February 23, 2024 at 09:27AM
SecurityWeek’s cybersecurity roundup covers noteworthy stories often overlooked. This week’s highlights include a spyware vendor’s shutdown due to Google disclosures, Wyze camera security incident, Chinese 8220 Gang’s cryptomining attacks, Lucifer DDoS botnet targeting Apache tools, PyPI packages sideloading malware, ransomware attack on DC school system, Freenom settling Meta lawsuit, OT environment risk management survey, CrowdStrike’s report on threat actors and victims, US government’s collaboration with Microsoft, and various software patches.
Here are this week’s cybersecurity takeaways:
1. **Variston Shutting Down**: The Spain-based spyware vendor Variston is reportedly shutting down after Google’s disclosures lead to several departures of employees.
2. **Wyze Camera Security Incident**: Wyze informed customers that 13,000 users received unauthorized camera thumbnails, with over 1,500 users being able to view video recordings.
3. **8220 Gang Cryptomining Attacks**: Chinese threat actor 8220 Gang has been observed launching renewed attacks against cloud infrastructure for cryptocurrency mining, utilizing various advanced techniques.
4. **Lucifer DDoS Botnet**: The Lucifer DDoS malware is targeting Apache Hadoop and Apache Druid instances, conducting over 3,000 attacks in the past month.
5. **PyPI Malware**: Two packages in the PyPI package manager were found sideloading malware using typosquatting, as part of a broader campaign abusing the software supply chain.
6. **Ransomware Attack on DC School System**: The Prince George’s County Public Schools suffered a ransomware attack in August 2023, impacting the personal information of close to 100,000 individuals.
7. **Freenom Settles Meta Lawsuit**: Domain name registrar Freenom reached a settlement with Meta over ignoring complaints about phishing websites.
8. **OT Environment Risk Management Survey**: A new survey shows that only half of organizations are effectively mitigating risks and security threats to OT, with many lacking an accurate inventory of OT assets.
9. **CrowdStrike Report**: CrowdStrike’s 2024 Global Threat Report reveals an increase in the number of threat actors and victims, as well as a rise in cloud environment attacks.
10. **US Government and Microsoft Collaboration**: The US government has been working with Microsoft to expand logging capabilities for cyber threat detection and remediation.
11. **Patches**: Autodesk, VMware, and Joomla have released patches for vulnerabilities in AutoCAD, Enhanced Authentication Plug-in, and Joomla, respectively.
Please let me know if there is anything else you need.