Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

In Other News: Crypto Exchange Hack Guilty Plea, Rating AI Vulnerabilities, Intellexa Spyware 

Noteworthy stories that might have slipped under the radar: Cryptocurrency exchange hacker pleads guilty, rating LLM vulnerabilities, Intellexa spyware analysis.

Cybersecurity News tidbits

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories:  

Ukrainian hackers target major Russian water utility 

In revenge for the recent Russian attack on Kyivstar, Ukraine’s largest mobile network operator, Ukrainian hackers claim to have launched an attack on Rosvodokanal, the largest private water utility in Russia. The hackers claim to have stolen documents, encrypted 6,000 computers, and deleted 50 Tb of data, disrupting operations. Rosvodokanal is responsible for providing water to millions of consumers, but there do not appear to be any reports of the water supply being impacted by the attack. 

Former security engineer admits hacking two cryptocurrency exchanges

The US Justice Department announced that Shakeeb Ahmed has pleaded guilty to hacking two decentralized cryptocurrency exchanges, stealing over $12 million worth of cryptocurrency. The attacks were carried out in 2022 and targeted Nirvana Finance and Crema Finance. The DOJ described Ahmed as a former security engineer at an international technology company, which appears to be Amazon

Advertisement. Scroll to continue reading.

Apple and Adobe patches

Apple and Adobe have each released patches for a single vulnerability. Apple released macOS Sonoma 14.2.1 to address a WindowServer issue that involved content being unintentionally exposed when users shared their screen. Adobe released an Experience Manager Forms update to address an Apache Struts vulnerability that has been exploited in the wild

Hundreds of TeamCity instances still vulnerable to attacks

Hundreds of TeamCity instances are vulnerable to attacks exploiting CVE-2023-42793, according to Censys. The Russian cyberespionage group known as APT29 has been exploiting the vulnerability on a large scale since September 2023, according to government agencies.

GWT vulnerability remains unpatched 8 years after discovery

A potentially serious vulnerability affecting GWT, a popular open source web application framework, remains unpatched eight years after it was discovered, according to Bishop Fox. The flaw can expose application owners to unauthenticated server-side code execution. There have been several discussions on the security hole since 2015, but it still has not been fixed. Bishop Fox has published a blog post describing how the vulnerability can be exploited and how developers can check if their GWT-based application is affected. 

AI vulnerability rating taxonomy for LLMs

Bug bounty platform Bugcrowd has updated its Vulnerability Rating Taxonomy (VRT) to define how AI vulnerabilities in Large Language Models (LLMs) are classified, reported, and prioritized on its platform in an effort to enable hackers and customers to have a shared understanding of how these types of flaws are handled. 

Payment fraud underground shows signs of recovery 

Recorded Future has published its 2023 Payment Fraud report, which reveals that the payment fraud underground is showing signs of recovery following Russia’s crackdown on domestic cybercriminals and its invasion of Ukraine. The report also shows that the volume of stolen payment cards on carding shops has started to rebound. A total of 119 million cards were offered for sale, with a median fraud charge of $79. 

Google shuts down thousands of YouTube channels 

Google has terminated thousands of YouTube channels as part of investigations into influence campaigns linked to China, Russia, and Iran. Ads accounts, domains, and other resources linked to these campaigns were also blocked. Hundreds of YouTube accounts linked to campaigns in Turkey, Azerbaijan, Ethiopia, and Sudan also got the ax. 

Intellexa and its Alien/Predator spyware products

Cisco has published a new report detailing the evolution of Intellexa, ‘an intelligence agency-grade spyware vendor’ that emerged from the ashes of Cytrox, after it was bought. The report also dives into the vendor’s Alien/Predator line of implants, which were found to persist device reboots. 

CISA finalizes Microsoft 365 secure configuration guidance

US cybersecurity agency CISA announced that the final version of its Microsoft 365 Secure Configuration Baselines guidance, which includes input from a public comment period, is now available to the public. The guidance, which aims to help organizations improve the security and resilience of their M365 services, is accompanied by an updated SCuBAGear tool, enabling interested parties to assess their M365 services against CISA’s baselines. 

Related: In Other News: Fake Lockdown Mode, New Linux RAT, AI Jailbreak, Country’s DNS Hijacked

Related: In Other News: Ukraine Hacks Russia, CVE for Water ICS Attacks, New Intel Xeon CPUs 

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.