SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Three alleged NoName057(16) hackers arrested in Spain
Three individuals believed to be part of NoName057(16), a pro-Russian hacker group specializing in DDoS attacks, have been arrested in Spain. The hacktivist group is known for its attacks against governments and critical infrastructure.
Fractal ID data breach
Web3 identity solutions provider Fractal ID revealed that a threat actor recently managed to exfiltrate data belonging to 6,300 users — representing less than 1% of its user base — after compromising credentials for an operator account that had admin privileges.
Oracle’s $115 million privacy settlement
Oracle has agreed to pay a $115 million settlement in response to a lawsuit accusing the company of collecting personal information and selling it to marketers. The software giant has denied any wrongdoing.
Hackers leak documents of Pentagon IT services provider Leidos
Hackers have leaked internal documents belonging to Leidos, one of the largest IT services providers to the US government, Bloomberg reported. The documents were obtained from third-party vendor Diligent Corp, which blamed the leak on a 2022 incident involving a subsidiary.
AI increasingly used in malware campaigns
AI is increasingly leveraged to generate code used in malware campaigns, according to Symantec. An analysis of scripts used to deliver malware such as Rhadamanthys, NetSupport, CleanUpLoader, ModiLoader, LokiBot, and Dunihi in recent campaigns suggests the scripts were generated using LLMs.
FBI Cyber Action Team
The FBI has published a story on its Cyber Action Team, which can be deployed across the world within hours to help critical infrastructure organizations respond to cyberattacks and other threats. Established in 2005, the FBI Cyber Action Team has roughly 65 members, including special agents, computer scientists, intelligence analysts, and IT specialists.
Nigerian cybercriminal sentenced to 12 years in prison in the US
A 42-year-old Nigerian man, Bamidele Omotosho, has been sentenced by a US court to 12 years and 7 months in federal prison for his role in a cybercrime scheme that involved purchasing credentials and personal information from a dark web marketplace, and using it to make fraudulent money transfers from several victims. The US Justice Department said the scheme caused losses totaling more than $2 million.
New PlugX campaign and action by law enforcement
MDR firm Ontinue has shared details on a new PlugX RAT campaign that leverages the Steam gaming platform in an apparent effort to expand its reach to civilian users. PlugX, which is typically used by Chinese threat actors in espionage campaigns, was recently targeted by French police, which delivered a self-destruct payload to infected devices.
Microsoft patches critical GroupMe vulnerabilities
Microsoft has patched two critical privilege escalation vulnerabilities in its GroupMe mobile group messaging app. Tracked as CVE-2024-38176 and CVE-2024-38164, the flaws allowed an unauthenticated attacker to elevate privileges over a network. The tech giant said the disclosure was made for transparency, but users do not need to take any action.
ConfusedFunction vulnerability in Google Cloud
Tenable has disclosed the details of ConfusedFunction, a privilege escalation vulnerability affecting Google Cloud, specifically the Cloud Functions serverless execution environment. After being notified, Google started taking steps to prevent potential exploitation.
Related: In Other News: Summer Olympics Threats, Funding Soars, Trump Shooter’s Phone Hacked
Related: In Other News: Apple’s Spyware Warning, CDK Global Ransom Payment, Sibanye Cyberattack
