December 22, 2023 at 09:12AM
SecurityWeek releases a weekly cybersecurity roundup with notable stories. This week includes Ukrainian hackers targeting a Russian water utility, a former security engineer admitting to cryptocurrency exchange hacks, patches from Apple and Adobe, and various vulnerability and fraud reports. Additionally, Google shut down thousands of YouTube channels linked to influence campaigns. Cisco published a report on the spyware vendor Intellexa and CISA finalized its Microsoft 365 secure configuration guidance.
Here are the key takeaways from this week’s meeting notes:
1. Ukrainian hackers targeted a major Russian water utility in retaliation for a recent Russian attack on a mobile network operator. The hackers claimed to have disrupted operations and stolen documents, but there were no reports of the water supply being affected.
2. A former security engineer, Shakeeb Ahmed, admitted to hacking two decentralized cryptocurrency exchanges and stealing over $12 million worth of cryptocurrency.
3. Apple and Adobe released patches for vulnerabilities in macOS and Adobe Experience Manager Forms respectively.
4. Hundreds of TeamCity instances are vulnerable to attacks exploiting CVE-2023-42793, with the Russian cyberespionage group APT29 exploiting the vulnerability on a large scale.
5. An unpatched vulnerability affecting GWT, a popular open source web application framework, remains unresolved eight years after its discovery.
6. Bugcrowd updated its Vulnerability Rating Taxonomy (VRT) to define how AI vulnerabilities in Large Language Models (LLMs) are handled.
7. The payment fraud underground is showing signs of recovery following Russia’s crackdown on domestic cybercriminals and its invasion of Ukraine, as reported by Recorded Future.
8. Google has terminated thousands of YouTube channels as part of investigations into influence campaigns linked to China, Russia, and Iran.
9. Cisco published a report detailing Intellexa, an intelligence agency-grade spyware vendor, and its Alien/Predator line of implants.
10. US cybersecurity agency CISA finalized its Microsoft 365 Secure Configuration Baselines guidance, aimed at helping organizations improve the security of their M365 services.
The meeting notes also mentioned related news, including fake lockdown mode, new RAT, AI jailbreak, Ukraine hacks Russia, and other cybersecurity developments.