January 12, 2024 at 09:46AM
A weekly cybersecurity roundup by SecurityWeek provides a concise compilation of noteworthy stories often overlooked. This week’s round-up includes the WEF’s cybersecurity report, a kyber vulnerability, a self-spreading botnet, Iranian APT attacking Albania, North Korean crypto theft, a new cybersecurity institute, disclosures of vulnerabilities, reports from Cloudflare, and patches for various products. Additionally, vulnerabilities in medical devices, smart home products, and IT management software were identified.
From the meeting notes, I have summarized the key takeaways as follows:
1. WEF Cybersecurity Report Findings:
– The Global Cybersecurity Outlook 2024 report by the WEF emphasizes the importance of resilience and public/private sector cooperation in cybersecurity.
– AI is perceived to be disruptive both in attack and defense, with predictions of AI-assisted disinformation campaigns during the 2024 elections.
– The report highlights the increasing regulatory landscape and the impact of these regulations on cybersecurity implementation, a view not universally accepted.
2. KyberSlash Vulnerability:
– Researchers have identified a timing vulnerability, named KyberSlash, in Kyber, a NIST PQC candidate, which could enable attackers to recover the private key.
3. NoaBot Botnet:
– A self-spreading Mirai-based botnet known as NoaBot has been actively infecting devices for a crypto-mining campaign, with features including a SSH key backdoor and potential use in DDoS attacks.
4. Iranian APT Wiper Attack:
– An Iran-linked APT has targeted Albania with ransomware and destructive attacks, emphasizing the potential threat posed by such campaigns to other countries.
5. North Korean Cryptocurrency Theft:
– North Korean hackers have reportedly stolen over $600 million in cryptocurrency in 2023, contributing to a significant proportion of funds stolen in crypto-related attacks.
6. Paladin Global Institute Launch:
– Paladin Capital Group has initiated the Paladin Global Institute, with a specific focus on protecting critical infrastructure from cyber threats and promoting online safety through various avenues, including policy recommendations and public-private sector collaboration.
7. ZDI Vulnerability Disclosures:
– Trend Micro’s Zero Day Initiative disclosed over 19,000 vulnerabilities in 2023, with further details available in the company’s recent report.
8. Cloudflare Reports:
– Cloudflare released a DDoS threat report for Q4 2023 and an API Security Report for 2024 based on real traffic data analysis.
9. Security Patches by Major Companies:
– OpenSSL, Chrome, Fortinet, and Juniper have announced security patches for vulnerabilities rated as ‘high severity’ this week.
10. Vulnerabilities in Devices and Software:
– Vulnerabilities have been identified in medical devices, smart home products, and IT management software, highlighting potential security risks in these areas.
Please let me know if you need further details on any of the mentioned points.