Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

In Other News: Palo Alto Loses Patent Lawsuit, Identity Firms Get Funding, Government Hackers

Noteworthy stories that might have slipped under the radar: Palo Alto Networks ordered to pay $150 million in patent lawsuit, identity solutions firms get big funding, government hacker techniques. 

Cybersecurity News tidbits

SecurityWeek’s cybersecurity roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories:    

A Startup Allegedly ‘Hacked the World.’ Then Came the Censorship—and Now the Backlash

A coalition of anti-censorship voices is working to highlight reports of one Indian company’s hacker-for-hire past—and the legal threats aimed at making them disappear. (Wired)

Iran’s network of cyber contractors 

Recorded Future reveals (PDF) how four Iranian intelligence and military contractors linked to the Islamic Revolutionary Guard Corps (IRGC) have been engaging with cyber contracting parties, creating a network of organizations in aid of Iranian state-sponsored threat actors’ targeting of government, media, critical infrastructure, and other entities in Western countries.

Advertisement. Scroll to continue reading.

Ukrainian military targeted with new backdoor

Russia-linked APT group Shuckworm (aka Gamaredon, and Primitive Bear) has been observed targeting the Ukrainian military with a new PowerShell backdoor called Subtle-Paws. The backdoor can execute malicious payloads and achieve persistence. The observed attacks, which are part of the Steady#Ursa campaign, also involved lateral movement through infected USB drives. 

APT28 brute-forcing government networks for 20 months

Between April 2022 and November 2023, Russian state-sponsored APT group Pawn Storm (APT28) was seen launching NTLMv2 hash relay attacks against numerous targets, including government entities, likely in an attempt “to brute-force its way into the networks of governments, the defense industry, and military forces around the world,” Trend Micro reports

UNC4990 relies on USB drives for infection

For roughly four years, a financially motivated threat actor tracked as UNC4990 has been relying on weaponized USB drives to infect victims with malware, Mandiant reports. The infection chain starts with the victim clicking on a shortcut file (LNK) on the drive, which leads to the execution of a PowerShell script. The threat actor has been hosting its malicious payloads on popular websites, such as Ars Technica, GitHub, GitLab, and Vimeo.

Palo Alto Networks ordered to pay $151.5 million to Centripetal Networks 

Palo Alto Networks was ordered to pay Centripetal Networks $151.5 million, after a jury found the cybersecurity firm infringed on several patents. Palo Alto disagrees with the decision and plans to seek relief from the court. Centripetal was also awarded $2.7 billion in a patent case against Cisco, but that ruling was overturned recently by a court.

Incognia and Oasis Security announce new funding

Location identity solutions provider Incognia has raised $31 million in Series B funding for its global expansion. The company’s technology can help prevent account takeovers and fake account creation. 

Oasis Security has raised $40 million in funding for its non-human identity management solutions to help organizations automate the lifecycle of non-human identities, which can include service accounts, secrets, API keys, tokens and certificates. 

UN Cybercrime Treaty endangers human rights, EFF warns

The Electronic Frontier Foundation (EFF) warns that, in its current form, the UN Cybercrime Treaty (PDF) makes the cyber ecosystem less secure and endangers human rights. The EFF and its partners ask UN member states to reject the convention unless major changes that limit surveillance and safeguard human rights are made. 

Patches

Patches released for Chrome, Mastodon, Splunk, and WordPress address critical- and high-severity vulnerabilities that could lead to account takeover, remote code execution, and information disclosure. 

Check Point unveils Infinity AI Copilot

Check Point announced the preview launch of Infinity AI Copilot, a product that leverages AI and cloud technologies to help organizations automate complex security tasks and provide proactive solutions to threats. The company says its goal is to boost the efficiency and effectiveness of security teams and address the global workforce shortage.

Number of WordPress vulnerabilities doubles

Twice as many vulnerabilities in WordPress were documented in 2023 compared to 2022, Defiant’s Wordfence team says in an annual report (PDF). Cross-site scripting (XSS), cross-site request forgery (CSRF), missing authentication/authorization bypass, SQL injection, and information disclosure were the top five most common types of vulnerabilities. Malware infections remained at the same level, credential stuffing attacks dropped, while XSS attacks surged. 

Related: In Other News: Secure Use of AI, HHS Hacking, CISA Director Swatting

Related: In Other News: WhatsApp Privacy Issue, Spying via Ambient Light Sensor, Bigpanzi Botnet

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...