Zero-click RCE against Windows IPv6. Github actions with leaked tokens. Data breach with 3 billion records.  

News

Hi folks!

Many greetings from the lovely Belgian coast :-) As I said last week, I'm on vacation right now, so it's a quicker version than usual. Still, plenty of interesting news to catch up on. Enjoy the read!

Dieter

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems with IPv6 enabled.

bleepingcomputer.com

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows.

bleepingcomputer.com

Quick links

  • Ransomware gangs rake in more than $450 million in first half of 2024: link.
  • FBI disrupts the Dispossessor ransomware operation, seizes servers: link.
  • White House details $11M plan to help secure open source: link.
  • White House working on cyber insurance policy proposal for ‘catastrophic’ incidents: link.
  • DARPA competition shows promise of using AI to find and patch bugs: link.
  • NIST releases first encryption tools to resist quantum computing: link.
  • New AI tool enables real-time face swapping on webcams: link.

Breaches and leaks

  • Troy Hunt: Inside the "3 Billion People" National Public Data breach: link.
  • 3AM ransomware stole data of 464,000 Kootenai Health patients: link.
  • Biotech company hacked in 2023 pays states $4.5 million over breached data: link.
  • CSC ServiceWorks discloses data breach after 2023 cyberattack: link.
  • Australian gold producer Evolution Mining hit by ransomware: link.
  • Hackers posing as Ukraine’s Security Service infect 100 govt PCs: link.
  • South Korea says DPRK hackers stole spy plane technical data: link.
  • AutoCanada discloses cyberattack impacting internal IT systems: link.
  • Carbon black supplier Orion loses $60 million in business email compromise scam: link.
  • Suspected 'hostile state' behind hack of Poland’s anti-doping agency and leak of athletes' data: link.
  • Local gov’ts in Texas, Florida hit with ransomware: link.

Issues and fixes

  • New AMD SinkClose flaw helps install nearly undetectable malware: link.
  • Microsoft discloses unpatched Office flaw that exposes NTLM hashes: link.
  • Ivanti warns of critical vTM auth bypass with public exploit: link.
  • Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited: link.
  • Critical SAP flaw allows remote attackers to bypass authentication: link.
  • New Windows SmartScreen bypass exploited as zero-day since March: link.
  • SolarWinds fixes critical RCE bug affecting all Web Help Desk versions: link.
  • Microsoft disables BitLocker security fix, advises manual mitigation: link.

What 1Password can do for developers

If you're an engineer, it's really worth checking out 1Password's developer tools. It can manage secrets for your infrastructure and CI/CD pipeline, manage SSH keys, and inject tokens into CLI scripts. Play around with it and see how it can fit in your development flow. (Sponsored)

1password.com

No spam, ever. We'll never share your email address and you can opt out at any time.