Cyber4Dev weekly update


Is the AI boom just another gold rush?
Is it too late to invest in NVIDIA? And who will benefit from the AI boom? These are common questions for people looking to jump aboard the AI bandwagon. I turned to an industry expert for help.In the current AI gold rush, NVIDIA is the one “selling the shovels,” said Eric Lynch, Managing Director of Scharf Investments, in a recent interview with Reuters. He compared the AI boom to the 19th-century Gold Rush in the US, where it was actually the shovel makers who made the most money.

Hackers Are the Immune System of the Digital Age
Network defenders must be as fast and innovative as their adversaries and reach out to ethical hackers to help build resilience, according to keynote speaker, Keren Elazari. On the final day of Infosecurity Europe, Elazari argued that cybercrime innovation has accelerated in the ransomware space, thanks to groups like Clop, Conti and LockBit.

The Urgent Need to Enhance Cloud Data Security In 2023
As the digital landscape evolves, cloud computing has become integral to modern business operations. According to an International Data Corporation (IDC) report, global cloud infrastructure spending will likely increase to $118bn by 2025. The prevalence of this technology compels more businesses to realize its potential benefits and invest in it.

Russia plans to stop blocking piracy websites

Russia’s Ministry of Digital Development, likely aware that consumers still want access to Western movies and TV shows that are now mostly banned, is considering unblocking major piracy sites. Russian officials have been calling for the mass distribution of pirated content since March 2023, with the aim of “inflicting maximum damage” on Western companies. Content firms like Netflix and HBO suspended their activities in the country after it invaded Ukraine.


Google tackled the microphone access bug affecting WhatsApp
Google acknowledges the bug and users are urged to update WhatsApp after a privacy issue involving access to the microphone was reported last month. On June 21st, a tweet from Google urged Android users to update their WhatsApp app in order to fix a bug allowing access to the device’s microphone.

Trojanised Super Mario game used to install Windows malware
A trojanised installer for the popular Super Mario 3: Mario Forever game for Windows has been infecting unsuspecting players with multiple malware infections.Super Mario 3: Mario Forever is a free-to-play remake of the classic Nintendo game developed by Buziol Games and released for the Windows platform in 2003.


RedEyes Group Targets Individuals with Wiretapping Malware
The North Korean state-sponsored advanced persistent threat (APT) group RedEyes (also known as APT37, ScarCruft and Reaper) has been observed targeting individuals using wiretapping malware. The campaign was discovered by AhnLab Security Emergency Response Center (ASEC), which described it in an advisory published on Wednesday.

Microsoft Teams bug allows malware delivery from external accounts
Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources. With 280 million monthly active users, Microsoft Teams has been adopted by organizations as a communication and collaboration platform part of the Microsoft 365 cloud-based services.


VMware Patches Code Execution Vulnerabilities in vCenter Server

VMware published software updates to address multiple memory corruption vulnerabilities in vCenter Server that could lead to remote code execution. A total of five security defects were patched in the software’s implementation of the DCERPC protocol, including four that VMware flags as ‘important’, with a CVSS score of 8.1.

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites

Two critical-severity authentication bypass vulnerabilities in WordPress plugins with tens of thousands of installations.  The first security defect, tracked as CVE-2023-2986 (CVSS score of 9.8/10), impacts the Abandoned Cart Lite for WooCommerce, a plugin that notifies customers who did not complete the purchase process, and which has more than 30,000 active installations.

Cyber4Dev collates data from Open-Source websites, any opinions or attributions expressed in the articles are not those of Cyber4Dev and are not endorsed by the project or the EU.