Cyber Weekly Digest - 2024 Week #31
👋 Welcome to the 31st edition Cyber Weekly Digest of 2024
Registrations have been flooding in for the next 'Cyber Security... Is No Joke' Comedy Night in 🏴 Glasgow 🏴 on 11th September. Grab your spot here before we hit capacity!
🏋🏽♀️ As Olympics fever sweeps the globe, we've been busy partnering up with the future Gold Medal winners in the world of Cyber Security... watch this space for some very exciting announcements!
😁 Dad Joke of the Week: To the man that invented 'zero'... thanks for nothing.
N.B. Better jokes can be expected at Cyber Vigilance comedy nights.
Anyway, here's our New and noteworthy podium finishers this week:
🥇 Reuters: Cyber Threat Outlook for the Sports Industry states '70% of sporting organisations are hit by at least one cyberattack annually'
Automox (as a proud partner to over 40 pro sports teams worldwide) gives you that competitive edge with the industry's easiest Endpoint Management Platform providing the visibility, automation and control your IT team needs. Effortlessly address your endpoints in real-time across every OS and leading third-party titles, without disruption.
🥇 The IBM Cost of a Data Breach Report 2024 reveals that rapidly rising breach costs are heavily influenced by human factors.
We loved Immersive Labs latest blog where you can discover why prioritising the human element and investing in cyber response training is essential for building organisational resilience.
🥇 Research shows it takes 277 days on average to identify and contain a breach. What if you could do it faster? That’s where NodeZero Tripwires™ comes in.
Horizon3.AI are delivering a novel and strategic approach to threat detection and automated deception technology. Want to know more? Click here
🥇 Attackers operate beyond your perimeter. Shouldn't your security?
The ZeroFox unified External Cybersecurity Platform combines the power of AI, full-spectrum intelligence services, and a robust portfolio of breach, incident and takedown response capabilities.
Last but not least...
🥇 Want to secure your entire organisation with the industry's fastest AI-powered open platform for all your data and workflows?
Of course you do! Built on the SentinelOne Singularity™ Data Lake, check out this bad boy... The AI SIEM for the Autonomous SOC
Now, let's take a look at our top Cyber Security News picks of the week:
☠️ This week we were warned of Sitting Ducks, informed that the Channel Tunnel ain't the only Tunnel with issues and rejoiced in the news of a large take down by the NCA
1. Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique
Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed.
2. UK Takes Down major 'Russian Coms' Caller ID Spoofing Platform
The United Kingdom's National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. Their targets included people from over 107 countries, including the United Kingdom, the United States, New Zealand, Norway, and France. Russian Coms was established in 2021 and is believed to be behind tens of millions in financial losses to an estimated 170,000 victims across the U.K. Between 2021 and 2024, criminals used it to make over 1.3 million to 500,000 unique U.K. phone numbers, with average losses reported to Action Fraud of over £9,400.
3. Hackers Abuse Free TryCloudflare to Deliver Remote Access Malware
Researchers are warning of threat actors increasingly abusing the Cloudflare Tunnel service in malware campaigns that usually deliver remote access trojans (RATs). This cybercriminal activity was first detected in February and it is leveraging the TryCloudflare free service to distribute multiple RATs, including AsyncRAT, GuLoader, VenomRAT, Remcos RAT, and Xworm.
4. New Android Banking Trojan BingoMod Steals Money, Wipes Devices
Cybersecurity researchers have uncovered a new Android remote access trojan (RAT) called BingoMod that not only performs fraudulent money transfers from the compromised devices but also wipes them in an attempt to erase traces of the malware.
Italian cybersecurity firm Cleafy, which discovered the RAT towards the end of May 2024, said the malware is under active development. It attributed the Android trojan to a likely Romanian-speaking threat actor owing to the presence of Romanian language comments in the source code associated with early versions.
5. Microsoft: Ransomware Gangs Exploit VMware ESXi Auth Bypass in Attacks
Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks. Tracked as CVE-2024-37085, this medium-severity security flaw was discovered by Microsoft security researchers Edan Zwick, Danielle Kuznets Nohi, and Meitar Pinto and fixed with the release of ESXi 8.0 U3 on June 25. The bug enables attackers to add a new user to an 'ESX Admins' group they create, a user that will automatically be assigned full administrative privileges on the ESXi hypervisor.
©2025 Cyber Vigilance
Powered by Disruptive
Naggs Stable, Old Portsmouth Road, Guildford, Surrey, England, GU3 1LP