Trending Topics Cybersecurity – April 2024

In zero-day attacks, cyber criminals exploit previously unknown security vulnerabilities in software before manufacturers can release patches. The term “zero-day” refers to the fact that the software manufacturer has only just learned of the vulnerability and therefore has “zero days” to fix the bug before it becomes an acute problem.

Number of zero-day attacks increased significantly in 2023

Recent investigations by Google show that the number of such attacks increased by around 50 percent last year alone. Another key finding from the report: attackers are increasingly focusing on third-party components and frequently used software libraries. The zero-day vulnerabilities discovered therein affect a large number of organizations across the software supply chain - all potential targets for the attackers' exploits. One of the best-known examples of such vulnerabilities is Log4Shell, a bug in the widely used Java library Log4j, which made headlines at the end of 2022 and is still actively used by attackers today.

Security researchers assume that the threat of zero-day exploits will continue to increase in the future. This is partly due to a growing black market where open vulnerabilities are traded at top prices on the darknet. In addition, the ongoing development of AI solutions threatens to further exacerbate the situation. Even today, GPT-4 only needs to analyze security advisories to create targeted exploits for the affected software.

With this in mind, the use of dynamic protection solutions is key to responding to threats in a flexible and timely manner. For example, with a web application firewall, organisations can protect their online applications from zero-day attacks until the vendor delivers the necessary patches to fix the problem.

The top IT security topics in March:

Every second company sees DDoS as the biggest cyber risk

Companies in Germany are increasingly threatened by cybercrime. According to a recent YouGov survey, almost every second organization considers targeted hacker attacks and DDoS attacks to be the greatest risks.

FISA Section 702: US Senate votes in favor of tighter mass surveillance

The controversial Section 702 of the Foreign Intelligence Surveillance Act (FISA) has been extended for a further two years and made even stricter. The requirements formulated therein for mandatory cooperation with investigative authorities will in future even affect small companies or individuals with access to communications technology.

Ahead of EU elections: Cyber criminals are increasingly targeting politicians and political parties

The German Federal Office for Information Security (BSI) and the Office for the Protection of the Constitution are warning of increased cyberattacks on political actors and parties. “Particularly in light of the upcoming European elections, an increased number of attacks can currently be assumed,” said a BSI spokesperson. Hack-and-leak attacks, in which confidential data is published, are to be expected.

Every second publisher affected by cyberattacks

According to a recent study by KPMG, German media companies are increasingly the target of cyber attacks: Every second publishing house has been a victim in the last 12 months, with almost 40% having suffered at least one successful attack. The consequences are serious – half of the victims suffered operational disruptions and almost a quarter suffered data loss and financial losses.

Attacks on zero-day vulnerabilities increase by 50 percent

According to a recent study by Google, the number of zero-day attacks increased by almost 50 percent in 2023. Zero-day attacks are cyber attacks in which previously unknown security vulnerabilities are exploited before patches are available. The increase in attacks on corporate IT in particular underlines the need for flexible protection solutions.

Cyber attack: French hospital has to postpone operations

Cyber criminals have succeeded in infiltrating the systems of the Simone Veil Clinic in Cannes (CHC-SV). The attack forced the staff to document patient treatments using pen and paper. Due to this and other restrictions resulting from the attack, around 30 percent of all non-urgent cases had to be postponed and individual patients had to be transferred to neighboring hospitals.

Cybercriminals attempted to infiltrate open source tool

Attackers almost succeeded in infiltrating the widely used open source library XZ Utils with malware. During routine maintenance work, software engineer Andres Freund noticed irregularities in the affected library, and further investigation revealed the malicious manipulations. It is not known who is behind the attack - but due to the scale of the attack, it is assumed to be a state actor.

University of Düsseldorf hit by cyber attack again

As was the case last year, Heinrich Heine University Düsseldorf (HHU) has once again been the victim of a cyber attack. This time, the attackers used stolen student accounts to gain access to the e-examination system and two sets of data. In total, information on more than 60,000 students, employees, alumni and guests with access to HHU systems was stolen.

GPT-4 only needs CVEs to exploit vulnerabilities

Research from the University of Illinois Urbana-Champaign (UIUC) shows that advanced AI solutions already have enough information from published CVE (Common Vulnerabilities and Exposures) entries to find and exploit vulnerabilities. This increases the pressure on organizations to fix software vulnerabilities as quickly as possible - attackers may only need a few prompts to successfully infiltrate systems.

Data leaked: UN falls victim to cyber attack

Cyber blackmailers have attacked the systems of the United Nations Development Program (UNDP) and successfully stolen data - including personnel and procurement information. The ransomware group 8Base is believed to be responsible for the attack. However, the UN has not paid a ransom and does not intend to do so in the future.

G7 cyber security expert group simulates attack on the financial sector

23 authorities, ministries and companies from the financial sector took part in the exercise. These included BaFin, the Deutsche Bundesbank and the BMF. The exercise was designed to strengthen the resilience and functionality of the financial sector.

State of Rhineland-Palatinate offers municipalities a free cybersecurity check

The Rhineland-Palatinate state government wants to support local authorities in implementing information security with a free cybersecurity check. The check is being carried out by the Ministry of Digital Affairs. The aim is to determine the level of security in local authorities and provide initial recommendations for action to improve information security.

stresser.tech: Law enforcement authorities shut down illegal DDoS-as-a-Service platform

As part of the international “PowerOFF” operation, investigating authorities have shut down the DDoS-as-a-Service platform stresser.tech, confiscated the domain and dismantled the associated IT infrastructure. Criminals were able to carry out overload attacks via the platform in exchange for payment in cryptocurrencies. One such DDoS attack paralyzed the website of the Saxon police last September.

Palo Alto Networks CSO joins Myra Security Advisory Board

Myra Security gains Sergej Epp for the newly founded Advisory Board. Epp is Chief Security Officer (CSO) of the cyber security provider Palo Alto Networks. In his strategic role on the Myra Security Advisory Board, he advises the company on its further growth.

Bonn professor appointed Federal Data Protection Commissioner

Professor Louisa Specht-Riemenschneider from Bonn is to succeed the current acting incumbent Ulrich Kelber. The 39-year-old is a “proven expert in the field of data protection and legal informatics”, explained FDP Member of Parliament Maximilian Funke-Kaiser.

Munich Re warns of massive losses due to cybercrime

In a recently published report on cybercrime, the reinsurer argues in favor of preventive protective shields. The damage caused by cyber incidents threatens to exceed the capacities of the insurance industry. In particular, the criminal misuse of artificial intelligence is exacerbating the threat situation.