SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Russia attempting to sabotage European railways
The Czech Republic’s transport minister told FT that Russia has been attempting to hack European rail networks in an effort to destabilize the EU and sabotage critical infrastructure. The Czech official said hackers had targeted signaling systems and the networks of the country’s national railway operator.
Nigerian national pleads guilty in US to role in BEC scheme
Oludayo Kolawole John Adeagb, a 45-year-old Nigerian extradited from the UK to the US, has pleaded guilty to his role in a multimillion dollar BEC scheme. The man remains in custody and he faces up to 20 years in prison. As per the plea agreement, Adeagbo will be required to pay restitution in the full amount of the victims’ losses, which is alleged to be at least $14 million.
X rushes to fix URL blunder after phishing warning
X, formerly Twitter, implemented a change on April 9 that would result in all twitter.com URLs being automatically converted to x.com. The social media giant quickly reversed course after the cybersecurity community showed how this could be abused for phishing attacks. For instance, cybercriminals could register the domain netflitwitter.com, which X would display as netflix.com.
NSA issues data security guidance
The NSA has issued guidance for maturing data security and protecting access to data at rest and in transit. The goal is to help organizations ensure that only authorized users can access data. The capabilities described in the guidance integrate into a comprehensive zero trust framework.
Ukrainian hackers target Moscow sewage system
A Ukrainian hacker group affiliated with the country’s security service claims to have targeted Moskollector, the firm that operates the communication system for Moscow’s sewage network. The hackers said they shut down 87,000 alarm sensors (preventing the company from responding to emergencies) and “destroyed” 70 servers and 90 Tb of data. Their claims could not be confirmed. The hackers often claim to launch disruptive attacks against Russian entities, including ISPs, utilities, the military, and data centers.
Women in CyberSecurity report looks at gender disparities
A survey commissioned by Women in CyberSecurity (WiCyS) looks at the causes of disparities in the experiences of women in cybersecurity. The study found that the workplace experiences of women are dramatically worse than men across nearly every category. The top categories of exclusion are respect, career and growth, access and participation, and recognition.
Silently fixed Lighttpd vulnerability exposes Intel and Lenovo servers
A Lighttpd vulnerability that was silently patched back in 2018 has now been found to expose Intel and Lenovo servers to attacks. The developers of the AMI MegaRAC BMC, which is used by both Intel and Lenovo, did not consume the Lighttpd patches released at the time, allowing the vulnerability to end up in devices that use the AMI BMC. Binarly, which recently discovered the security risk, has informed Intel and Lenovo, but they will not release patches because the impacted products have reached end of life.
PasteHub domain seized by law enforcement
PasteHub, an anonymous note-sharing service integrated with the BreachForums cybercrime website, is currently displaying a message informing visitors that it has been seized by law enforcement, Catalin Cimpanu reported.
Thousands of ecommerce sites exposed to hacking
Thousands of ecommerce websites powered by Invision Community can be taken over by hackers due to a recently patched SQL injection vulnerability. According to Egidio Romano, the researcher who found and reported the flaw, exploitation of the SQL injection can lead to remote code execution. Invision Community developers have fixed the SQL injection, but they have yet to patch the RCE aspect of the attack.
Dam sector concerned after report shows Microsoft’s cybersecurity failings
A Federal Energy Regulatory Commission (FERC) director recently told a Senate panel that the organization is concerned about the cybersecurity of thousands of dams across the United States in light of the recent Cyber Safety Review Board (CSRB) report highlighting Microsoft’s cybersecurity failures. FERC is concerned because the dam sector relies heavily on Microsoft products.
Related: In Other News: 100,000 Affected by CISA Breach, Microsoft AI Copilot Ban, Nuclear Site Prosecution
Related: In Other News: Airline Privacy Review, SEC’s SolarWinds Hack Probe, Apple MFA Bombing
