In Other News: Lawsuits And Settlements, Crowdstrike Phish, Mitre’s D3fend 1.0 
Thumbnail
Summary: This week’s cybersecurity news roundup highlights significant developments in the field, including new tools, vulnerabilities, and legal actions involving major companies. Key stories include the launch of MITRE’s D3FEND 1.0, a phishing campaign targeting CrowdStrike, and various lawsuits related to data breaches. The roundup emphasizes the evolving landscape of cyber threats and the ongoing efforts to enhance security measures.

Threat Actor: Phishers | phishers
Victim: CrowdStrike | CrowdStrike

Keypoints :

  • MITRE launched D3FEND 1.0, a standardized cybersecurity ontology.
  • Fake hiring emails from CrowdStrike deliver malware through a phishing campaign.
  • CISA released a report on Cybersecurity Performance Goals and a guide for Microsoft cloud logs.
  • Bishop Fox introduced Raink, an open-source tool for ranking security advisories.
  • The WEF’s 2025 Global Risk Report highlights threats including cyber warfare and misinformation.
  • Claroty disclosed vulnerabilities in industrial switches that could allow remote code execution.
  • Robinhood and Enzo Biochem settled lawsuits related to data breaches.
  • Noyb filed GDPR complaints against Chinese companies for unlawful data transfers.
  • AT&T’s data breach may have exposed FBI call logs, risking informant identities.
  • Booz Allen Ventures invested in quantum hardware firm SEEQC.
  • Microsoft detailed a macOS vulnerability that bypasses System Integrity Protection.
  • Cybersecurity venture investment rose to $11.6 billion in 2024.

Source: https://www.securityweek.com/in-other-news-lawsuits-and-settlements-crowdstrike-phish-mitres-d3fend-1-0/