Cyber Outlook Rundown 12/15/22

A Cybersecurity briefing on noteworthy Cyber Attacks, Vulnerabilities, and InfoSec news.

Noteworthy Cyber Attacks Reported

The FBI’s Cybersecurity Program for Critical Infrastructure was hacked, leaking a database of more than 80,000 contacts, including elite cybersecurity professionals, and is now being sold on the dark web. https://gizmodo.com/fbi-infragard-cybersecurity-hack-critical-infrastructur-1849893073?&web_view=true

The NSA, CISA, and the Office of the Director of National Intelligence (ODNI), published Potential Threats to 5G Network Slicing. This guidance presents the benefits and risks associated with 5G network slicing. It also provides mitigation strategies that address potential threats to 5G network slicing. https://www.cisa.gov/uscert/ncas/current-activity/2022/12/13/nsa-cisa-and-odni-release-guidance-potential-threats-5g-network
A new malware campaign based on the Flutter app framework was discovered. MoneyMonger collects critical and personal data on unsuspecting victims, uploading the stolen information to its server, including installed apps, GPS locations, SMS, contact information, device information, metadata of images, and more. This stolen information is then used by malicious actors to blackmail and threaten the victims into paying excessively high-interest rates. This can be found in apps distributed through third-party app stores. https://www.zimperium.com/blog/moneymonger-predatory-loan-scam-campaigns-move-to-flutter/
Talos has witnessed attackers deploying a relatively new HTML smuggling technique to hide malicious scripts using Scalable Vector Graphics (SVG) images. They can be embeded in attachments or links. HTML smuggling can bypass traditional network defenses, so it is critical to deploy endpoint protection and train users on how to spot these. https://blog.talosintelligence.com/html-smugglers-turn-to-svg-images/

New research by Cybernews shows an exponential rise of internet-facing cameras. After reviewing the most popular manufacturers, researchers found 3.5 million IP cameras exposed to the internet, signifying an 8x increase since 2021. Some of the most popular brands don’t enforce a strong password policy, meaning anyone can easily crack these to peer into unknowing owners’ lives. - Companies need to do a better job at forcing consumers to setup minimum security best practices before enabling the device. There is a lot of pressure on all IoT manufacturers to improve this. https://cybernews.com/security/millions-ip-cameras-exposed/
Dozens of cybersecurity efforts included the US National Defense Authorization Act for 2023 including increased funding of more than $44 million for the US Cyber Command’s hunt-forward (threat hunting) operations. https://www.csoonline.com/article/3683469/dozens-of-cybersecurity-efforts-included-in-this-year-s-us-ndaa.html
Microsoft’s EU data boundary plan, taking effect on January 1, 2023, covers Microsoft products and services such as Azure, Power BI, Dynamics 365 and Office 365, will now allow customers to store and process their customer data within the EU, which was previously a challenge due to GDPR requirements and restrictions. https://www.computerworld.com/article/3683291/microsofts-eu-data-boundary-plan-to-take-effect-jan-1.html