Microsoft Flaw Nearly Allowed Scammers To Instal Malicious Extensions ๐Ÿ‘พ

Mar 30 2024

.bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
.bh__table_cell { padding: 5px; background-color: #FFFFFF; }
.bh__table_cell p { color: #2D2D2D; font-family: ‘Helvetica’,Arial,sans-serif !important; overflow-wrap: break-word; }
.bh__table_header { padding: 5px; background-color:#F1F1F1; }
.bh__table_header p { color: #2A2A2A; font-family:’Trebuchet MS’,’Lucida Grande’,Tahoma,sans-serif !important; overflow-wrap: break-word; }

Gone Phishing Banner

Sorry we are a day lateโ€ฆ

Welcome to Gone Phishing, your daily cybersecurity newsletter thatโ€™s celebrating its 300th edition today and, as such, has a special article for you coming this Easter weekend ๐ŸŽ‰๐ŸŽ‰๐ŸŽ‰

Itโ€™s Friday, folks, which can only mean one thingโ€ฆ Itโ€™s time for our weekly segment!

It goes by many names. Patch of the Week, Tweak of the week. Okay, thatโ€™s it.

Congrats, the cybercriminals are no matchโ€ฆ for your patch! ๐Ÿฉน๐Ÿฉน๐Ÿฉน

Donโ€™t push me cos I am close to the Edge ๐ŸŽถ๐Ÿ™ƒ๐Ÿ’€

๐Ÿšจ Microsoft Flaw Nearly Allowed Scammers To Instal Malicious Extensions ๐Ÿ‘พย 

A now-fixed flaw in Microsoft Edge could have let attackers sneakily install harmful extensions, gaining broad permissions without users knowing ๐Ÿ›ก๏ธ Security researcher Oleg Zaytsev flagged the issue, dubbed CVE-2024-21388, which Microsoft patched in Edge version 121.0.2277.83.

The bug allowed attackers to abuse a private API meant for marketing to install extensions without user consent, possibly leading to browser sandbox breaches. By exploiting this flaw, attackers could inject malicious JavaScript into trusted sites like bing[.]com, auto-installing extensions ๐Ÿ•ต๏ธโ€โ™‚๏ธ

Though there's no evidence of exploitation yet, it underscores the balance between user ease and security in browser customizations, as innocuous-looking extensions could pave the way for complex attacks ๐Ÿ’ป

Now, on to todayโ€™s hottest cybersecurity news stories:

  • โœˆ๏ธ Air Force Invite to to Indian Defence, Energy turns out to be malware ๐Ÿ‘พ

  • ๐Ÿ‘ฎโ€โ™‚๏ธ Feds to adopt carrot and stick approach to bolster cybersecurity in industry ๐Ÿญ

  • โš–๏ธ Off to cyber jail! Sellafield nuclear waste dump prosecuted for cyber offences ๐Ÿ‘จโ€โš–๏ธ

India attempts to keep Defense hackers at Bombay ๐Ÿ˜ฌ๐Ÿ˜ฌ๐Ÿ˜ฌ

๐Ÿšจ Beware! Indian Entities Targeted in Sophisticated Cyber Espionage Campaign ๐Ÿ•ต๏ธโ€โ™‚๏ธ

๐Ÿ›ก๏ธ Indian government entities and energy companies are under siege from unknown cyber attackers employing a modified version of the HackBrowserData malware.

๐Ÿ“จ Dubbed "Operation FlightNight," the campaign utilises Slack channels for data exfiltration, pilfering sensitive documents and browser data.

๐Ÿ’ผ The targets include government bodies overseeing electronic communications, IT governance, and national defence, along with private energy firms, resulting in the theft of 8.81 GB of data.

๐Ÿ•ต๏ธโ€โ™‚๏ธ The attackers repurposed legitimate infrastructure like Slack, a popular business communication platform, to cloak their activities.

๐Ÿ” The attack chain begins with deceptive ISO files and hidden executables, exploiting unsuspecting victims. Interestingly, the attackers repurposed legitimate infrastructure like Slack, a popular business communication platform, to cloak their activities.

๐Ÿ› ๏ธ By adapting freely available offensive tools and repurposing legitimate infrastructure such as Slack that's prevalent in enterprise environments, it allows threat actors to reduce time and development costs, as well as easily fly under the radar.

๐Ÿ’ป This sophisticated approach underscores the evolving landscape of cyber threats, where threat actors leverage freely available tools to achieve their malicious objectives with minimal risk.

๐Ÿ”’ It's a stark reminder of the importance of robust cybersecurity measures in today's digital age, urging organisations to stay vigilant and proactive in safeguarding their data and systems against evolving cyber threats.

Industry Groups: All carrot ๐Ÿฅ•โœ”๏ธ, no stick please ๐ŸฆฏโŒ๐Ÿ˜‚

๐Ÿšจ Healthcare Cybersecurity Measures Face Pushback Despite Federal Support ๐Ÿฅ

๐Ÿ” Proposed federal initiatives to bolster cybersecurity in the healthcare sector are encountering resistance from industry groups, cautioning against financial penalties for perceived laggards.

๐Ÿ’ฐ The Department of Health and Human Services' budget proposal for fiscal 2025 allocates $1.3 billion for cybersecurity investment, but also introduces penalties for non-compliance starting in fiscal 2029.

๐Ÿ“‰ The American Hospital Association (AHA) warns that penalties could strain hospital resources needed to combat cybercrime, urging a reevaluation of the proposed approach.

๐Ÿ“ Healthcare industry groups support voluntary cybersecurity goals but argue that threats of financial penalties may hinder progress.

๐Ÿšจ As the Change Healthcare cyberattack reverberates, Senator Mark Warner introduces legislation to incentivize adherence to HHS cybersecurity standards.

๐Ÿ’ผ Privacy attorney David Holtzman notes the government's determination to enhance healthcare cybersecurity, signalling forthcoming regulations.

๐Ÿ’ก Despite concerns, federal support underscores the urgency of fortifying healthcare cybersecurity against evolving threats.

๐ŸŽฃ Catch of the Day!! ๐ŸŒŠ๐ŸŸ๐Ÿฆž

Learn AI in 5 minutes a day. We'll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.

Itโ€™s nuclear at this point what the offenses are ๐Ÿ˜ฌ๐Ÿ˜ฌ๐Ÿ˜ฌ

๐Ÿšจ Sellafield Faces Prosecution Over Cybersecurity Failures

The Sellafield nuclear waste facility is set to be prosecuted for alleged information technology security offences, announced the Office for Nuclear Regulation (ONR) on Thursday. Charges stem from a four-year period between 2019 and early 2023 and come after the Guardian's investigative report highlighted cyber vulnerabilities at the site.

๐Ÿ” The ONR clarified that the charges don't imply compromise to public safety but pertain to IT security lapses during the mentioned time frame. Sellafield, a sprawling repository for nuclear waste, faced intensified scrutiny following revelations of cyber penetrations by groups linked to Russia and China, as uncovered by the Guardian. Despite assurances from Sellafield that critical networks remained insulated, concerns persisted over the site's cybersecurity posture.

๐Ÿ”„ This development follows organisational changes at Sellafield, including the impending departure of Richard Meal, the chief information security officer, and the recent appointment of Graeme Slater as the chief digital information officer with a focus on cybersecurity.

๐Ÿ” While the prosecution unfolds, the National Audit Office has initiated an inquiry into risks and expenditures at Sellafield. The Department for Energy Security and Net Zero emphasised its commitment to safety and pledged support to the ONR's regulatory oversight.

๐Ÿ‘€ As legal proceedings progress, stakeholders await further details on the case, emphasising the imperative of stringent cybersecurity measures in safeguarding critical infrastructure.

Have a great Easter, folks! ๐Ÿคย ๐Ÿฐย ๐Ÿฅย ๐ŸŽย ๐ŸŒˆย ๐Ÿฆ‹ย ๐Ÿฅš

๐Ÿ—ž๏ธ Extra, Extra! Read all about it! ๐Ÿ—ž๏ธ

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ›ก๏ธ Tl;dr sec: Join 30,000+ security professionals getting the best tools, blog posts, talks, and resources right in their inbox for free every Thursday ๐Ÿ“…

  • ๐Ÿ’ตย Crypto Pragmatist: Crypto made simple. Actionable alpha in 5 minutes, 3x a week. Join 47,000+ investors and insiders, for ๐Ÿ†“

  • ๐Ÿ“ˆย Bitcoin Breakdown: The best in Bitcoin, carefully curated by an alien from the future ๐Ÿ‘พ

Let us know what you think.

So long and thanks for reading all the phish!

footer graphic cyber security newsletter

Recent articles