SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
100,000 people affected by CISA breach
The cybersecurity agency CISA told lawmakers that the recent breach involving its Chemical Security Assessment Tool (CSAT) could affect over 100,000 individuals. The incident involved exploitation of an Ivanti product vulnerability. While the incident is ‘major’ based on FISMA’s definition, CISA found no evidence that the hackers actually stole data, and the agency said the incident did not have any operational impact, despite forcing it to shut down some systems.
US House bans use of Microsoft AI Copilot
The US House has banned the use of Microsoft’s Copilot AI chatbot by congressional staffers due to it potentially leaking data to non-approved cloud services. Microsoft is working on a suite of AI tools designed for government use, which the tech giant hopes will address data exposure concerns.
UK nuclear waste site to be prosecuted over cybersecurity failures
The UK’s Office for Nuclear Regulation (ONR) has informed the Sellafield nuclear waste and decommissioning site that it will be prosecuted over alleged IT security offenses that occurred between 2019 and early 2023. The move comes a few months after it was reported that threat actors linked to Russia and China had hacked into Sellafield systems. The ONR said there was no indication that public safety was compromised as a result of the issues.
Lessons learned from electrical grid security exercise
The North American Electric Reliability Corporation (NERC) and the Electricity Information Sharing and Analysis Center (E-ISAC) have published a lessons learned report for GridEx VII, the seventh edition of the biennial exercise focusing on the security of the electrical grid in the United States and Canada. Over 250 organizations took part in the exercise in November 2023.
Law enforcement operation had major impact on LockBit
Trend Micro has published a report detailing the impact of the recent law enforcement operation against the LockBit ransomware. The company’s researchers found that while the group attempted to downplay impact, the law enforcement action significantly affected the cybercrime operation. While the main players may not be out of the picture, it will not be easy for them to create a new operation at the level of LockBit.
CISA providing resources for high-risk communities
CISA has published a dedicated High-Risk Communities webpage providing cybersecurity resources for activists, journalists, human rights defenders, academics, and others who are at heightened risk of being targeted by threat actors due to their identity or work. The resources include cyber hygiene guidance, a repository of local cyber volunteer programs, and free or discounted tools and services.
Microsoft announces public previews for unified security operations platform and new Priva features
Microsoft this week announced the public preview of its unified security operations platform, which brings together SIEM and XDR capabilities, as well as cybersecurity-focused generative AI. The tech giant also announced the expansion of its Priva privacy risk management products. Several new features are now in public preview, including privacy policy assessments, subject rights requests, consent management, tracker scanning, and privacy risk management.
California hospital turning patients away due to cyberattack
The NorthBay VacaValley Hospital in California was forced to turn some patients away due to a cyberattack. The incident reportedly involved ransomware.
VMware, NVIDIA and Rapid7 patches
VMware has patched three vulnerabilities, including two rated ‘high severity’, in its SD-WAN products. The flaws can be exploited for unauthenticated command injection, obtaining sensitive information, and accessing the BIOS configuration.
NVIDIA has published its CUDA Toolkit security bulletin for April 2024, informing customers about patches for three low-severity DoS vulnerabilities.
Rapid7 has patched CVE-2024-0394, a privilege escalation vulnerability in its Minerva Armor product. The high-severity flaw is related to the product’s implementation of an OpenSSL parameter.
Splunk vs Cribl lawsuit
Cribl, the data engine for IT and security, has shared an update on the lawsuit filed by Splunk. Cribl offers solutions that complement Splunk’s products. The company’s co-founder, Clint Sharp, who previously worked at Splunk, was accused of open sourcing an implementation of a proprietary protocol and launching a competing company. Sharp now says the companies are still going to court, but he’s no longer named as a defendant in the lawsuit.
Related: In Other News: Airline Privacy Review, SEC’s SolarWinds Hack Probe, Apple MFA Bombing
Related: In Other News: Google’s PQC Threat Model, Keyboard Sounds Expose Data, AI Roadmap
