12-Mar-24: In Security News Today

South Korean Vishing Victim Gave Up $3 Million to Cybercriminals

A recent cybersecurity news report highlights the rise of sophisticated vishing campaigns globally, with a focus on the Middle East & Africa. One victim from South Korea fell prey to cybercriminals, losing $3 million due to convincing law-enforcement impersonation scams that leverage psychology and technology.

Gemini is Susceptible to Attacks That Can Cause It to Divulge System Prompts and more

Google’s Gemini AI, a large language model, is susceptible to attacks that can lead to harmful content generation, disclosure of sensitive data, and execution of malicious actions. Researchers found vulnerabilities in Gemini, such as system prompt leakage and bypassing content restrictions, which could lead to misinformation, data leakage, and other security risks. Companies should be aware of these vulnerabilities and implement security measures to mitigate risks associated with AI adoption and deployment.

Attackers Breached CISA’s Systems Using Ivanti Product Vulnerabilities Back in February

CISA took two systems offline after threat actors breached their systems using Ivanti product vulnerabilities in February. The breached systems were the Infrastructure Protection Gateway and the Chemical Security Assessment Tool. CISA recommends organizations to review an advisory regarding three Ivanti vulnerabilities and stresses the importance of having an incident response plan in place to enhance resilience against cyber threats.

Developers Leaked Over 12 Million Secrets on GitHub in 2023

In 2023, GitHub saw over 12.8 million authentication secrets, including passwords, API keys, and encryption keys, accidentally exposed across more than 3 million public repositories. Despite GitGuardian’s efforts to alert affected users, only a small fraction took prompt action to secure their exposed secrets. This massive data exposure underscores the growing challenge of securing sensitive information in the era of open-source and collaborative development platforms.

Google Awarded $10 Million in Bounties to 632 researchers from 68 countries in 2023

Google awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in their products. The program saw a decrease from the previous year but still showcased high community participation. Google also made enhancements like increasing rewards for critical vulnerabilities and introducing new programs like Bonus Awards and Mobile VRP.

Microsoft March 2024 Patch Tuesday Fixes 60 Flaws, 18 RCE Bugs

Microsoft’s March 2024 Patch Tuesday addressed 60 vulnerabilities, including 18 remote code execution flaws. Notably, the update did not include any zero-day vulnerabilities. Some of the key flaws fixed include an elevation of privilege vulnerability in Microsoft Azure Kubernetes Service, an Office elevation of privilege vulnerability, a Microsoft Defender security feature bypass vulnerability, and a Skype for Consumer remote code execution vulnerability.

Acer Confirms Philippines Employees’ Data Leaked on Hacking Forum

Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor managing their attendance data, with the data being leaked on a hacking forum by a threat actor named ‘ph1ns’. The attacker clarified that it was a data theft attack without ransomware or encryption, and Acer confirmed the breach but stated the data was not acquired directly from their systems. Acer has a history of security incidents, including breaches in 2023, 2021, and a REvil ransomware attack in March 2021.

Cyberattack Targets Regulator Database in South Africa

The Companies and Intellectual Property Commission (CIPC) in South Africa experienced a cyberattack targeting their regulator database, which handles business and intellectual property registrations. The breach was described as ‘isolated’ by the commission. This incident highlights the ongoing cybersecurity challenges faced by organizations in the Middle East and Africa regions.

Stanford: Data of 27,000 People Stolen in September Ransomware Attack

Stanford University reported a ransomware attack in September that compromised the personal information of 27,000 individuals from its Department of Public Safety network. The attackers accessed data such as Social Security numbers, biometric data, and credit card information. The Akira ransomware gang claimed responsibility for the attack and published the stolen data on the dark web, demanding ransom payments from affected organizations.

Lawmakers Slam UK Government for Lack of Action to Protect Critical Infrastructure from Cyberattacks

The Joint Committee on the National Security Strategy (JCNSS) warns that the UK is at risk of a catastrophic ransomware attack due to lack of preparation and resources. The government’s response to the inquiry highlights deficiencies in addressing cyber threats, including a lack of support for local authorities and essential service operators. The JCNSS continues to push for urgent legislation and monitoring of government actions to enhance national cyber security.

Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.