syndicate

Belgian and Dutch authorities have arrested eight individuals linked to a phone phishing operation based in the Netherlands, responsible for stealing financial data and funds from victims across at least ten countries. The suspects conducted large-scale phishing campaigns via email, SMS, and WhatsApp, impersonating bank officials and law enforcement to deceive victims, including the elderly, into divulging sensitive information. Proceeds from these scams financed luxury vacations and high-end purchases from brands like Dior, Louis Vuitton, and Rolex. The joint operation involved 17 searches, leading to the seizure of cash, firearms, electronic devices, luxury watches, and jewelry. Authorities emphasize the importance of vigilance against unsolicited communications requesting personal or financial information. Read more (3 mins)

Google Rewards Researcher $55,000 for Chrome Security Bug

Google has rolled out a critical Chrome browser update addressing three vulnerabilities, including a high-severity type confusion flaw in the V8 JavaScript engine (CVE-2024-12381). The flaw, reported by an external researcher, earned a $55,000 bug bounty. Type confusion vulnerabilities can lead to logical errors, allowing attackers to execute malicious code or access sensitive data. Additionally, a use-after-free bug in Chrome’s Translate component was patched, though bounty details are pending. Users are urged to update Chrome immediately to safeguard against potential exploits. Read more (3 mins)

Zero-Day Vulnerability Exploited in Cleo File Transfer Software

A critical zero-day flaw has been discovered in Cleo’s file transfer software, including Cleo LexiCom, VLTrader, and Harmony. This vulnerability, affecting versions 5.8.0.21 and earlier, allows unauthorized file uploads and downloads, potentially leading to remote code execution. Threat actors have actively exploited this flaw, bypassing a previous patch (CVE-2024-50623) deemed incomplete. With over 4,000 companies relying on Cleo’s software, users are advised to isolate vulnerable systems from public access and deploy firewalls until a full fix is released. Read more (4 mins)

Chinese Law Enforcement Utilizes ‘EagleMsgSpy’ Android Surveillance Tool

Cybersecurity researchers have uncovered ‘EagleMsgSpy,’ an Android spyware reportedly employed by Chinese police since 2017. Developed by Wuhan Chinasoft Token Information Technology Co., Ltd., this tool collects extensive user data—including messages from apps like QQ, Telegram, Viber, WhatsApp, and WeChat, as well as call logs, contacts, SMS messages, GPS locations, and more. Installation appears to require physical access to devices, suggesting deployment during arrests or detentions. The spyware operates covertly, exfiltrating data to command-and-control servers, with indications of an iOS variant in development. This discovery highlights the sophisticated surveillance capabilities leveraged by authorities to monitor individuals. Read more (3 mins)

U.S. Sanctions Chinese Cybersecurity Firm for Critical Infrastructure Attacks

The U.S. Department of the Treasury has sanctioned Sichuan Silence Information Technology and its employee, Guan Tianfeng, for orchestrating cyberattacks compromising over 80,000 firewalls globally in April 2020. These breaches targeted critical infrastructure, including a U.S. energy company involved in active drilling, posing significant risks to operational safety. The Department of Justice has indicted Guan on charges of conspiracy to commit computer and wire fraud. A reward of up to $10 million is offered for information leading to their apprehension. This action underscores the U.S. commitment to countering cyber threats to national security. Read more (2 mins)

SAP Addresses Critical Vulnerability in NetWeaver

SAP has released patches for 16 vulnerabilities, notably a critical Server-Side Request Forgery (SSRF) flaw in NetWeaver’s Adobe Document Services component (CVE-2024-47578) with a CVSS score of 9.1. Exploitation could allow attackers to read or modify files and potentially render the system unavailable. Additional medium-severity vulnerabilities (CVE-2024-47579 and CVE-2024-47580) were also addressed. Users are strongly advised to apply these updates promptly to safeguard their systems. Read more (2 mins)

🔗 Quick Links

• What sucks in security? Research findings from 50+ security leaders

• Strengthening security posture with comprehensive cybersecurity assessments

• 2024 Data Breach Investigations Report

• The Future of Network Security: Automated Internal and External Pentesting

If you like this issue, I'd really appreciate it if you could forward it to your friends and colleagues! Your support helps us grow and continue providing great content.

If you have specific feedback or anything interesting you’d like to share, please let me know by replying to this email.

Regards,

Dot