Nagoya port recovers from LockBit 3.0. Charming Kitten sighting. Spyware in Play store apps. Solar panel vulnerabilities.
LockBit 3.0 claims responsibility for Nagoya ransomware attack. Charming Kitten sighting. Spyware infested apps found in Google Play. Solar panels and cyberattacks. Hacktivist auxiliaries remain active in Russia’s hybrid war. Read More
MoneyGram Cyber Attack: Hackers Stole Customers’ Personal and Transaction Data
MoneyGram Payment Systems, Inc. confirmed that hackers accessed and stole sensitive customer data, including personal information and transaction details.
The breach occurred between September 20 and 22, 2024, and was discovered on September 27, 2024.
The stolen data includes a wide range of personal and financial information, such as names, phone numbers, email, and postal addresses, dates of birth, Social Security numbers, government-issued identification documents (like driver’s licenses), utility bills, bank account numbers, MoneyGram Plus Rewards numbers, and transaction information (including dates and amounts of transactions).
Additionally, criminal investigation information (such as fraud) was also compromised for a limited number of consumers.
Upon detecting the issue, MoneyGram took immediate action to contain and remediate the breach, including taking certain systems offline, which temporarily impacted the availability of their services.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
The company launched an investigation with the assistance of leading external cybersecurity experts and has been coordinating with law enforcement.
MoneyGram has assured that its systems are back online and normal business operations have resumed. However, the company recommends that customers remain vigilant for incidents of fraud and identity theft by reviewing account statements and monitoring free credit reports.
Furthermore, MoneyGram has arranged to offer affected U.S. consumers identity protection and credit monitoring services for two years at no cost.
The company emphasizes the importance of protecting personal information and encourages customers to remain alert for unsolicited communications involving their personal data.
The incident highlights the ongoing threat of cyberattacks on financial institutions and the need for robust cybersecurity measures to protect sensitive customer data.
MoneyGram’s response to the breach, including their cooperation with law enforcement and provision of identity protection services, underscores their commitment to safeguarding customer information.
Strategies to Protect Websites & APIs from Malware Attack => Free Webinar
Whistleblowers: Should CISOs Consider Them a Friend or Foe?
Are whistleblowers traitors to the company, a danger to corporate brand image, and a form of insider threat? Or are they an early warning safety valve that can be used to strengthen cybersecurity and compliance?
Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints Across the Globe
[[{“value”:”
Security researchers have uncovered four zero-day vulnerabilities within OpenVPN, the world’s leading VPN solution.
These vulnerabilities pose significant threats to millions of devices globally.
These vulnerabilities, identified by the internal codename OVPNX, affect a wide range of operating systems including Windows, iOS, macOS, Android, and BSD, impacting thousands of companies worldwide.
Technical Breakdown of the Zero-Day Flaws
The vulnerabilities discovered in OpenVPN are deeply technical and exploit the software’s complex nature.
It operates across various privilege levels and integrates closely with operating system APIs.
Document
Integrate ANY.RUN in Your Company for Effective Malware Analysis
Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:
Real-time Detection
Interactive Malware Analysis
Easy to Learn by New Security Team members
Get detailed reports with maximum data
Set Up Virtual Machine in Linux & all Windows OS Versions
Interact with Malware Safely
If you want to test all these features now with completely free access to the sandbox:
According to the BlackHat report, the research team’s approach involved a meticulous examination of OpenVPN’s codebase, leveraging reverse engineering techniques to dissect the software at the bit and byte level.
One of the critical vulnerabilities begins with a remote code execution (RCE) attack targeting OpenVPN’s plugin mechanism.
By exploiting a stack overflow in the OpenVPN system service, attackers can crash the NT System service.
This crash triggers a race condition for creating a named pipe instance, allowing attackers to seize control of OpenVPN’s named pipe resource.
This vulnerability chain escalates quickly, enabling the attacker to impersonate a privileged user and execute arbitrary code at the kernel level by exploiting a vulnerable signed driver in a technique known as BYOVD (Bring Your Vulnerable Driver).
Impact on Companies and Mitigation Strategies
The discovery of these zero-day flaws in OpenVPN has sent ripples across the tech industry, given the software’s widespread use in corporate and private networks.
On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free.
The vulnerabilities expose millions of endpoints to potential data breaches, unauthorized access, and system takeovers, which could lead to significant operational disruptions and financial losses for affected organizations.
In response to these findings, the research team has outlined several mitigation techniques to help companies protect their networks.
These include updating OpenVPN to the latest version as soon as patches are available, implementing strict access controls on the use of OpenVPN plugins, and conducting regular security audits of the network infrastructure.
Additionally, the use of intrusion detection systems (IDS) and regular vulnerability scanning can help in the early detection of attempts to exploit these flaws.
During the upcoming security conference, the researchers will present a live demonstration of the exploit chain, showcasing the severity and execution of the attack in real time.
This demonstration aims to raise awareness about the vulnerabilities and encourage swift action from all stakeholders to secure their systems against these potent threats.
The discovery of these zero-day vulnerabilities in OpenVPN underscores the critical need for continuous vigilance and proactive security measures in the digital age.
Companies and individual users alike must stay informed and prepared to defend against such sophisticated cyber threats.
Is Your Network Under Attack? – Read CISO’s Guide to Avoiding the Next Breach – Download Free Guide