Home Blog This Week’s Security News: US Agencies Are Requested to Patch Ivanti VPNs...

This Week’s Security News: US Agencies Are Requested to Patch Ivanti VPNs That Are Currently Under Attack

Plus: Microsoft says attackers accessed employee emails, Walmart fails to stop gift card fraud, “pig butchering” scams fuel violence in Myanmar, and more.

A logo sign outside of the headquarters of Ivanti
A logo sign outside of the headquarters of Ivanti

A major coordinated disclosure this week called attention to the importance of prioritizing security in the design of graphics processing units (GPUs). Researchers published details about the “LeftoverLocals” vulnerability in multiple brands and models of mainstream GPUs—including Apple, Qualcomm, and AMD chips—that could be exploited to steal sensitive data, such as responses from AI systems. Meanwhile, new findings from the cryptocurrency tracing firm Chainalysis show how stablecoins that are tied to the value of the US dollar were instrumental in cryptocurrency-based scams and sanctions evasion last year.

Additionally, Walmart fails to combat gift card fraud, Microsoft claims that attackers gained access to staff emails, “pig butchering” scams drive unrest in Myanmar, and more.

This month, the US Federal Trade Commission and data broker X-Mode (now Outlogic) came to an agreement on the latter’s sale of location data obtained from phone apps to the US government and other customers. Although some hailed the action as a historic victory for privacy, it also highlights the ways in which many firms may dodge inspection and consequences for failing to protect customer data, as well as the limits on the authority of the US government and the FTC to enforce data privacy laws.

There’s still more. Every week, we compile the security and privacy stories that we didn’t break or thoroughly cover. To read the complete stories, click the headlines. Be careful out there.

CISA Encourages Ivanti VPN Bug Fixes in Response to Exploitation

CISA Encourages Ivanti VPN Bug Fixes in Response to Exploitation

Analysis indicates that multiple actors have been hunting for and exploiting vulnerable Ivanti devices to gain access to organizations’ networks around the world. The activity began in December 2023, but it has ramped up in recent days as word of the vulnerabilities and a proof of concept have emerged. Researchers from the security firm Volexity say that at least 1,700 Connect Secure devices have been compromised overall. Both Volexity and Mandiant see evidence that at least some of the exploitation activity is motivated by espionage. CISA’s Goldstein said on Friday that the US government has not yet attributed any of the exploitation activity to particular actors, but that “exploitation of these products would be consistent with what we have seen from PRC [People’s Republic of China] actors like Volt Typhoon in the past.”

Federal agencies are required to fix two vulnerabilities in the well-known VPN appliances Ivanti Connect Secure and Policy Secure, which are being actively exploited, according to an emergency mandate issued by the US Cybersecurity and Infrastructure Security Agency on Friday. Reporters were informed by CISA’s executive assistant director, Eric Goldstein, that “around” 15 federal agencies have applied for mitigations out of the total number of agencies that are using the products. Goldstein stated, “We are aware that risk is not zero, but we are not assessing a significant risk to the federal enterprise.” Investigations are still underway, he said, to see if any federal agencies were affected during the attackers’ widespread exploitation campaign.

Microsoft claims a group with ties to Russia has compromised senior leadership’s email accounts.

Microsoft said on Friday that it detected a system intrusion on January 12 that it is attributing to the Russian state-backed actor known as Midnight Blizzard or APT 29 Cozy Bear. The company says it has fully remediated the breach, which began in November 2023 and used “password spraying” attacks to compromise historic system test accounts that, in some cases, then allowed the attacker to infiltrate “a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions.” With this access, Cozy Bear hackers were then able to exfiltrate “some emails and attached documents.” Microsoft notes that the attackers appeared to be seeking information about Microsoft’s investigations into the group itself. “The attack was not the result of a vulnerability in Microsoft products or services,” the company wrote. “To date, there is no evidence that the threat actor had any access to customer environments, production systems, source code, or AI systems. We will notify customers if any action is required.”

Walmart Was Unable to Stop Gift Card and Money Transfer Frauds Worth Over $1 Billion

Gift card scams in which attackers trick victims into purchasing gift cards for them are a long-standing issue, but new reporting from ProPublica shows how Walmart has been particularly remiss in addressing the problem. For a decade, the retailer has skirted pressure from both regulators and law enforcement to more closely scrutinize gift card sales and money transfers and expand employee training that could save customers from being tricked and exploited by bad actors. ProPublica conducted dozens of interviews and reviewed internal documents, court filings, and public records in its analysis.

Walmart Was Unable to Stop Gift Card and Money Transfer Frauds Worth Over $1 Billion

Their concerns were related to the money. That’s all,” Nick Alicea, a former USPS fraud team chief, said in an interview with ProPublica. Walmart defended its actions, saying it had halted over $700 million in unauthorized transfers of funds and reimbursed $4 million to gift card fraud victims. In a statement, the business stated that it “offers these financial services while working hard to keep our customers safe from third-party fraudsters.” “To help stop scammers and other criminals who may use the financial services we offer to harm our customers, we have a robust anti-fraud program in place in addition to other controls.”

Human trafficking for pig butchering scams is igniting opposition to Myanmar’s military government amid the country’s ongoing civil war.

The violence in Myanmar is being exacerbated by human trafficking and torture, which is feeding pig slaughtering scams. Rebel factions in the nation are fighting fiercely against the military administration. Scams have been more prevalent in recent years, and they are not only perpetrated by dishonest people but also by a workforce of forced laborers who are frequently abducted and imprisoned against their choice. This autumn, the Three Brotherhood Alliance, a coalition of rebel groups in Myanmar, seized several towns near the Chinese border and 100 military outposts in the country’s northern Shan state. They declared their intention to “eradicate telecom fraud, scam dens and their patrons nationwide, including in areas along the China-Myanmar border.”

Up to 100,000 people may be detained in fraud centers in Cambodia and 120,000 in Myanmar, according to UN estimates. Rebecca Miller, regional program director for human trafficking at the UN Office on Drugs and Crime, told Vox that “we’ve never seen anything like what we’re seeing now in Southeast Asia in terms of the sheer numbers of people.” Miller has worked in this field for more than 20 years.

Millions of Businesses Track Every Facebook User

— ENDS —

Connect with us for the Latest, Current, and Breaking News news updates and videos from thefoxdaily.com. The most recent news in the United States, around the world , in business, opinion, technology, politics, and sports, follow Thefoxdaily on X, Facebook, and Instagram .

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Exit mobile version