March 8, 2024 at 09:57AM
SecurityWeek’s cybersecurity news roundup offers a concise collection of important stories that may have been overlooked. This week’s highlights include IBM’s launch of a new cyber response training facility, Google’s termination of accounts involved in influence operations, updates on Microsoft’s Secure Future Initiative, and cybersecurity resources released by CISA and the NSA. Other features cover vulnerabilities in font handling, Google AI hacking, and network tunneling with QEMU. Additionally, financial impacts of cyberattacks on Capita and UniCredit’s data breach fine are detailed.
From the provided meeting notes, I have generated the following takeaways:
1. IBM has opened a new X-Force Cyber Range in Washington, DC, to provide custom cyber response training exercises for federal agencies, their suppliers, and critical infrastructure organizations. These simulations can help organizations identify gaps in their incident response plans and gain insight into the mind of threat actors.
2. Google terminated thousands of accounts used for coordinated influence operations, targeting domains, Ads accounts, and YouTube channels linked to China, Indonesia, Kuwait, Turkey, Israel, and Italy.
3. Microsoft’s Secure Future Initiative aims to boost the security of its infrastructure. Steps include passing much of its code through the CodeQL security analysis engine, donating to the Rust and Alpha-Omega projects, and expanding use of its Microsoft Authentication Library (MSAL).
4. CISA and the NSA have released five cybersecurity information sheets focusing on cloud security, covering areas such as identity and access management, key management, network segmentation and encryption, data protection, and managed service provider risk mitigations.
5. The NSA has published guidance on achieving zero trust maturity through the network and environment pillar, providing recommendations on improving security through data flow mapping, macro and micro segmentation, and software-defined networking.
6. Canva researchers identified vulnerabilities related to how fonts are handled, which could allow XXE attacks and arbitrary command execution. These vulnerabilities have been patched.
7. Researchers earned a total of $50,000 for finding and demonstrating vulnerabilities in Google’s Bard AI. The discovered security issues could have led to user data exfiltration, DoS attacks, and access to a targeted user’s uploaded images.
8. Threat actors abused the QEMU machine emulator for network tunneling, bypassing NAT and firewalls to gain access to internal systems. QEMU does not use extra encryption when tunneling traffic and transmits encapsulated packets unencrypted.
9. Capita disclosed net costs of £25 million (~$32 million) related to a cyberattack it experienced in March 2023, which represented professional fees, recovery and remediation costs, and investments in improving its cybersecurity.
10. UniCredit bank has been fined €2.8 million ($3.1 million) by the Italian data protection authority for a 2018 data breach that impacted nearly 780,000 customers.
These takeaways summarize the key developments in the cybersecurity landscape for the week.