Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Artificial Intelligence

In Other News: Linux Kernel Exploits, Update on BEC Losses, Cybersecurity Awareness Act

Cybersecurity news that you may have missed this week: Bug bounties for Linux kernel exploits, Cybersecurity Awareness Act, FBI data on BEC losses. 

Cybersecurity News tidbits

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless crucial for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

By bringing these stories to your attention, we empower you to stay informed, enhance your security posture, and make well-informed decisions to protect your organization.

Here are this week’s stories:

Kaiserslautern University in Germany hit by ransomware

The Kaiserslautern University in Germany is struggling to restore services following a ransomware attack that occurred on June 8. The incident impacted the entire IT infrastructure of the university, and the institution has warned employees and students not to turn on business IT devices, such as laptops or workstations. While the university managed to restore telephone communications, all online services remain unavailable.

GravityRAT spyware targets WhatsApp backups on Android devices

Advertisement. Scroll to continue reading.

ESET reported that a new Android version of the GravityRAT spyware is capable of stealing WhatsApp backup files and receiving commands to delete files. The malware has been delivered using trojanized versions of popular applications.

Strava fitness-tracking app leaks user location

Academics at the North Carolina State University have published a research paper (PDF) demonstrating that attackers can use the heatmap feature of the Strava fitness-tracking application to identify the home address of highly active users in remote areas. An opt-out feature, the heatmap is meant to anonymously aggregate user activities in a single map to help them find active trails and hot spots.

FBI says BEC scam losses surpassed $50 billion

The FBI has updated its report (PDF) on business email compromise and email account compromise (BEC) scams, rounding up estimated losses above the $50 billion mark. In the US, the total number of victims has surpassed 200,000, with reported losses of over $30 billion.

Bishop Fox publishes 2023 State of Offensive Security report

Bishop Fox has published its 2023 The State of Offensive Security report, which shows a surge in Red Team deployments. A survey of 700 IT and security practitioners showed that 64% are using red teaming and more than half plan on increasing investment within the next 12-24 months. 

Infoblox examines lookalike attacks

Infoblox provides a detailed examination of the ways in which attackers use visually similar domain names as an integral part of a phishing attack. A simple example demonstrates that nobody is immune: examples of lookalike Infoblox domains that the firm did not register. lnfoblox[.]com (homoglyph) uses a lowercase “L” to impersonate a capital “i”; infobloxbenifits[.]com (simple typosquat); infoblox[.]info (TLD squat) uses a different top level domain suffix; infobloxgrid[.]com (combosquat) combines the company name and the company’s primary product.

Cybersecurity Awareness Act

Newly introduced bipartisan legislation requires the Department of Homeland Security (DHS) to provide public and private sectors with regular guidance on best practices related to cybersecurity, while ensuring that the Cybersecurity and Infrastructure Security Agency (CISA) increases outreach to entities frequently targeted with ransomware, such as small businesses and underserved communities.

Google paid $1.8 million for Linux kernel exploits

Google says it has paid a total of $1.8 million for Linux kernel exploit reports received as part of the kCTF Vulnerability Rewards Program (VRP), which kicked off in 2020. More than 60% of submissions targeted vulnerabilities in the ‘io_uring’ component and Google has disabled the component on its servers and in Chrome OS, and is limiting its usage on Android and GKE AutoPilot.

Kernel exploit submissions are now handled under the name kernelCTF, as the internet giant is shifting focus from Google Kubernetes Engine (GKE) and kCTF to the latest stable kernel and the included mitigations. The maximum total payout for valid reports remains $133,337.

European Parliament votes in favor of AI Act

Despite last week’s concerns over the future of the EU AI Act, the European Parliament has voted in favor — by 499 to 28, with 93 abstentions. The details still have to be agreed by the European Council (representing the national governments) and the European Commission — and there is likely to be some pushback from both; for example, in policing areas. As it stands, the law is heavily focused on people (privacy and personal rights), potentially outlawing areas such as emotion detection, and predictive policing. It also provides greater transparency over AI data content; for example, restrictions on the use of copyright material. The Act contrasts with Google’s SAIF proposals: the former concentrates on the content, while the latter concentrates on the technology.

Quantum-sourced random numbers

Quantinuum’s Quantum Origin Onboard brings quantum enhanced key generation to the current encryption used by edge and IoT devices. It employs the generation and delivery of true random numbers from the Quantinuum H-series quantum computer. A quantum seed is embedded into the device, improving the ability to generate strong and secure keys. It doesn’t require any change to existing encryption software, but improves the security of that encryption.

AWS removes HTTP header remapping from Amazon API Gateway

On June 14, Amazon Web Services (AWS) removed HTTP header remapping from Amazon API Gateway after Omegapoint discovered and reported an edge case issue and an authorization-caching flaw. Velocity Template Language-based (VTL) transformation remains available for header remapping, as it is not affected by the flaws.

Dragos launches Global Partner Program

Industrial cybersecurity firm Dragos has launched a Global Partner Program that comprises OT security services, technology and threat intelligence. Partners also get training that enables them to offer assessment services to customers. 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Backup and recovery firm Keepit has hired Kim Larsen as CISO.

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

More People On The Move

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.