SecurityWeek provides a weekly roundup of cybersecurity news, highlighting important stories that may not receive the attention they deserve. This curated collection covers a range of topics, from vulnerability discoveries to policy changes and industry reports.
One recent story involves a $150 million cryptocurrency heist linked to the 2022 LastPass hack. Federal investigators have connected the theft of assets from Ripple co-founder Chris Larsen to the breach of LastPass, where password vault data was stolen. While LastPass denies a definitive link, other cryptocurrency heists have also been tied to the same incident.
In another development, Espressif, the manufacturer of the ESP32 chip used in millions of IoT devices, disputed claims of a backdoor in its products. Researchers initially warned of security risks posed by a ‘hidden feature’ in the chip, but Espressif clarified that these commands are not accessible remotely and promised updates to address any concerns.
Switzerland has introduced new rules requiring critical infrastructure organizations to report cyberattacks to the National Cyber Security Centre within 24 hours of discovery. This measure aims to improve incident response and enhance the country’s cybersecurity preparedness.
Meanwhile, an Indian APT group known as SideWinder has been targeting maritime and nuclear sectors in South Asia. Kaspersky reported increased interest from the group in these critical infrastructure areas, highlighting the evolving threat landscape faced by organizations in the region.
Additionally, a recent report by credential security company Dashlane revealed that 80% of IT leaders have observed increased phishing volume and sophistication. The study also found concerns about the threat posed by AI to password security, underscoring the ongoing challenges faced in safeguarding sensitive information.
GitGuardian’s report on secrets sprawl in public GitHub repositories noted a significant increase in leaked API keys and passwords, with 70% of secrets leaked in 2022 still active today. This highlights the persistent risks associated with poor security practices and the importance of securing sensitive information.
In a separate incident, Aleksej Besciokov, an alleged co-founder of cryptocurrency exchange Garantex, was arrested in India on charges of facilitating money laundering and sanctions violations. This development followed the seizure of Garantex’s online infrastructure by US authorities, indicating a coordinated effort to target illicit financial activities.
On the vulnerability front, Apache Camel, Moxa, and Palo Alto Networks reported security flaws that could potentially lead to remote code execution, authentication bypass, and other risks. These vulnerabilities underscore the ongoing need for organizations to prioritize cybersecurity measures and address potential weaknesses in their systems.
Finally, CyberArk’s analysis of the MassJacker cryptojacking malware revealed the extent of its impact, with over 750,000 wallet addresses and $300,000 in cryptocurrencies belonging to threat actors. This discovery underscores the pervasive threat posed by cryptojacking and the need for robust cybersecurity defenses to mitigate such risks.
Overall, these stories highlight the diverse and evolving nature of cybersecurity threats faced by organizations and individuals worldwide. By staying informed and implementing proactive security measures, stakeholders can better protect themselves against malicious activities in the digital landscape.