Buggy CrowdStrike Crash, Dating Apps Vulnerabilities, Ukraine ICS Malware
Are you worried about the increasing hold of threat actors and scammers in our lives? Fret not, because cyber education and awareness are the keys to beating them in their own game. Here we are again, with our weekly dose of cyber news that will inform, educate, and engage you in the most productive way possible.
This week’s highlight is the buggy Crowdstrike update that literally shook the corporate world with its “blue screen of death.” Ukraine is in news again and this time it is because of a novel ICS malware attack on the war-ravaged country’s water heating services. Something as casual as swiping right on online dating apps too, can make you prone to cyberscams.
To know more, keep reading!
CrowdStrike’s buggy update crashed Windows and brought the world to a standstill!
Corporate employees are not yet over last Friday’s Microsoft outage. The “blue screen of death” created a mess across the world. Almost every sector, like aviation, healthcare, banking, hospitality and IT, was affected, resulting in chaos and confusion. A buggy update to CrowdStrike Falcon Sensor was the reason behind this global disruption.
The cybersecurity vendor has acknowledged the outage and held the Memory Scanning prevention policy responsible for the ultimate disarray. The bug wasn’t identified during the testing stages.
CrowdStrike has already reverted the buggy update. However, users in different corners of the world are still experiencing frequent crashes and finding it hard to receive the latest version.
Microsoft, on the other hand, is done with its Microsoft 365 mitigation process and claims that all the affected Microsoft 365 apps have been fully recovered.
George Kurtz, the CEO of CrowdStrike, said that it was just a faulty update and not a cyberattack.
While Mac and Linux systems stayed unaffected by the update, Windows users across the world faced extreme inconvenience.
The outage affected the Paris Olympics as the authorities faced extreme difficulty in uniform deliveries and accreditations.
Swipe right with caution, as online dating apps are making you prone to cyberattacks!
Online dating can lead you straight to threat actors! If you are seeking your soulmate on OKCupid, Tinder, Bumble, Badoo, Grindr or Hinge, then you need to take a step back.
Belgium-based security researchers have discovered that all these dating apps have API vulnerabilities. It is thus convenient for the threat actors to gain access to your personal data as well as exact location.
Two researchers at KU Leuven, a Belgian university, tested the dating apps to find the extent of user data vulnerabilities. The test results have revealed that cyberattackers can easily access sensitive user information beyond the data that is publicly shared on these apps.
In order to find out the extent of damage, the researchers- Le Pochat and Karel Dhondt, simply lurked in the apps like malicious users. They made no attempt to hack the apps and yet got easy access to sensitive user data. Le Pochat said that technical proficiency is enough to crack the traffic that is coming and going out of the app to get some data. The researchers also used the trilateration method to find out the location of other users accurately.
The researchers have got in touch with all the dating app companies and informed them about the privacy concerns and security threats. The apps have confirmed that they have fixed the leaks. However, the Belgian researchers believe that some privacy concerns still exist.
Ukraine is in the news again- this time for a novel ICS malware attack!
Back in Januray 2024, Ukraine faced a severe crisis when an attack disrupted the water heating services, thereby affecting as many as 600 apartments in Lviv. Researchers have now concluded that the disruption was made possible by threat actors. They used a novel, highly dangerous ICS malware, that allows the cybercriminals to interfere with the OT or operational technology directly. They have named it FrostyGoop.
This malware has the capacity to attack any and every ICS system that depends on Modbus for communication. Security experts believe that FrostyGoop attacks can have far-fetched consequences.
The attack targeted the ENCO water heating services in Ukraine, thereby depriving people of basic hot water in sub-zero temperatures. FrostyGoop used Modbus commands to interact with the water heating controllers, which eventually led to system malfunction. Detailed investigation suggests that the attackers managed to gain access to the water heating systems way back in April 2023. It took them multiple attempts and trials to finally lodge the cyberattack and affect the OT through their ICS malware. The attack was so severe that the incident responders were required to work for almost 48 hours to take back the control and set things right.
Keep visiting DMARCReport.com for the latest weekly updates on cybersecurity news.