Multiple vulnerabilities have been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the user's associated privileges, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
Risk
Remediation Recommendations
References
Verizon has released its Data Breach Investigations Report (DBIR) for 2024, finding that ransomware and related extortion attacks were responsible for 32% of all breaches last year. Additionally, exploitation of vulnerabilities as an initial access point tripled last year compared to 2022, accounting for 14% of breaches. The researchers note, "This spike was driven primarily by the increasing frequency of attacks targeting vulnerabilities on unpatched systems and devices (zero-day vulnerabilities) by ransomware actors. The MOVEit software breach was one of the largest drivers of these cyberattacks, first in the education sector and later spreading to finance and insurance industries.
The report also notes that "[m]ost breaches (68%), whether they include a third party or not, involve a non-malicious human element, which refers to a person making an error or falling prey to a social engineering attack."
UnitedHealth Group CEO Andrew Witty has provided his written testimony for his appearance before Congress on May 2nd, disclosing that the Change Healthcare hackers gained initial access via stolen credentials against a Citrix portal that did not have multifactor authentication enabled, TechCrunch reports. Witty stated, "Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data. Ransomware was deployed nine days later." He added that he made the decision to pay the ransom, and that the threat actors stole "files containing protected health information (PHI) and personally identifiable information (PII), which could cover a substantial proportion of people in America."
On April 23rd, the US Senate passed legislation that would force TikTok's parent company ByteDance to sell the platform or face a ban in the United States, the Associated Press reports. President Biden has since signed the bill. Senate Commerce Committee Chairwoman Maria Cantwell stated, "Congress is not acting to punish ByteDance, TikTok or any other individual company. Congress is acting to prevent foreign adversaries from conducting espionage, surveillance, maligned operations, harming vulnerable Americans, our servicemen and women, and our U.S. government personnel."
JP Morgan has disclosed a data breach that affected more than 451,000 individuals, Cybernews reports. The bank said in a notification to the Maine Attorney General's office that a software issue gave three of its employees access to information they weren't entitled to see, including names, addresses, Social Security numbers, payment and deduction amounts, and in some cases bank routing and account numbers. The company is offering two years of Experian identity theft protection to affected customers, adding that there's been no indication of data misuse so far.