News – February 2024

February 22, 2024

SonicWall Capture Labs Threat Research Team became aware of the ClamAV VirusEvent command injection vulnerability (CVE-2024-20328), assessed its impact, and developed mitigation measures for the vulnerability. ClamAV is a notable, open-source anti-virus engine, widely recognized for its comprehensive suite of security solutions. It offers an array of features, including web and email scanning capabilities, endpoint security, ...

February 22, 2024

Mmajor cellphone outage affected users across the US early Thursday — even stopping some police departments from being able to receive 911 calls. AT&T seemed to have experienced the largest number of issues, with nearly 32,000 reports at around 4:30 a.m., according to data from DownDetector, which tracks outages by collating status reports from sources including ...

February 22, 2024

Malawi’s government has suspended the issuing of passports following a cyber-attack on the immigration service’s computer network. President Lazarus Chakwera told MPs that the targeting of the department amounted to a “serious national security breach”. He revealed that the hackers were asking for a ransom. But the president said the government would not give in to ...

February 21, 2024

Chinese-manufactured unmanned aircraft systems (UAS), more commonly known as drones, continue to pose a significant risk to critical infrastructure and U.S. national security, according to an FBI advisory. While any UAS could have vulnerabilities that enable data theft or facilitate network compromises, the People’s Republic of China (PRC) has enacted laws that provide the government with ...

February 21, 2024

Data from a Chinese cybersecurity vendor that works for the Chinese government has exposed a range of hacking tools and services. Although the source is not entirely clear, it seems that a disgruntled staff member of the group leaked the information on purpose. The vendor, i-Soon (aka Anxun) is believed to be a private contractor that ...

February 21, 2024

On January 25, 2024, SSD Secure Disclosure posted a disclosure titled Zyxel VPN Series Pre-auth Remote Command Execution. The writeup describes an unauthenticated remote command injection vulnerability affecting Zyxel VPN firewalls. That caught VulnCheck researchers attention. The Zyxel VPN series has appeared on the CISA KEV four times now, and the original disclosure didn’t mention a ...

February 21, 2024

The Australian Information Commissioner has launched an investigation into a law firm that provides legal and consulting services to the government, in relation to a data breach and the publication of some of that data on the dark web. At least 65 government entities were affected by the breach last year. The announcement on Wednesday follows ...

February 21, 2024

Ransomware is a type of malware that locks your computer and mobile devices or encrypts your electronic files, demanding a ransom payment through certain online payment methods (and by an established deadline) in order to regain control of your data. It can be downloaded through fake application updates or by visiting compromised websites. It can also ...

February 21, 2024

The number of reported cyber attacks on UK law firms has increased 36 per cent over the past year. According to data by speciality reinsurance group Chaucer, there were 166 reported cyber breaches in 2021/22, this number jumped to 226 for 2022/23 (as of 30 September). Chaucer says that the large number of attacks against law ...

February 21, 2024

I know that some of you are expecting a post similar to that about a toothbrush botnet, but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a vibrator to a USB port ...