SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
DOGE website hacked
The website set up by Elon Musk’s controversial Department of Government Efficiency (DOGE) on the domain doge.gov was found to be plagued by serious vulnerabilities shortly after it was launched. Some hackers found ways to push arbitrary content to the website and posted messages such as “THESE ‘EXPERTS’ LEFT THEIR DATABASE OPEN”, according to 404 Media.
Website credit card stealer disguised in image tag
A credit card stealer malware deployed by a MageCart group on a Magento-powered ecommerce website was hidden inside an <img> tag, which made it easy to overlook, according to Sucuri, whose researchers analyzed the attack.
Infostealers infected devices of US government and defense contractors
Information-stealer malware has infected devices of the US government and major defense contractors, according to an analysis by Hudson Rock. The company has found evidence that infostealers have taken data from devices belonging to contractors such as Lockheed Martin, Boeing, and Honeywell , US Army and Navy personnel, and the FBI. Sensitive data stolen from these systems can be acquired by anyone for as little as $10.
US Army soldier arrested for AT&T and Verizon hacks pleads guilty
US soldier Cameron John Wagenius, arrested and charged recently over AT&T and Verizon hacking, has pleaded guilty to two counts of unlawful transfer of confidential phone records information, and faces up to 10 years of prison for each count. He was recently also linked to the Snowflake hack.
SEC launches new cyber unit
The SEC has announced the launch of a new unit called the Cyber and Emerging Technologies Unit (CETU), which focuses on combating cyber-related misconduct and protecting investors from bad actors. Roughly 30 fraud specialists and attorneys across multiple SEC offices are members of the CETU, which replaces the Crypto Assets and Cyber Unit.
Black Basta chat logs leaked
Chat logs belonging to the notorious Black Basta ransomware group have been leaked amid reports that the gang is falling apart due to internal conflicts. The leaked chats expose information on the group’s members, as well as their tools.
Genea cyberattack
Australian IVF giant Genea has launched an investigation after detecting a cyberattack. The attackers are believed to have accessed data and the extent of the breach is being assessed. Some systems and servers were taken offline, which could suggest that Genea was targeted in a ransomware attack, but no known ransomware group has taken credit for the attack as of February 21.
Zhong Stealer targets cryptocurrency and fintech sectors
An information-stealer malware named Zhong Stealer has been used in a campaign targeting the cryptocurrency and fintech sectors, according to an analysis conducted by Any.run. The attackers targeted chat support platforms such as Zendesk and posed as customers to trick support agents into downloading the malware.
Code security open source tools from Apiiro
Apiiro has released two open source tools designed to help security and engineering teams detect and prevent malicious code in the development lifecycle. One of the tools is a malicious code detection ruleset for Semgrep, and the other, PRevent, is an app for scanning pull request events for suspicious code.
Related: In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool
Related: In Other News: Cybersecurity Salaries, NanoLock Collapse, NSO Transparency Report
