SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Google Chronicle Security Operations platform unifies SIEM and SOAR
Google has updated its Chronicle Security Operations platform to unify its SIEM and SOAR solutions in a single place. Integrating with attack surface management technology from Mandiant, the platform allows organizations to retain and analyze data at scale, to identify and investigate threats faster.
Open Systems makes OT firewall service generally available
Swiss managed secure access service edge (SASE) services provider Open Systems this week announced the general availability of its OT firewall service, which provides network security monitoring capabilities, enabling visibility and control over IIoT traffic, to help organizations identify and remediate malicious attacks.
Signal Protocol hardened against quantum threats
Encrypted messaging service Signal has taken steps to improve the resilience of its Signal Protocol — a set of specifications that provide end-to-end encryption for private communication — to quantum computing threats. Essentially, the protocol was upgraded from the X3DH specification to PQXDH, which now requires that attackers break both the elliptic curve key agreement protocol X25519 and the post-quantum key encapsulation mechanism CRYSTALS-Kyber to compute the shared secret used in a private communication.
Election hacking at pilot event
IT-ISAC this week hosted the Election Security Research Forum, a first-of-its-kind pilot event meant to strengthen the security of US elections. Participating election technology manufacturers provided security researchers with access to new hardware (digital scanners, ballot marking devices, and electronic pollbooks) and software, under the principles of coordinated vulnerability disclosure, IT-ISAC says (PDF).
Yubico starts trading on Nasdaq in Stockholm
Hardware security keys maker Yubico is now publicly traded on Nasdaq First North Growth Market in Stockholm, under the ticker symbol YUBICO. The intent to go public was initially announced in April, following its merger with Swedish holding company ACQ Bure. Yubico has been valued at $800 million.
Pizza Hut Australia hacked
Hacking group ShinyHunters claimed to have stolen the personal information of roughly 1 million Pizza Hut Australia customers, but the food chain now says that less than 200,000 individuals might have been affected. Names, addresses, phone numbers, email addresses, and masked credit card data was compromised in the attack.
Florida man sentenced to prison for BEC scheme
Mustapha Raji, 53, of Hollywood, Florida, has been sentenced to three years in prison and three years of supervised release, and was ordered to pay over $700,000 in restitution for his participation in a $1.7 million business email compromise (BEC) and money laundering scheme targeting a hedge fund founder in New York.
New revelations from the Snowden files
The PhD thesis of journalist and researcher Jacob Appelbaum brings to light new information from the Snowden files, including alleged backdoors in CPUs made by semiconductor company Cavium, and the NSA hacking Russia’s SORM lawful interception system.
ShroudedSnooper targeting telecom providers in the Middle East
A threat actor named ShroudedSnooper has been observed using the new HTTPSnoop
backdoor in attacks against telecommunications providers in the Middle East. The malware interacts with Windows HTTP kernel drivers to listen to specific incoming requests and execute their contents. The threat actor also uses the PipeSnoop implant in attacks, which can execute arbitrary shellcode received from a named pipe.
Ad systems exploited by newly uncovered Israeli spyware
Israeli newspaper Haaretz claims to have evidence that Israeli software maker Insanet has built a tool that can infect anyone via online adverts to spy on them, and that it has sold it to a totalitarian regime. Named Sherlock, the spyware can reportedly be used on Windows, Android, and iOS devices.
1,200 organizations hit by MOVEit hack
As of September 21, 2023, the number of organizations known to have been impacted by the May 2023 MOVEit hack has grown to 1,197, while the number of impacted individuals has surpassed 56 million, Emsisoft says. Over a dozen healthcare organizations in North Carolina have been hit via Microsoft-owned technology firm Nuance.