July 26, 2024 at 07:03AM
In this week’s cybersecurity news roundup:
1. Three NoName057(16) hackers arrested in Spain for DDoS attacks.
2. Fractal ID data breach compromises 6,300 user data.
3. Oracle settles $115 million lawsuit regarding personal information collection.
4. Leidos internal documents leaked by hackers.
5. AI increasingly used in malware campaigns.
6. FBI Cyber Action Team aids in cyberattack responses.
7. Nigerian cybercriminal sentenced to 12 years in the US.
8. New PlugX RAT campaign and law enforcement action.
9. Microsoft patches critical GroupMe vulnerabilities.
10. ConfusedFunction vulnerability in Google Cloud disclosed by Tenable.
Based on the meeting notes provided, I have generated the following clear takeaways of this week’s cybersecurity news roundup:
1. Arrests of NoName057(16) Hackers in Spain: Three individuals believed to be part of a pro-Russian hacker group specializing in DDoS attacks, NoName057(16), have been arrested in Spain. The group is known for its attacks against governments and critical infrastructure.
2. Fractal ID Data Breach: Web3 identity solutions provider Fractal ID experienced a data breach in which a threat actor managed to exfiltrate data belonging to 6,300 users, representing less than 1% of its user base, after compromising credentials for an operator account with admin privileges.
3. Oracle’s $115 Million Privacy Settlement: Oracle has agreed to pay a $115 million settlement in response to a lawsuit accusing the company of collecting personal information and selling it to marketers. The software giant has denied any wrongdoing.
4. Leidos Documents Leaked: Internal documents belonging to Leidos, one of the largest IT services providers to the US government, were leaked by hackers. The documents were obtained from third-party vendor Diligent Corp, which blamed the leak on a 2022 incident involving a subsidiary.
5. AI in Malware Campaigns: Symantec has reported that AI is increasingly being used to generate code for malware campaigns. Scripts used to deliver malware in recent campaigns, such as Rhadamanthys, NetSupport, CleanUpLoader, ModiLoader, LokiBot, and Dunihi, were generated using LLMs.
6. FBI Cyber Action Team: The FBI has highlighted its Cyber Action Team, which can be deployed worldwide within hours to help critical infrastructure organizations respond to cyberattacks and other threats. Established in 2005, the team comprises roughly 65 members with expertise in various fields.
7. Nigerian Cybercriminal Sentenced: A 42-year-old Nigerian man has been sentenced to 12 years and 7 months in federal prison for his role in a cybercrime scheme that involved purchasing credentials and personal information from a dark web marketplace and using it to make fraudulent money transfers from several victims.
8. PlugX Campaign and Law Enforcement Action: MDR firm Ontinue has shared details on a new PlugX RAT campaign that leverages the Steam gaming platform to expand its reach to civilian users. Additionally, French police delivered a self-destruct payload to infected devices.
9. Microsoft Patches GroupMe Vulnerabilities: Microsoft has patched two critical privilege escalation vulnerabilities in its GroupMe mobile group messaging app. The tech giant urged transparency in disclosing the flaws but assured that users do not need to take any action.
10. ConfusedFunction Vulnerability in Google Cloud: Tenable has disclosed the details of ConfusedFunction, a privilege escalation vulnerability affecting Google Cloud’s Cloud Functions serverless execution environment. Upon notification, Google has taken steps to prevent potential exploitation.
I hope these takeaways accurately summarize the important cybersecurity developments from this week’s news roundup. Let me know if you need further details on any specific story.