Connect with us

Hi, what are you looking for?


Data Breaches

In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android 

Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 24, 2023.

Cybersecurity news roundup

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories:  

IBM says average cost of data breach reached $4.45 million

IBM has published its 2023 Cost of a Data Breach Report. The tech giant says the global average cost of a data breach reached a record $4.45 million in 2023, with detection and escalation costs increasing 42% over the past three years.

CISA releases Risk and Vulnerability Assessment report for 2022

Advertisement. Scroll to continue reading.

CISA has released its Risk and Vulnerability Assessment report for fiscal year 2022 (PDF), concluding that threat actors still often rely on phishing and default credentials to conduct successful cyberattacks. The data comes from assessments conducted by the agency at various government and critical infrastructure organizations. 

Vulnerability in D-Link Wi-Fi USB adapter 

Users have been informed that the software driver for the D-Link DWA-117 AC600 MU-MIMO Wi-Fi USB adapter is affected by a vulnerability that can be exploited for local privilege escalation. D-Link has released a patch that should address the flaw. 

Vulnerabilities found in the Ninja Forms WordPress plugin

WordPress security firm Patchstack warns that the Ninja Forms plugin, which has over 900,000 active installations, is affected by several vulnerabilities, including ones that can allow unauthenticated attackers to obtain sensitive information and achieve privilege escalation on a targeted WordPress website. 

Jenkins security updates

Developers of the popular open source automation server Jenkins have patched several vulnerabilities, including a high-severity XSS flaw that can allow an attacker to control build log contents. 

Russian hackers target diplomatic entities with GraphicalProton malware

Starting in January 2023, Russia-linked APT actor BlueBravo (also tracked as APT29 and Midnight Blizzard) has been observed using three new malware families in attacks targeting diplomatic and foreign policy institutions in Eastern Europe. Recorded Future provides a technical analysis (PDF) of the malware — called GraphicalNeutrino, QuarterRig, and GraphicalProton — and of the tactics, techniques, and procedures (TTPs) used in the observed attacks.

North Korean hackers compromise JumpCloud customer 

Mandiant has provided technical details on the compromise of a US-based software solutions provider as result of the recent JumpCloud cyberattack. Highly-targeted, the sophisticated attack led to the compromise of five JumpCloud customers. Mandiant attributes the attack to UNC4899, a North Korean threat actor focused on cryptocurrency theft.

Google rolls out unknown tracker alerts on Android

Google has started rolling out unknown tracker alerts on Android, a new way to protect users from unwanted Bluetooth tracking. Users will be notified when an unknown Bluetooth tracker separated from its owner is traveling with them and will have the option to learn more on the respective tracker. Users will also be able to manually scan their surroundings for trackers.

Adaptive Shield receives $10 million in funding

SaaS applications security provider Adaptive Shield has received $10 million in funding from Blackstone Innovations Investments, which brings the total investment in the company to $44 million. The new funding will help Adaptive Shield continue expansion and keep up with emerging threats. 

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...