Friday Five: Application Vulnerabilities, Election Infrastructure Security, & More

RANSOMWARE RAKES IN RECORD-BREAKING $450 MILLION IN FIRST HALF OF 2024 BY BILL TOULAS

In the first half of 2024, ransomware victims paid $459.8 million to cybercriminals, laying a potential course to surpass 2023’s $1.1 billion record by the end of the year. Despite law enforcement disruptions, ransomware attacks have intensified, with gangs demanding higher ransoms from large organizations, including a record $75 million payment, with the median ransom payment surging to $1.5 million by June 2024. However, fewer organizations are yielding to extortion, with ransom payment events declining by 27.27% year-over-year. Additionally, the inflow of stolen cryptocurrency doubled to $1.58 billion, though overall illicit on-chain activity dropped by 20%, indicating growing legitimate cryptocurrency use.

Read more

CISA, FBI ASSERT ELECTION INFRASTRUCTURE’S FORTITUDE DESPITE RANSOMWARE THREAT BY ALEXANDRA KELLEY

A new public service announcement from the FBI and CISA assures the public that even if ransomware disrupts digital election infrastructure during the November 2024 elections, it will only cause delays and not affect vote-counting accuracy. The PSA highlights the increased cyber threats due to the digitization of voting records but emphasizes that security measures in place will protect the integrity of the election. Officials also warned against misinformation spread by malicious actors but reassured that the compromise of voting systems is highly unlikely.

Read more

FAA PROPOSES NEW CYBER RULES FOR AIRPLANES AND AVIATION EQUIPMENT BY EDWARD GRAHAM

The Federal Aviation Administration (FAA) is seeking public input on proposed cybersecurity updates for future airplanes and critical equipment, as detailed in a recent Federal Register notice. The new regulations would establish design standards for transport category airplanes, engines, and propellers, focusing on cybersecurity threats. The FAA aims to standardize criteria for addressing these threats, requiring design applicants to conduct security risk analyses and mitigate vulnerabilities. The agency currently handles such concerns through "special conditions," but these updates seek to streamline certification processes while maintaining safety. Public comments are being accepted until October 21.

Read more

MULTIPLE MICROSOFT APPS FOR MACOS VULNERABLE TO LIBRARY INJECTION ATTACKS BY JAI VIJAYAN

Microsoft's macOS apps, including Outlook, Teams, and others, are vulnerable to library injection attacks, allowing attackers to exploit the apps' entitlements and bypass macOS's security controls, reportedly stemming from Microsoft's disabling of a library validation feature to support third-party plug-ins. Attackers can use this flaw to perform malicious actions, such as sending emails or recording audio and video without user consent. Microsoft has downplayed the threat and has not issued fixes for some apps, leading experts to warn of the potential risks, especially in environments with lax security practices.

Read more

AN AWS CONFIGURATION ISSUE COULD EXPOSE THOUSANDS OF WEB APPS BY LILY HAY NEWMAN

A vulnerability in Amazon Web Services' (AWS) Application Load Balancer (ALB) could have allowed attackers to bypass access controls and compromise web applications due to customer implementation issues. Researchers discovered that misconfigured ALB authentication could be exploited to access or exfiltrate data from target applications. AWS disputes the extent of the vulnerability but has updated its documentation to recommend better security practices. The issue highlights the complexities of cloud security under the Shared Responsibility Model, where customers must correctly configure their systems to avoid vulnerabilities.

Read more