Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

In Other News: Google Flaw Exploited, 3D Printers Hacked, WhatsApp Gets NSO Spyware

Noteworthy stories that might have slipped under the radar: Unpatched Google vulnerability exploited, 3D printers hacked by white hats, WhatsApp will get NSO spyware. 

Cybersecurity News tidbits

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories:  

Apple outlines EU user security and privacy efforts

Apple has published a 32-page document describing its efforts to protect user security and privacy in the European Union to comply with the Digital Markets Act (DMA). In an upcoming iOS update, Apple is implementing app notarization, app installation sheets, marketplace developer authorization, and additional malware protections.

macOS API bug could allow malware to go undetected

Patrick Wardle, a researcher specializing in Apple security, has found a macOS API bug related to scanning binaries for malicious code. The bug could allow malware to avoid being scanned.

Advertisement. Scroll to continue reading.

Intel patched 353 vulnerabilities in 2023

Intel’s 2023 Product Security Report reveals that the company patched 353 vulnerabilities last year. Unlike the previous year, when it announced paying out nearly $1 million in bug bounties, Intel did not make any bug bounty amounts public in the 2023 report.

CISA resource guide for university cybersecurity clinics 

CISA has published a resource guide for university cybersecurity clinics, which train students to strengthen the cyber defenses of under-resourced organizations such as nonprofits, hospitals, small businesses and municipalities. These clinics can help address the cyber workforce gap. 

NSO ordered to hand over spyware to WhatsApp 

In the lawsuit filed by WhatsApp against Israeli spyware maker NSO Group, a court has ordered NSO to hand over spyware used against WhatsApp customers, as well as information on its functionality. The spyware vendor will not have to name any of its clients or provide information on its server architecture. 

China to boost data security in industrial sector

China’s Ministry of Industry and Information Technology has unveiled a three-year plan to boost the protection of data belonging to organizations in the industrial sector. The government has outlined 11 tasks related to protecting data, regulating data security, and supporting the data security industry. Mirroring the West, China is working on replacing hardware and software made by Western companies with local alternatives, partly due to hacking concerns

Malware found on PCs made by Chinese firm Acemagic

Various pieces of malware were discovered recently on new PCs shipped by Chinese company Acemagic. The firm has confirmed reports of malware being found on its products, but its explanation related to boot time improvements, source code changes, and digital certificates is confusing. Impacted device owners will allegedly be refunded. 

Anycubic 3D printers hacked

Many owners of Anycubic 3D printers reported that their devices had been hacked to display a message informing them about a critical vulnerability. The message may have been sent to millions of printers. The vendor said it was investigating the issue. 

Calendar meeting links spread Mac malware

Brian Krebs has a story on Calendly meeting links being used to deliver malware to macOS systems. Krebs learned about the attacks from someone in the cryptocurrency industry. Previous reports described similar attacks linked to North Korean threat actors. 

Google open redirect vulnerability exploited in the wild

A researcher has disclosed the details of an actively exploited open redirect vulnerability impacting a Google domain. The domain in question is associated with Google Web Light, which the tech giant retired in late 2022. However, some functionality is still active and it has reportedly been abused for phishing attacks. Google’s bug bounty program does not cover open redirect vulnerabilities and the flaw reportedly remains unpatched.

New Silver SAML attack technique

Semperis has disclosed the details of Silver SAML, a new technique that enables the exploitation of SAML to launch attacks against applications such as Salesforce. There is no evidence of malicious exploitation and the risk to most organizations is moderate, but a similar technique, Golden SAML, was exploited in the 2020 SolarWinds attack, and Silver SAML could pose a severe risk for some organizations. 

Related: In Other News: Spyware Vendor Shutdown, Freenom-Meta Settlement, 232 Threat Groups

Related: In Other News: US Hacks Iranian Spy Ship, Rhysida Ransomware Decryption, NIST Guidance

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Cody Barrow has been appointed the new CEO of threat intelligence company EclecticIQ.

Shay Mowlem has been named CMO of runtime and application security company Contrast Security.

Attack detection firm Vectra AI has appointed Jeff Reed to the newly created role of Chief Product Officer.

More People On The Move

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks.