April 26, 2024 at 08:25AM
SecurityWeek’s cybersecurity news roundup provides concise coverage of significant stories. This week, notable developments include a Chinese government-linked hack of Volkswagen, German police shutting down a DDoS attack service, and the NSA’s updates to the Commercial National Security Algorithm Suite. Other stories cover critical findings in Microsoft products, cybersecurity executive order progress, and more.
Based on the meeting notes, the key takeaways for this week’s cybersecurity news are as follows:
1. China hacked Volkswagen systems and stole valuable data between 2011 and 2014. Volkswagen has since improved the security of its systems.
2. German police shut down the DDoS attack service Stresser.tech, which was seized by the FBI as part of Operation PowerOFF.
3. The NSA released updates to the Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) and urged organizations to ensure their systems are quantum-resistant.
4. Critical Start announced MDR services for operational technology (OT), combining OT-specific threat detection capabilities with existing infrastructure and tools.
5. The US State Department announced visa restrictions for individuals involved in spyware development and sale.
6. A GAO report showed good progress in fulfilling cybersecurity executive order requirements, with 49 out of 55 requirements completed by CISA, NIST, and OMB.
7. BeyondTrust’s report revealed over 1,200 vulnerabilities in Microsoft products last year, with elevation of privilege being the most common type of vulnerability.
8. Kaspersky conducted an analysis of personas and techniques used in an operation to plant a backdoor in the XZ Utils tool.
9. Google delayed third-party cookie deprecation in Chrome and is giving time for a review by the UK’s Competition and Markets Authority.
10. Coalition’s Cyber Claims Report showed an increase in cyberinsurance claims, with emails security incidents and ransomware being significant factors.
11. A Mandiant report highlighted the threats to global elections from state-sponsored actors, hacktivists, cybercriminals, and misinformation distributors.
12. Rubrik started trading on the NYSE, with shares increasing nearly 16% on the first day of trading.
13. Dragos’s Q1 2024 ransomware report showed ransomware remains a significant threat to industrial organizations.
Additionally, related news includes attempts at OSS backdooring, the charging of a botnet operator, and concerns about dam security.