Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

In Other News: National Laboratory Breach, Airplane GPS Attacks, Russia Accuses Allies of Hacking

Noteworthy stories that might have slipped under the radar: Idaho National Laboratory breach, GPS attacks target airplanes, Russian accuses China and North Korea of hacking.

Cybersecurity News tidbits

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories:    

Russia blames China and North Korea for cyberattacks

Rostelecom-owned cybersecurity firm Solar reported that Asian hackers, especially state-sponsored threat actors operating out of China and North Korea, are responsible for a surge in cyberattacks targeting Russia. Focused on espionage and data theft, the attacks mainly targeted the telecommunications and public sectors, Solar’s report (in Russian) notes.

Security firm COO admits to hacking hospitals

Atlanta-based cybersecurity firm Securolytics’ chief operating officer (COO), Vikas Singla, has admitted in court to orchestrating a series of cyberattacks against local hospitals in 2018, to boost his company’s business. He was ordered to pay over $800,000 in restitution and could be sentenced to 57 months of probation, including home detention. 

Advertisement. Scroll to continue reading.

Hacker breaches hotel networks, fakes own death

The US charged Jesse E. Kipf, of Somerset, Kentucky, with compromising state and corporate networks and accessing private information, and with attempting to sell credentials he used to access those networks. Kipf allegedly compromised Guest-Tek and Milestone to access services provided to hotel chains and steal Marriott customer information, and reportedly hacked US death certificate registration agencies in an attempt to fake his own death.

Idaho National Laboratory data breach

Idaho National Laboratory has confirmed a data breach impacting employee information, including names, addresses, dates of birth, email addresses, phone numbers, Social Security numbers, bank account data, and more. Hacktivist group SiegedSec has claimed responsibility for the attack, leaking the allegedly stolen information online.

Large phishing campaign distributes DarkGate, PikaBot malware

A sophisticated phishing campaign that has been distributing the DarkGate malware since September recently started delivering PikaBot. Cofense draws parallels between this campaign and the distribution of the QakBot malware and botnet, which is currently silent, following a law enforcement takedown in August.

GPS attacks against commercial flights

Since September, commercial flights have been experiencing “unthinkable” GPS failures when flying over the Middle East, especially near Iran, caused by novel spoofing attacks. Spoofed navigation signals have been telling airplanes they are flying miles away from their real location, preventing them from navigating correctly. The issue is unknown and no resolution is available.

Ukraine fires top cyber defense officials

Ukraine has dismissed Yurii Shchyhol and Viktor Zhora, the head and the deputy of the State Service of Special Communications and Information Protection of Ukraine (SSSCIP), a unit in charge with cyberattack protections and government communication security. The two are investigated over their alleged roles in a $1.72 million fraud scheme, Reuters reports

Australian government funding

Australia has announced $18 million in funding for cybersecurity programs aimed at small and medium-sized businesses. Firms will be offered cybersecurity posture assessment services and assistance with other cyber challenges, such as recovering from attacks. 

Drenan Dudley appointed new acting national cyber director 

The White House has appointed Drenan Dudley as the interim acting national cyber director, taking over from Kemba Walden, who held the position since March. Harry Coker Jr., the White House’s nominee for the permanent position, is currently working his way through the Senate.

DIALStranger vulnerabilities allow TV hacking

A security researcher has released information on DIALStranger, a set of vulnerabilities impacting Discovery and Launch (DIAL), a protocol co-developed by Netflix, YouTube, Sony, and Samsung for playing videos on TVs and other devices. The vulnerabilities could allow hackers to play any video on the targeted TV, even without user interaction. The issues were identified in 2019 but, due to the nature of the affected products, some devices remain unpatched.

Messaging service Sunbird suspended over security concerns

Sunbird, an Android and web messaging platform that brings together popular services such as iMessage, Facebook Messenger, Slack, and more, has suspended activity after researchers flagged serious security issues. Despite the platform’s claims, the service lacks encryption, exposing messages to interception while in transit, or to Sunbird employees, when stored on the platform’s servers, the researchers say. Nothing Chats, an iMessage for Android application that uses the Sunbird platform, has been removed from Google Play.

Juniper and Trellix patch high-severity vulnerabilities

Over the past week, Juniper Networks and Trellix have released patches for multiple vulnerabilities. Juniper patched a high-severity flaw in Junos OS and Junos OS Evolved, and multiple issues in Juniper Secure Analytics (JSA), while Trellix resolved a high- and a medium-severity bug in ePolicy Orchestrator

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...