August 9, 2024 at 09:30AM
SecurityWeek’s cybersecurity news roundup offers a concise compilation of important stories. This week’s stories include Chinese hackers exploiting an old Windows vulnerability, the creation of a new maturity model for cyber threat intelligence, vulnerabilities in Johnson Controls’ exacqVision, a significant browser vulnerability, findings by CrowdStrike, and more notable updates from the cybersecurity industry.
Based on the meeting notes, the following are the key takeaways from this week’s cybersecurity news:
1. Chinese hacking group APT41 exploited an old Windows vulnerability, which was added to CISA’s Known Exploited Vulnerabilities Catalog.
2. The Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) was introduced as a vendor-agnostic resource by cybersecurity industry leaders to bridge the gap between cyber threat intelligence programs and organizational objectives.
3. Vulnerabilities in Johnson Controls exacqVision were disclosed, potentially allowing hackers to hijack video streams from impacted surveillance cameras.
4. A vulnerability named ‘0.0.0.0 Day’ may enable malicious websites to breach local networks, impacting all major browsers and allowing interaction with software on Linux and macOS systems.
5. CrowdStrike published its 2024 Threat Hunting Report, indicating increases in hands-on-keyboard activity and adversaries exploiting remote monitoring and management tools.
6. Serious vulnerabilities in KnowBe4 products were found by Pen Test Partners, with KnowBe4’s response to the impact being questioned.
7. Interpol recovered over $40 million lost in a Business Email Compromise (BEC) scam, resulting in the arrest of seven suspects.
8. The SEC concluded its investigation into Progress Software over the MOVEit hack without recommending an enforcement action.
9. The ransomware group Royal rebranded as BlackSuit, with demands exceeding $500 million and reaching $60 million for an individual ransom.
10. SOCRadar refuted hacking claims, asserting that its systems were not breached and that the hacker gained access through legitimate means.
11. An exposed token that could have led to a major Python supply chain attack was discovered, but the PyPI security team promptly revoked the token.
12. The US Justice Department charged individuals for helping North Korean IT workers gain remote IT jobs at American and British companies, including cybersecurity firms unwittingly hiring North Korean IT workers.
These takeaways provide a comprehensive overview of the most significant developments in the cybersecurity landscape this week.