March 15, 2024 at 09:33AM
SecurityWeek’s cybersecurity news roundup compiles noteworthy stories that may have gone unnoticed, offering insights into the cybersecurity landscape. This week’s highlights include CISA’s Ivanti vulnerabilities, new attack techniques targeting Microsoft Configuration Manager, Tuta’s revolutionary quantum-safe encryption for emails, and intense cyberattacks against Russian news site Meduza. Additionally, Zoom, Palo Alto Networks, and Mitel released critical patches, while concerns were raised about Chinese electronic lock backdoors. GitGuardian detected over 12 million secrets on GitHub, and BlackBerry reported one million attacks on the global financial sector.
Based on the meeting notes, here are the key takeaways from this week’s cybersecurity news:
1. CISA, the US cybersecurity agency, was hacked through Ivanti vulnerabilities, impacting systems housing critical chemical sector information.
2. SpecterOps researchers identified new attack techniques for Microsoft Configuration Manager, making it an easy target for attackers.
3. Tuta announced TutaCrypt, a hybrid encryption protocol to protect emails from quantum computer attacks.
4. Russian independent news site Meduza experienced intense cyberattacks, particularly around the time of Alexey Navalny’s death.
5. Several companies, including Zoom, Palo Alto Networks, and Mitel, have released advisories and patches for security issues.
6. US Senator Ron Wyden expressed concerns about potential risks associated with electronic locks made by Chinese companies.
7. GitGuardian detected over 12 million new secrets in public GitHub commits in 2023, raising concerns about the exposure of sensitive information.
8. BlackBerry reported one million attacks on the global financial sector in 120 days, with a 27% increase in novel malware.
These key points provide a comprehensive understanding of the notable cybersecurity developments from this week’s news.