News – Page 7 – BU-CERT

US Supreme Court Sidesteps Decision On Social Media Laws

Posted on 2 July 2024

From silicon.co.uk

US Supreme Court throws out lower court decisions on Florida, Texas laws imposing social media regulation, demands more research

The US Supreme Court has thrown out two separate decisions by lower courts involving social media censorship laws in Florida and Texas and told the lower courts to conduct further analysis.

In the decision on Monday, the last day of the top court’s session that began in October, judges said lower courts had not adequately addressed the First Amendment speech implications of the 2021 laws.

Passwordless Authentication

Posted on 2 July 2024

From cpl.thalesgroup.com

What is passwordless authentication?

Passwordless authentication offers users a way to verify themselves while not having to remember or manually type passwords. This provides stronger security and fewer breaches.

How does passwordless authentication work?

Passwordless Authentication and SSO (Single Sign On) Solutions with SafeNet Trusted Access and Authentication as a Service:

Quickly remove passwords from authentication and SSO flows via easy-to-use conditional access policies
Using a combination of Push OTP and Biometric PIN or Push OTP and PIN
- Support Windows 10, iOS & Android platforms with SafeNet MobilePASS+
- Use Biometric verification with facial recognition or fingerprint authentication to access a token on an iOS, Android or Windows 10 device
Support FIDO2 standard with FIDO2 certified devices on any SSO platform
Address digital signature and email encryption, physical access use cases with Certificate based PKI authenticators, USB or Smart Cards
Support Voice authentication where a 3rd Party SMS provider translates SMS OTP to voice audio

TeamViewer: Hackers copied employee directory and encrypted passwords

Posted on 2 July 2024

From therecord.media

Software company TeamViewer says that a compromised employee account is what enabled hackers to breach its internal corporate IT environment and steal encrypted passwords in an incident attributed to the Russian government.

In an update on Sunday evening, TeamViwer said a Kremlin-backed group tracked as APT29 was able to copy employee directory data like names, corporate contact information and the encrypted passwords, which were for the company’s internal IT environment.

Australian Man Charged for Fake Wi-Fi Scam on Domestic Flights

Posted on 2 July 2024

From thehackernews.com

An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data.

The unnamed 42-year-old “allegedly established fake free Wi-Fi access points, which mimicked legitimate networks, to capture personal data from unsuspecting victims who mistakenly connected to them,” the Australian Federal Police (AFP) said in a press release last week.

The agency said the suspect was charged in May 2024 after it launched an investigation a month earlier following a report from an airline about a suspicious Wi-Fi network identified by its employees during a domestic flight.

Google to Drop Entrust Certificates from Chrome Starting November 2024

Posted on 1 July 2024

From securityonline.info

In a significant move that underscores the critical nature of digital security, Google has announced that, starting November 1, 2024, Chrome 127 and all subsequent versions will no longer trust newly issued digital certificates from the American private software company, Entrust, and its affiliate, AffirmTrust. This decision, which also implicates the Mozilla Foundation, marks a pivotal shift in the landscape of internet security and certificate trustworthiness.

New Hacker Group Attacking Systems With 10 Malware At Same Time

Posted on 1 July 2024

From gbhackers.com

A malware campaign of huge magnitude, and perhaps run by just one group, is using artificially nested files for distribution named ‘WEXTRACT.EXE .MUI’.

More than 50,000 files worldwide featuring this method are delivered by different stealers and loaders such as Redline, RisePro, and Amadey.

Several samples are associated with an Eastern European cybercriminal-linked Autonomous System.

Cybersecurity researchers at OutPost24 recently detected that a new hacker group has been attacking the system with 1o malware at the same time.

Cybersecurity Snapshot: Memory Bugs Pervasive in Open Source SW, While Car Dealership Chaos Persists After Ransomware

Posted on 1 July 2024

From tenable.com

Projects written completely in a memory-safe language can be affected by memory vulnerabilities if they use external dependencies written in memory-unsafe languages.

Developers also can open the door for memory bugs in memory-safe languages if they disable certain security capabilities in them. Previously, CISA has identified C#, Go, Java, Python, Rust and Swift as memory-safe languages.

The cyber agencies recommend that organizations and software manufacturers:

Reduce memory safety vulnerabilities
Make secure and informed choices when using OSS
Understand the risk of memory vulnerabilities in OSS
Evaluate ways of reducing this risk

“We encourage additional efforts to understand the scope of memory-unsafety risks in OSS and continued discussion of the best approaches to managing and reducing this risk,” the report reads.