Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months

Likely two separate threat actors are using the just-patched CVE-2024-38112 in targeted, concurrent infostealer campaigns. [TechWeb]( Follow Dark Reading: [RSS]( July 11, 2024 LATEST SECURITY NEWS & COMMENTARY [Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months]( Likely two separate threat actors are using the just-patched CVE-2024-38112 in targeted, concurrent infostealer campaigns. [Peloton Takes a Spin Through Court, Thanks to AI Privacy Lawsuit]( The case alleges a third-party marketer for the exercise giant improperly used customer chat data to train its AI models. [Feds Uncover Sprawling, GenAI-Enabled Russian Troll Farm]( The bot farm was created using AI-enhanced software that was able to create a host of different false personas to spread disinformation in convincing and unsettling ways. [Poco RAT Burrows Deep Into Mining Sector]( The novel malware targets Spanish-speaking users via malicious Google Drive links, and taps a popular C++ library to evade detection. [What's Bugging the NSA? A Vuln in Its 'SkillTree' Training Platform]( Even the NSA leaves bugs in its software. In this case, it's the kind of cross-site issue that regularly slips past developers. [Fujitsu Suffers Worm-Like Attack From Something That Wasn't Ransomware]( The CE giant released its investigative findings regarding a March cyberattack that resulted in data exfiltration affecting its Japanese operations. [Privacy & Security Concerns With AI Meeting Tools]( Businesses need to find a balance between harnessing the benefits of AI assistants and safeguarding sensitive information — maintaining trust with employees and clients. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Eldorado Ransomware Cruises Onto the Scene to Target VMware ESXi]( The ransomware-as-a-service platform just rolled off the assembly line, also targets Windows, and uses Golang for cross-platform capabilities. [Are SOC 2 Reports Sufficient for Vendor Risk Management?]( SOC 2 reports are a valuable tool for evaluating vendor security, but they shouldn't be the only piece of the puzzle. [Evolve Bank & Trust Reveals 7M Impacted in LockBit Breach]( Though the company reassures its users that customer funds were not accessed, the same cannot be said for customer information. [10B Passwords Pop Up on Dark Web 'RockYou2024' Release]( The passwords, dumped on a cyber-underground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches. [Trojanized jQuery Packages Spread via 'Complex' Supply Chain Attack]( The campaign, which distributes dozens of malicious jQuery variants across npm, GitHub, and jsDelivr, appears to be a manual effort, and lacks the typical pattern that characterizes similar, related attacks. [MORE]( PRODUCTS & RELEASES [2024 SANS SOC Survey Reveals Critical Trends and Technologies in Cyber Defense]( [Global Quantum Computing Market Expected to Reach $7.13B By 2031 As Data Protection Needs Increase]( [Interlock Launches ThreatSlayer Web3 Security Extension and Incentivized Crowdsourced Internet Security Community]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Attackers Already Exploiting Flaws in Microsoft's July Security Update]( In all, the company released fixes for a whopping 139 CVEs in its own products and four for non-Microsoft products. LATEST FROM THE EDGE [What Cybersecurity Defense Looks Like for School Districts]( Dark Reading chats with Johnathan Kim, director of technology at the Woodland Hills School District in North Braddock, Penn., about why cybercriminals target schools — and what they can do about it. LATEST FROM DR TECHNOLOGY [Google Targets Passkey Support to High-Risk Execs, Civil Society]( The tech giant has rolled out passkey support for account authentication within its Advanced Protection Program to complement existing compatibility with FIDO2 hardware keys. LATEST FROM DR GLOBAL [Microsoft's Partnership With Middle East AI Firm Under Scrutiny]( The US government worries that Group 42 Holdings, an AI firm based in the United Arab Emirates, could become a backdoor for technology leaks to China. WEBINARS - [Enhance Cloud Security with Cloud-Native Security]( In this webinar, learn how your current cloud security measures may be falling short as you shift to cloud-native, and what new tools and processes you will need to put in place to stay ahead of attackers. - [The CIOs Guide to Enhancing GRC in 2024]( When structured correctly, Governance, Risk, and Compliance (GRC) can enable enterprises to align IT and business goals, while mitigating risks and abiding by industry and government requirements. Effectively manage your resources and unify your enterprise by utilizing emerging technology that ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [2023 OT Cybersecurity Year in Review]( - [OT Cybersecurity Glossary & Quick Start Guide]( - [Tracking the Untrackable: Taking a Proactive Approach to Emerging Risks]( - [IT Risk & Compliance Platforms: A Buyer's Guide]( - [Data Protection Essentials: Proactive PII Leak Prevention and Data Mapping for GDPR]( - [2024 InformationWeek US IT Salary Report]( - [Leveling Up Cyber-Threat Intelligence Maturity for More Value and Better Insights]( [View More White Papers >>]( FEATURED REPORTS - [2024 InformationWeek US IT Salary Report]( - [Elastic named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022]( - [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=124492&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_07.11.24&sp_cid=54236&utm_content=DR_NL_Dark%20Reading%20Daily_07.11.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#56 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)