Security Spotlight: Navigating the Cybersecurity Landscape and Illuminating the Dark Corners of the Web

WME Cybersecurity Briefings No. 013

CISA Urges Patching of Actively Exploited Linux Kernel Vulnerability


CISA just issued an urgent advisory concerning a newly discovered security flaw in the Linux kernel. The flaw is being actively exploited to affect the netfilter component of the Linux kernel. It poses a big threat due to its potential to escalate local privileges.


CVE-2024-1086: A high-severity vulnerability with a CVSS score of 7.8.

It is a use-after-free bug in the netfilter: nf_tables component. It can allow a local attacker to escalate privileges from a regular user to root arbitrary code. Netfilter is a Linux kernel framework that supports packet filtering and port translation. Its successful exploitation seriously compromises the affected systems.

Another flaw, CVE-2024-24919, in Check Point network gateway security products got a CVSS score of 7.5. It also allows unauthorized access to sensitive info on connected gateways with VPNs or mobile access enabled.


CISA advises all federal agencies/organizations using affected systems to apply patches immediately. Patches should be applied by June 20, 2024. Also, conduct a thorough review of current systems to address any vulnerabilities of Linux kernel and Check Point products.

Widespread Cyber Attack Disables 600,000+ Routers in the U.S.


A cunning cyberattack, “Pumpkin Eclipse” knocked out internet access for hundreds of thousands of Americans in the later part of 2023. It’s a large-scale disruption believed to have been perpetrated by a government-backed group targeting specific router models provided by a major ISP.


Nearly half of the affected routers were permanently disabled. So, it mandates a massive hardware replacement effort. Also, millions of people lost access to the internet as it’s now evident that US critical internet infrastructure has severe weaknesses with a potential for widespread disruption.


Patch it up immediately. Update the firmware on all affected router models to plug the security holes exploited in the attack. That said, ISPs need to be more watchful of their networks to spot/stop these threats before they cause havoc. Also, we all need stronger security measures on our network devices.

Surge in Cyber Attacks Targeting Internet-Exposed OT Devices


Microsoft issues a warning about a sharp rise in cyberattacks targeting critical industrial operational technology (OT) (think power plants, water treatment facilities) directly connected to the internet.

Hackers have messed with control panels in factories to disrupt production. Tensions in the Middle East have led to attacks on Israeli infrastructure by Iranian-backed groups. A nasty piece of malware called Fuxnet is being used to cause serious damage.


Many of these industrial systems haven’t been designed with top-notch security in mind. They might have weak passwords, outdated software, or be directly exposed to the internet, making them easy targets. So, this isn’t just about financial gain. Recent attacks seem linked to geopolitical tensions, with pro-Russia hackers targeting industrial control systems (ICSs) in North America and Europe.


Keep software updated and fix any known security holes. That said, minimize exposure and don’t connect these systems to the internet unless absolutely necessary. If you do, keep them separate from other networks. Trust no one: use advanced security measures to make sure only authorized users can access the systems, even if someone hacks in elsewhere. Disconnect if not needed: If a system doesn’t need internet access, cut it off!

Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting


Cyberattacks have been linked to APT28, a hacking group backed by Russia’s GRU intelligence agency. From April to December 2023, BlueDelta launched a series of remarkably stealthy attacks, targeting European networks for months. They used a cunning approach to avoid detection, masking their malicious activities with everyday online services (think social media platforms) and existing programs on computers (like calculators). This nasty program was deployed in three stages, starting with emails to trick people into clicking malicious links. BlueDelta set up fake web pages resembling legitimate services like Yahoo! and Ukrainian email providers.


European networks are particularly vulnerable, especially those linked to Ukraine. They even used special tools to limit their reach to specific geographic locations. Unsuspecting victims entered their login credentials, giving the attackers access to their accounts. They also spied on Ukraine to gather intelligence on Ukrainian military operations, likely to support Russia’s ongoing aggression. They used a complex chain of seven different online resources to deliver malicious scripts that could carry out further attacks. These scripts were also programmed to avoid detection by security software and only activate in specific locations.


Strengthen your email filtering system to catch phishing attempts. Train your employees to be suspicious of emails that seem too good to be true. Also, use advanced tools to spot unusual network activity. That said, keep your software updated, especially your Windows OS. The latest security patches can block known vulnerabilities.

OpenAI, Meta, and TikTok Crack Down on Covert Influence Campaigns


There’s been a major push by tech giants like OpenAI, Meta, and TikTok to tackle undercover AI-driven OPs to manipulate public opinion. These campaigns are traced back to China, Iran, Israel, and Russia, aimed to sway political conversations with fake online personas.


Action by OpenAI: A Russian operation Bad Grammar that targeted Ukraine, Moldova, the Baltics, and the US with clunky content in both Russian and English, has been countered. They also countered Russia’s notorious Doppelganger Network that had pushed pro-Russian narratives by cooking up multilingual content to influence audiences in Europe/North America. On the other hand, they targeted China’s Spamouflage which had created content across platforms in various languages, spreading propaganda. Suspectedly, Iran’s IUVM has also been pushed back as they translated lengthy articles and headlines for their website. Meta also removed nearly 500 compromised accounts ( STOIC used them) to influence users in Canada and the U.S. TikTok dismantled several covert influence networks from countries including Bangladesh, China, Ecuador, Germany, Guatemala, Indonesia, etc, and exposed Emerald Divide ( an influence campaign targeting Israeli society) among other actions.


Spot AI-generated disinformation by using advanced systems. That said, shore up cybersecurity with regular updates and secure systems to prevent malicious activities. Also, follow CISA guidelines and security practices. Make sure your employees are aware of the tactics used in these influence campaigns and can respond to potential threats.

Windows Management Experts

Now A Microsoft Solutions Partner for:  

  • Data & AI
  • Digital and App Innovation
  • Infrastructure
  • Security

The Solutions Partner badge highlights WME’s excellence and commitment. Microsoft’s thorough evaluation ensures we’re skilled, deliver successful projects, and prioritize security over everything. This positions WME in a global tech community, ready to innovate on the cloud for your evolving business needs.

Microsoft Solutions Partner Logos - Data & AI PNG
Microsoft Solutions Partner Logos - Digital & App Innovation PNG
Microsoft Solutions Partner Logos - Infrastructure PNG
Microsoft Solutions Partner Logos - Security PNG

Why not reach out to us at WME?

Contact us and let us transform your business’s security into a strategic advantage for your business. Be sure, with WME, you’re just beginning a path toward a more streamlined and secure future.

501 Cambria Ave. STE #384,
Bensalem, PA 19020

Phone: (888) 307-0133
Press 1 at the Menu

WME Cybersecurity Briefings 013

Footer - 2023-11-07
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.