February 4, 2024 at 10:42AM
SecurityWeek’s cybersecurity roundup offers a weekly compilation of significant developments in the cybersecurity landscape. It covers various topics such as Iranian cyber contractors, Ukrainian military targeting, APT group activities, patent infringement cases, funding announcements for Incognia and Oasis Security, warnings about the UN Cybercrime Treaty, patch releases, and the launch of Check Point’s Infinity AI Copilot. Additionally, it highlights a rise in WordPress vulnerabilities.
From the meeting notes, the key takeaways for this week’s cybersecurity roundup are:
1. Iranian state-sponsored threat actors are targeting Western countries through a network of cyber contractors linked to the Islamic Revolutionary Guard Corps (IRGC).
2. Russia-linked APT group Shuckworm is targeting the Ukrainian military with a new PowerShell backdoor called Subtle-Paws as part of the Steady#Ursa campaign, which also involves lateral movement through infected USB drives.
3. Russian state-sponsored APT group Pawn Storm (APT28) has been launching NTLMv2 hash relay attacks for 20 months, targeting government entities and military forces worldwide.
4. UNC4990, a financially motivated threat actor, has been using weaponized USB drives to infect victims with malware for roughly four years.
5. Palo Alto Networks was ordered to pay Centripetal Networks $151.5 million for patent infringement, and Incognia and Oasis Security have announced new funding for their cybersecurity solutions.
6. The UN Cybercrime Treaty in its current form has sparked concern from the Electronic Frontier Foundation (EFF) for endangering human rights and making the cyber ecosystem less secure.
7. Several critical- and high-severity vulnerabilities in Chrome, Mastodon, Splunk, and WordPress have been addressed through patches, and Check Point has unveiled Infinity AI Copilot to automate security tasks.
8. The number of vulnerabilities in WordPress doubled in 2023 compared to 2022, with XSS attacks surging while credential stuffing attacks dropped.
These takeaways provide a comprehensive overview of significant developments in the cybersecurity landscape for the week.