Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

In Other News: MediSecure Hack, Scattered Spider Targeted by FBI, New Wi-Fi Attack

Noteworthy stories that might have slipped under the radar: FBI is targeting Scattered Spider, Australia’s MediSecure hacked, new Wi-Fi attack.

Cybersecurity News tidbits

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories:  

Scattered Spider in FBI crosshairs

The FBI is seeking to charge members of the Scattered Spider cybercrime group, which made headlines recently for the deployment of the BlackCat (Alphv) ransomware on the systems of hospitality and entertainment giant MGM Resorts. Brett Leatherman, the FBI’s cyber deputy assistant director, told Reuters that Scattered Spider members are largely based in the US and western countries, but they also include veteran hackers from eastern Europe. One alleged member of the group, a 19-year-old from Florida, was arrested in January. 

The clues that led to the unmasking of the LockBit mastermind

Brian Krebs has looked at the evidence that allowed law enforcement to identify LockBitSupp, the mastermind behind the LockBit ransomware operation, as Dimitry Yuryevich Khoroshev. Krebs has tracked Khoroshev’s cybercrime career, determining that he has written and sold malware for the past 14 years.

Advertisement. Scroll to continue reading.

Firefox and Cisco patches

Mozilla has patched several vulnerabilities with the release of Firefox 126, including high-severity flaws that could allow arbitrary code execution. 

Cisco has fixed five high-severity vulnerabilities in Crosswork Network Services Orchestrator and ConfD, as well as several medium-severity security bugs in various products. 

GE HealthCare Vivid Ultrasound vulnerabilities

Nozomi Networks has disclosed information on 11 vulnerabilities found in GE HealthCare Vivid Ultrasound products. The security firm warned that malicious insiders could exploit the flaws to install ransomware, and to access and manipulate patient data. 

Cybersecurity guidance for civil society organizations 

CISA, the FBI and their international partners have released new guidance to help civil society organizations mitigate cyber threats with limited resources. These types of entities include  nonprofit, advocacy, cultural, faith-based, academic, think tanks, journalist, dissident, and diaspora organizations and they are often targeted by state-sponsored threat actors.

NCSC CTO says the tech market isn’t working

Ollie Whitehouse, CTO at the NCSC, said the market for technology isn’t working.

“The challenges ahead of us are the horse-sized ducks of states with strategic intentions, and the duck-sized horses of criminal actors out for financial gain,” Whitehouse said. “And the reality is that we don’t get to choose which one we’d rather counter, because we have to be able to face both with confidence. We know how to design and build resilient, secure technology. We just need a market that supports and rewards it.”

New Wi-Fi vulnerability allows SSID confusion attack

Researchers have found that all Wi-Fi clients and all operating systems are affected by a new vulnerability, tracked as CVE-2023-52424, that can be exploited to launch SSID confusion attacks against enterprise, mesh and home networks. An attacker can use the method to trick users into connecting to a network with a spoofed network name (SSID), leaving them vulnerable to traffic interception and manipulation.

Australian digital prescription platform MediSecure hacked

The Australian digital prescription platform MediSecure has been hit by a ransomware attack. The company has taken down its website, with a message informing visitors about a cybersecurity incident impacting personal and health information. The incident, which originated from a third-party vendor, has not impacted e-prescription services. 

Lunar malware used by Turla to target European ministry of foreign affairs

The Russia-linked Turla APT has used a toolset named Lunar in an attack targeting a European ministry of foreign affairs. ESET has conducted an analysis of two new backdoors, named LunarWeb and LunarMail, which have been used against the European government organization and its diplomatic missions.

Related: In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved

Related: In Other News: Locked Shields 2024, Data Exposure Bugs, NVIDIA Patches

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

Merlin Ventures has appointed cybersecurity executive Andrew Smeaton as the firm’s CISO-in-Residence.

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

More People On The Move

Expert Insights