Jun 07 2024
Welcome to Gone Phishing, your daily cybersecurity newsletter thatβs got Rishi praying for StArmageddon πππ
Itβs Friday, folks, which can only mean one thingβ¦ Itβs time for our weekly segment!
It goes by many names. Patch of the Week, Tweak of the week. Okay, thatβs it.
Congrats, the cybercriminals are no matchβ¦ for your patch! π©Ήπ©Ήπ©Ή
π¨ Urgent Update: Critical Security Flaws in Zyxel NAS Devices π±
Zyxel has released updates to address critical vulnerabilities in two of its end-of-life (EoL) network-attached storage (NAS) devices. Exploiting three of these flaws could allow unauthenticated attackers to execute OS commands and arbitrary code. π‘οΈ
Impacted Models π₯
NAS326 (versions V5.21(AAZF.16)C0 and earlier)
NAS542 (versions V5.21(ABAG.13)C0 and earlier)
Resolved in βοΈ
NAS326: Version V5.21(AAZF.17)C0
NAS542: Version V5.21(ABAG.14)C0
Key Vulnerabilities π
CVE-2024-29972: Command injection via "remote_help-cgi" allowing OS command execution.
CVE-2024-29973: Command injection via 'setCookie' parameter.
CVE-2024-29974: Remote code execution via "file_upload-cgi" by uploading a crafted configuration file.
CVE-2024-29975: Privilege management flaw in SUID binary enabling local root command execution.
CVE-2024-29976: Flaw in 'show_allsessions' command exposing admin session information.
Top Tips π‘οΈ
Update immediately to the latest firmware versions to ensure your devices are protected. Note that two privilege escalation flaws requiring authentication remain unpatched. No evidence suggests these flaws have been exploited in the wild, but updating ensures optimal protection.
Now, on to todayβs hottest cybersecurity news stories:
π£ Phishing kits bypass MFA to target European banks π¦
π‘ Work from homers, watch out! Scammers abound! π¨βπ»
π Letβs ChatGPSee about thatβ¦ plugin flaws galore π
Cybercriminals are using a new phishing-as-a-service platform called V3B to target European banking clients. Priced between $130 and $450 monthly, this kit enables fraudsters to bypass multi factor authentication (MFA) with ease. Resecurity researchers found V3B has been operational since March 2023, allowing fraudsters to mimic over 50 financial institutions.
π Advanced Features and Social Engineering
V3B uses social engineering and spoofing to trick victims into revealing sensitive information. It supports real-time interactions, evading MFA through methods like SMS codes, QR Codes, and PhotoTAN, a common second-factor app in Germany and Switzerland. The kit also boasts advanced obfuscation and anti-bot measures, making detection challenging.
π¬ Promoted by "Vssrtje"
A threat actor named "Vssrtje" promotes V3B on Telegram and dark web communities, with the associated Telegram channel having over 1,255 members. Hundreds of cybercriminals are estimated to use this kit, leading to significant financial losses for European banks.
π³ Interception of Credit Card Data
V3B isn't limited to banks; it also targets credit card data, recently adding support for International Card Services with Dutch templates. The kit's multi country targeting, encrypted code, and live chat with victims make it a formidable tool for fraudsters.
π European Banks at High Risk
With the European Unionβs substantial economy and mature financial system, phishing attacks like these pose a serious threat, causing considerable financial losses. Stay vigilant and secure your banking information!
Scammers are posing as legitimate businesses, like staffing or recruiting agencies, to offer fake work-from-home jobs. These jobs often involve simple tasks, such as rating restaurants or "optimising" services by clicking buttons. The catch? Victims must make cryptocurrency payments to earn more money or unlock tasks, with all payments going straight to the scammers.
π΄ Red Flags to Watch Out For
Youβre asked to make cryptocurrency payments to your employer.
Job tasks are simple and include terms like "optimization."
No references are required during the hiring process.
π‘οΈ Top Tips
Be wary of unsolicited job offers and avoid clicking on links, downloading files, or opening attachments in these messages.
Never send money to an alleged employer.
Do not pay for services claiming to recover lost cryptocurrency funds.
Avoid sharing financial or personal information with unsolicited job offers.
π’ Report It!
If you encounter these scams, report them to the FBI IC3 at www.ic3.gov. Include any transaction information related to the scam. For more details, see prior IC3 PSA Alert Number I-082423-PSA.
Stay safe and protect your financial well-being! πΌπ
Stay ahead of the curve with Presspool.ai! π Subscribe to their newsletter for the latest buzz in the information technology space, with a special focus on AI. Their slogan says it all: "Actionable marketing insights for the visionary AI executive." π€π‘ Thatβs us, alright! π€΅ How about you? Visionary AI executive, much? π
And if the newsletter gets your motor running then you can take a butchers at their cool AI marketing product too which is sure to help you make the most of our new artificial overlords and put them to work for your business π€π©βπ»π
Rest assured, the process is very straightforward.
You simply:
π Sign Up & Create Campaign
π Define your audience, budget, and message to captivate your audience.
π Launch your campaign, as Presspoolβs AI matches it with ideal newsletter audiences for optimal reach and conversions. π―
π΅οΈ Finally, you leverage real-time analytics to track performance and refine future strategies. π Elevate your marketing game and stay informed with Presspool.ai! π Simples! π¦¦
Presspool.aiΒ π°ππ€ may just have what you need to succeed. And if the product isnβt for you, the newsletter alone is a gamechanger. And we know newsletters π
ChatGPT is revolutionising businesses with over a thousand third-party plugins available. While these plugins boost productivity, they also introduce significant security challenges. Hereβs what you need to know to stay safe.
β οΈ Top Security Risks with ChatGPT Plugins
Data Privacy & Confidentiality
ChatGPT plugins can expose confidential enterprise information. Ensure sensitive data is protected from unauthorised access by plugin developers or third parties.
Compliance Risks
Using these plugins might breach regulations like GDPR or HIPAA, leading to legal and financial consequences.
Dependency & Reliability
Relying on external plugins for critical operations poses risks, such as service disruptions and unreliable vendor support.
New Security Vulnerabilities
Plugins can introduce new bugs or flaws. For example, a security flaw allowed attackers to intercept and replace approval codes during plugin installation, leading to unauthorised access.
π‘ Mitigation Strategies
Risk Assessments
Regularly conduct risk assessments and monitor plugins for vulnerabilities. Block risky plugins and keep an updated inventory.
Data Privacy Policies
Ensure plugins comply with your companyβs data policies. Exercise data deletion rights for noncompliance.
User Training
Include ChatGPT plugin security in your training programs. Keep sessions brief and impactful to maintain user awareness.
Behavioural Monitoring
Track data usage and access through plugins. Implement policies to identify and control the use of tools like ChatGPT.
Stay Vigilant! π’
While ChatGPT plugins can enhance your business, they come with security risks that need careful management. Adopt a strategic approach to integrate these tools safely into your workflows.
Stay safe and secure! πΌπ
ποΈ Extra, Extra! Read all about it! ποΈ
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
π‘οΈ Tl;dr sec: Join 30,000+ security professionals getting the best tools, blog posts, talks, and resources right in their inbox for free every Thursday π
π΅Β Crypto Pragmatist: Crypto made simple. Actionable alpha in 5 minutes, 3x a week. Join 47,000+ investors and insiders, for π
πΒ Bitcoin Breakdown: The best in Bitcoin, carefully curated by an alien from the future πΎ
Let us know what you think.
So long and thanks for reading all the phish!