InfoSecBulletin Cybersecurity for mankind
Global threat actors have significantly increased attacks on government sectors, with malware-driven attempts rising by triple digits in the first quarter of the year, according to SonicWall. The security vendor’s analysis shows a 236% increase in blocked attacks in Q1 2024 compared to last year, along with a 27% rise in attacks on government entities in the month before the US election.
Concerns are rising about foreign interference in the close presidential election, which aims to create uncertainty about the results. SonicWall reported that DDoS attacks are expected to exceed last year’s numbers by 32%.
TP-Link Archer Security Flaw Exposes Devices to Malicious Command Injection
IBM address multiple flaw in security verify access appliance
“Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks
Workshop on “DDoS use cases & solutions for government & BFSI” held at BCS
Uganda confirms hack of central bank accounts, Refutes $17 Million Claim
CVE-2024-11667
Hackers actively exploiting Zyxel firewall to deploy Ransomware
Daily Security Update Dated: 29.11.2024
CIRT-in flags Critical Flaw in Oracle Agile PLM Framework
Microsoft patches four vulnerabilities in its services
Data broker exposes 600K+ passwordless sensitive files online
The vendor reported blocking over 12.9 million attacks on IP cameras this year. IoT devices are often hijacked and combined into botnets for DDoS and other attacks.
A study released yesterday found that most US county websites could be easily faked, potentially spreading election disinformation and enabling phishing attacks, with less than a week until voting.
They were registered with non-.gov domains, and the report also noted that many contact email addresses lack DMARC anti-phishing protection.
“As attackers continue to attack critical government services and election-related systems, the importance of multi-layered cybersecurity measures cannot be overstated,” said SonicWall executive director of threat research, Doug McKee.
“In a rapidly evolving threat landscape, the stakes have never been higher. We must embrace cross-industry collaboration and threat intelligence information sharing to ensure the integrity of our electoral processes and protect our vital infrastructure from those seeking to exploit these systems.”
SonicWall noted a 33% rise in software supply chain attacks since the start of the year.
Sonatype reported a 156% year-over-year rise in attacks on open source ecosystems, with over 704,102 malicious packages identified since 2019.
