Author: SecurityWeek

In Other News: Lawsuits and Settlements, CrowdStrike Phish, MITRE’s D3FEND 1.0 
Summary: This week’s cybersecurity news roundup highlights significant developments in the field, including new tools, vulnerabilities, and legal actions involving major companies. Key stories include the launch of MITRE’s D3FEND 1.0, a phishing campaign targeting CrowdStrike, and various lawsuits related to data breaches. The roundup emphasizes the evolving landscape of cyber threats and the ongoing efforts to enhance security measures.…
Read More
Industry Moves for the week of January 13, 2025 – SecurityWeek
Summary: Google has released OSV-SCALIBR, an open-source library for software composition analysis, designed to identify vulnerabilities and manage software inventory. This tool can be utilized as a standalone binary or integrated into Go projects, supporting various operating systems and programming languages. It aims to enhance security by generating software bills of materials (SBOMs) and providing vulnerability scanning capabilities.…
Read More
Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday
Summary: President Joe Biden’s recent executive order aims to enhance U.S. cybersecurity by addressing various critical areas, including software supply chains, encryption, and foreign threats. The order has sparked discussions among cybersecurity professionals regarding its future under the incoming Trump administration. Experts express both optimism and concern about the implications of the order for national security and the cybersecurity landscape.…
Read More
Industry Moves for the week of January 13, 2025 – SecurityWeek
Summary: The US Department of the Treasury’s OFAC has imposed sanctions on individuals and entities linked to a scheme that generates illicit funds for North Korea through fake IT workers. North Korean operatives have been using stolen identities and AI to secure jobs in Western countries, allowing the regime to circumvent sanctions and fund its weapons programs.…
Read More
Industry Moves for the week of January 13, 2025 – SecurityWeek
Summary: Vulnerabilities in the SimpleHelp remote access software can be easily exploited, allowing attackers to compromise both server and client machines. Key issues include a path traversal vulnerability and improper privilege escalation, which could lead to unauthorized access and remote code execution. SimpleHelp has released patches to address these vulnerabilities, urging users to update their installations promptly.…
Read More
Cisco Unveils New AI Application Security Solution
Summary: Cisco has introduced AI Defense, a comprehensive solution aimed at securing the development and usage of AI applications within enterprises. The solution addresses risks associated with third-party AI tools and provides mechanisms for validating and protecting proprietary AI applications. It encompasses features such as access control, visibility into AI app usage, and runtime protection against various threats.…
Read More
Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups
Summary: Microsoft researchers have identified Russian intelligence agency Star Blizzard employing spear-phishing tactics that involve QR codes and WhatsApp group chats to target individuals, particularly those linked to government and defense sectors. The threat actor uses intentionally broken QR codes in emails to lure victims into joining WhatsApp groups, allowing them to access and exfiltrate sensitive information.…
Read More
Industry Moves for the week of January 13, 2025 – SecurityWeek
Summary: Wultra, a Czech startup specializing in authentication solutions, has raised €3 million (~$3.1 million) in seed funding to enhance its post-quantum technology. The company aims to provide secure authentication methods that can withstand future quantum threats, catering primarily to banks and fintech companies. With plans for expansion into Southeast Asia and the opening of a Singapore office, Wultra is positioned to lead in quantum-resistant security solutions.…
Read More
Industry Moves for the week of January 13, 2025 – SecurityWeek
Summary: California-based cannabis brand Stiiizy is alerting 380,000 individuals about a data breach that compromised their personal information through a vendor. The breach, which occurred between October 10 and November 10, involved unauthorized access to sensitive data, including government-issued identification details. Stiiizy is offering affected individuals 12 months of free credit monitoring and fraud assistance following the incident.…
Read More
2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records
Summary: In 2024, over 580 healthcare data breaches were reported, affecting nearly 180 million user records, as analyzed by SecurityWeek from the HHS OCR database. The breaches primarily involved hacking incidents, with significant overlaps in impacted individuals. Major organizations like Change Healthcare and Kaiser Permanente were among those severely affected, highlighting the ongoing cybersecurity challenges in the healthcare sector.…
Read More
Data From 15,000 Fortinet Firewalls Leaked by Hackers
Summary: A hacker group named Belsen Group has leaked data from approximately 15,000 Fortinet firewalls, claiming it is their first official operation. The leaked information includes sensitive data such as IP addresses, passwords, and configurations, likely obtained by exploiting a vulnerability (CVE-2022–40684) back in 2022. Security researcher Kevin Beaumont confirmed the authenticity of the data and warned that it poses ongoing risks to organizations with potentially unpatched devices.…
Read More
Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump
Summary: Jen Easterly, the outgoing head of CISA, expressed hope that the agency will continue its election-related work despite political opposition. She emphasized the importance of supporting state and local election officials and highlighted CISA’s successful efforts in countering foreign influence in elections. Easterly also warned about the increasing threats from foreign adversaries, particularly China, to critical infrastructure.…
Read More
FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers
Summary: The FBI, in collaboration with French law enforcement and cybersecurity firm Sekoia.io, successfully utilized the self-delete feature of the PlugX malware to remove it from over 4,200 infected computers in the U.S. This operation targeted the Mustang Panda group, a hacking organization linked to the Chinese government, which has been using PlugX as a Remote Access Trojan since 2008.…
Read More
DORA’s Deadline Looms: Navigating the EU’s Mandate for Threat Led Penetration Testing
Summary: The International Monetary Fund highlights that the financial sector has suffered significant cyber incidents, prompting the EU to implement the Digital Operational Resilience Act (DORA) by January 2025. DORA mandates financial institutions to adopt rigorous cybersecurity measures, including Threat Led Penetration Testing (TLPT) to assess vulnerabilities.…
Read More
Industry Moves for the week of January 13, 2025 – SecurityWeek
Summary: A vulnerability in Google’s OAuth implementation allows the potential takeover of accounts belonging to former employees of failed startups by purchasing their domains. This could expose sensitive data stored on various SaaS platforms, as the old employee email accounts can be recreated. Truffle Security has identified over 100,000 domains at risk, potentially affecting around 10 million accounts.…
Read More