Connect with us

Hi, what are you looking for?


Email Security

In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware

Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 17, 2023.

Cybersecurity news roundup

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories

Google restricting internet access to reduce cyber risk

Saying its employees are a frequent target of attacks, Google is enlisting employees for a pilot program to work without internet access, CNBC reports. The company reportedly selected 2,500 employees to participate but has since opened it up to volunteers, and will allow select employees to opt out.

Millions of US military emails leaked 

Advertisement. Scroll to continue reading.

Millions of email messages destined for US military addresses were erroneously sent to a domain for the African country of Mali. Due to a one-character typo, documents, medical data, travel information and more were sent to .ml addresses instead of .mil. The Department of Defense reportedly says it has controls in place to prevent emails from being sent to the wrong addresses, but the situation has been ongoing for roughly a decade. 

A quantum cybersecurity agenda for Europe

A discussion paper (PDF) on why the European Union needs to develop a European quantum ecosystem to counter challenges arising from the rapid development of quantum computers. Threat actors, the paper notes, are already harvesting encrypted information they can decrypt once cryptographically significant quantum computers emerge. 

CISA recommends free cloud tools

New CISA guidance (PDF) recommends a set of open source tools that organizations can use to assess their security stance, harden their infrastructure against malicious attacks, and to improve their detection and investigation capabilities in the cloud. These include The Cybersecurity Evaluation Tool, SCuBAGear, The Untitled Goose Tool, Decider, and Memory Forensic on Cloud. 

Acting cyber director will not get permanent role due to personal debts

Acting national cyber director Kemba Walden will not be offered the position permanently, “because of personal debt issues”, a source told Reuters. Walden took her role in February, overseeing the implementation of the US’s National Cybersecurity Strategy.

OpenSSH remote code execution vulnerability 

A vulnerability (CVE-2023-38408) in OpenSSH’s forwarded ssh-agent allows a remote attacker to execute commands. The ssh-agent is a widely used background program for caching private keys used for public key authentication, but connections to it can be forwarded, exposing the system administrator’s workstation to potential attacks. However, its potential impact is not as significant as it might sound, security researcher Kevin Beaumont says.

New KillNet capabilities

Mandiant has analyzed the recent increase in capability and shift in tactics showcased by the pro-Russia hacktivist collective KillNet, which is known for targeting US and European entities, including NATO. This “potentially indicates a significant increase in outside investment in the collective, further suggesting a potential tie to the Russian state”.

Chinese espionage group behind advanced Android surveillanceware

Cybersecurity firm Lookout believes that the Chinese espionage group APT41 is responsible for the advanced Android spyware dubbed WyrmSpy and DragonEgg. Also known as Barium and Winnti, the state-sponsored group has been active since 2012, targeting government organizations for espionage and private entities for financial gain.

New Splunk OT offering improves visibility in physical and industrial environments

Splunk announced Splunk Edge Hub this week, a new solution designed to simplify the ingestion and analysis of data generated by sensors, IoT devices and industrial equipment, and provide more complete visibility across IT and OT environments by streaming previously hard-to-access data directly into the Splunk platform.

Industrial control systems: engineering foundations and cyber-physical attack lifecycle

ICS security engineer Marina Krotofil has published a technical paper on cyber-physical systems (CPS), their security, and the lifecycle of a cyberattack against industrial control systems (ICS). The paper explores the interaction with the CPS from an attacker’s perspective and aims to share light on the required defenses. 

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...