August 30, 2024 at 09:00AM
SecurityWeek’s cybersecurity news roundup offers a concise compilation of significant stories often overlooked. This week’s highlights include Singapore’s updated OT cybersecurity masterplan, the arrest of a Russian accused of laundering cryptocurrency for North Korean hackers, developments in preventing errors in quantum computing, and several cybersecurity threats such as attacks on travel websites and deepfake scam campaigns.
Based on the meeting notes, here are the key takeaways from this week’s cybersecurity news roundup:
1. Singapore’s Cyber Security Agency (CSA) has announced an updated operational technology (OT) cybersecurity masterplan, promoting the adoption of Secure-by-Deployment principles to enhance OT security.
2. A Russian national accused of laundering cryptocurrency for North Korean hackers has been arrested in Argentina, with authorities seizing millions of dollars in assets from his operation.
3. Scientists at the University of California Riverside have developed a new superconductor that could prevent errors in quantum computing by reducing decoherence, offering a promising candidate for scalable and reliable quantum computing components.
4. Analysis of top 10 travel and hospitality websites revealed that increased website traffic during peak seasons coincides with a surge in cyberattacks, highlighting serious vulnerabilities and exposure of internal application servers in these companies.
5. Automotive cybersecurity firms VicOne and Block Harbor announced the Automotive Capture the Flag (CTF) 2024 competition, providing a platform for cybersecurity practitioners to learn and upskill, with over $100,000 in prizes.
6. Legit Security’s analysis identified potential data leakage and vulnerabilities associated with publicly exposed gen-AI development services, specifically vector databases and LLM tools.
7. A Mirai-based botnet has been infecting AVTECH CCTV cameras by exploiting a zero-day vulnerability, potentially enabling remote code execution, with the botnet targeting multiple other vulnerabilities as well.
8. Palo Alto Networks uncovered over 170 websites promoting scam campaigns that rely on deepfake videos to promote fake investment schemes and government-backed giveaways, potentially exposing millions of individuals in multiple countries to AI-generated deepfakes.
9. Trend Micro reports that a threat actor has been targeting users in the Middle East with sophisticated malware posing as the legitimate Palo Alto GlobalProtect tool, likely delivered via phishing and capable of harvesting system information and executing various commands.
This summary captures the notable developments in cybersecurity for this week.