Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Nation-State

In Other News: China’s Undersea Spying, Hotel Spyware, Iran’s Disruptive Attacks

Noteworthy stories that might have slipped under the radar: Chinese repair ships might be spying on undersea communications, spyware found at hotel check-ins, UK not ready for China threat.

Cybersecurity News tidbits

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories: 

Spyware found on check-in systems at US hotels

Consumer-grade spyware has been detected on the check-in systems of several Wyndham hotels across the US, TechCrunch reports. The spyware app, called pcTattletale, stealthily captures screenshots of the hotel booking system. Due to a flaw in the spyware, the screenshots, which contain guest details and customer information, are accessible from the internet to anyone who knows how to look for them.

Cellular network flaw exploited for spying, official warns

Cybersecurity researchers have long warned about the risks associated with the use of the SS7 cellular network protocol. A US official now says a flaw that allows spying has been used many times to track individuals in the US

Advertisement. Scroll to continue reading.

US concerned China targeting undersea cables for spying

US officials are warning telecommunications companies that undersea cables carrying internet traffic across the Pacific Ocean could be vulnerable to tampering by Chinese repair ships, the WSJ reports.

Cybersecurity funding in Q1 2024

The volume of deals dropped in the first quarter of 2024, but the invested capital increased, according to the latest report from cybersecurity venture capital firm and incubator DataTribe.

Incognito Market owner arrested 

The Justice Department announced the arrest of Rui-Siang Lin, aka Pharoah, the alleged operator of the Incognito Marketplace, which sold more than $100 million in illegal narcotics to people around the world. 

NIST releases cybersecurity and privacy report for 2023

NIST has published its annual cybersecurity and privacy report for 2023, which outlines the organization’s involvement in the development of international standards, its research and practical applications, its software and supply chain security accomplishments, its work on IoT guidelines, and its autonomous vehicle projects.

Iranian group’s destructive attacks against Israel

Check Point has published a report detailing the activities of the Iranian threat group Void Manticore against Israel, which include destructive wiper attacks and influence operations. The wiper attacks involve Windows and Linux malware, as well as the manual deletion of files. 

$4 million Energy Department funding for electric co-ops

The National Rural Electric Cooperative Association has been awarded $4 million by the US Department of Energy to launch a project whose goal is to advance the cybersecurity posture of electric co-ops. Organizations will be provided with new tools that will help them with cyberattack detection, response and recovery. 

Secrets leaked by Bitbucket used for unauthorized access to AWS

Mandiant researchers discovered during an investigation into the exposure of AWS secrets that secrets leaked from Atlassian’s Bitbucket tool have been leveraged by threat actors for unauthorized access to AWS.

Former senior White House cyber official to join CISA

Jeff Greene, a former senior White House cyber official and current cybersecurity programs director at the Aspen Institute, will be joining the cybersecurity agency CISA next month. Some believe he will be replacing Eric Goldstein, CISA’s executive assistant director for cybersecurity, who is leaving the organization for a private sector role. However, CISA could not confirm that Greene is replacing Goldstein.

Federal contractors required to implement quantum attack protection

Companies working with the US government may be required to start protecting their data and technology from quantum computing attacks as soon as July, Bloomberg reports. NIST will specify three types of encryption algorithms that can provide protection against quantum attacks.  

UK is not ready for China threat

At the DTX conference in Manchester, Ciaran Martin, former and founding CEO at the UK’s NCSC cybersecurity agency, said, according to The Guardian, “The UK has not paid enough attention to a gamechanging warning from the US that China is planning disruption to key critical infrastructure,” adding, “We should be clear where our red lines are and disruption of civilian infrastructure should be a red line.”

Related: In Other News: MediSecure Hack, Scattered Spider Targeted by FBI, New Wi-Fi Attack

Related: In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Gabriel Agboruche has been named Executive Director of OT and Cybersecurity at Jacobs.

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

More People On The Move

Expert Insights