CyberWeekly 01' Dec | Issue #13
Cyberattack, Wi-Fi hack, Avast driver, BYOVD malware, DEF CON volunteers, Meta lawsuit, Microsoft 365 outage, Cambridge Analytica, zero trust, endpoint security
TL;DR: Russian hackers leveraged unsecured nearby Wi-Fi to breach networks, bypassing MFA protections. Another campaign exploited an old Avast driver to disable endpoint security tools through a BYOVD attack. DEF CON volunteers teamed up with U.S. water utilities to strengthen cybersecurity for under-resourced critical infrastructure. Meanwhile, SCOTUS allowed a class-action lawsuit against Meta to proceed, stemming from the Cambridge Analytica data scandal. Lastly, a Microsoft 365 outage disrupted services like Teams, Exchange, and SharePoint, prompting calls for stronger contingency planning and SLA reviews.
Hackers Exploit Nearby Wi-Fi in “Nearest Neighbor Attack”
Russian APT28 executed a sophisticated “Nearest Neighbor Attack” by breaching poorly secured nearby Wi-Fi networks to gain access to a target organization. Attackers used credential stuffing to exploit overlapping credentials between neighboring and target networks. Even though MFA protected the target’s web services, the absence of MFA on the Wi-Fi network created a fatal loophole. Once inside, the attackers had unrestricted access, bypassing conventional defenses.
To mitigate such threats, experts recommend using MFA or certificate-based authentication for Wi-Fi, segregating Wi-Fi from Ethernet access, and deploying robust monitoring tools to detect rogue devices. This attack highlights the urgent need to secure network perimeters and adopt a zero-trust approach to ensure no entry point is left vulnerable.
Hackers Abuse Avast Driver to Hijack Systems
Researchers at Trellix uncovered a campaign exploiting an outdated Avast anti-rootkit driver to disable defenses and gain complete system control. The attack, categorized as a Bring Your Own Vulnerable Driver (BYOVD) incident, allows malware to terminate security processes and bypass protective software using a kernel-mode driver. A hardcoded list of processes from 142 major vendors was embedded to disable critical protections.
Organizations can defend against such attacks by blocking outdated driver installations using allow/deny lists and deploying tools like Hypervisor-Protected Code Integrity (HVCI). This incident reinforces the importance of strict endpoint security policies and proactive vulnerability management to prevent exploitation of trusted software.
DEF CON Volunteers Fortify U.S. Water Systems
DEF CON’s Franklin Project has mobilized ethical hackers to secure vulnerable water utilities amid rising infrastructure cyberattacks. Volunteers have partnered with six water systems in Indiana, Oregon, Utah, and Vermont to identify weaknesses and implement defensive measures. These efforts come as smaller utilities, often lacking cybersecurity resources, remain highly exposed to attacks.
The project also aims to craft a “Hackers’ Almanack,” consolidating key cybersecurity strategies for critical infrastructure. However, long-term security remains a concern, as utilities must sustain improvements after volunteer assistance ends. This initiative underscores the critical role of public-private collaboration in defending essential services.
SCOTUS Greenlights Meta Class Action Over Data Scandal
Meta is facing a multibillion-dollar securities fraud lawsuit over its handling of the 2018 Cambridge Analytica scandal. The Supreme Court rejected Meta’s bid to block the case, allowing shareholders to pursue claims that the company misled investors about the breach’s risks, causing stock prices to tumble. This follows previous settlements, including a $725 million payout to users and a $5 billion FTC fine.
The lawsuit highlights the legal and financial risks of mishandling consumer data and underscores the need for transparency in corporate risk reporting. Companies managing user data must prioritize security, not only to protect consumers but also to avoid severe shareholder backlash.
Microsoft 365 Outage Disrupts Businesses Globally
A Microsoft 365 outage on November 25 disrupted key services like Exchange, Teams, and SharePoint, leaving businesses scrambling for hours. Microsoft traced the issue to a server overload caused by a recent configuration change, rolling out fixes incrementally throughout the day. While services began recovering by evening, the outage highlighted vulnerabilities in critical cloud systems.
Organizations relying on Microsoft 365 should review service-level agreements (SLAs) to ensure compensation for such disruptions and develop contingency plans to maintain operations during future outages. The incident serves as a stark reminder to balance cloud dependence with resilient IT strategies.
Liked this post or want to chat about cybersecurity? Have suggestions? Reach out to the
Sponsored
https://guidedhacking.com/threads/where-to-learn-game-hacking.17524/
Learning game hacking is not a simple task. As you already know, game hacking consists of multiple skills, including programming, reverse engineering, and analytical thinking, which you have to master in order to be successful in it. In the past, there were no tutorials that you could learn from; you had to learn everything by yourself without anyone giving you any pointers as to where to continue next. Fortunately, here at GuidedHacking we have created the foundation, which became the best place to start learning game hacking!
Without the community partners, hacklido wouldn't be where it is now, So we would like to thank them.
If you wish to Sponsor / Partner with hacklido and get benefitted? Reach out to us via email@hacklido.com / discord / telegram group / Author’s LinkedIn to discuss with us!