CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Government

In Other News: TSA Wants New Cyber Rules, Scam Call Detection in Android, SIM Swappers Arrested

Noteworthy stories that might have slipped under the radar: TSA proposes new cyber rules for pipelines and railroads, Google adds scam call detection to Android, SIM swappers arrested in US. 

Cybersecurity News tidbits

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories: 

Team Software data breach impacts 100,000 people

Business software maker Team Software (WorkWave) revealed this week that a recent data breach impacts nearly 100,000 individuals. The company said it detected unauthorized access to its network in late July and an investigation showed that the compromised systems stored personal information. 

DDoS attack disrupts credit card readers in Israel

A DDoS attack disrupted credit card readers at gas stations and supermarkets in Israel. The provider impacted by the attack, Hyp Credit Guard, said the attack lasted for roughly one hour and targeted its services as well as communication suppliers. The company said it quickly managed to block the attack. 

Advertisement. Scroll to continue reading.

Researcher finds many macOS sandbox escape vulnerabilities

Researcher Mickey Jin has discovered more than 10 macOS sandbox escape vulnerabilities related to what he described as an overlooked attack surface involving XPC services. Apple was informed about the findings and patched a majority of them, but the researcher says there are still a few that are in the process of being fixed. Sandbox escapes are very valuable to threat actors as they increase the impact of remote code execution vulnerabilities, which would otherwise be constrained to the sandbox environment. 

TSA proposes cyber risk management and reporting requirements for pipelines and railroads

The TSA has proposed a new rule that would require pipeline and railroad owners and operators to establish cyber risk management programs. These surface transportation entities would also have to report cybersecurity incidents to the cybersecurity agency CISA.

Microsoft Visio files abused in phishing attacks

Perception Point has seen cybercriminals leveraging a new type of two-step phishing attack that involves Microsoft Visio files (.vsdx) and SharePoint to evade detection. The attacks start with emails sent out from compromised accounts. The emails deliver links to SharePoint pages that host Visio files, which redirect users to Microsoft credential phishing pages. Hundreds of organizations worldwide have been targeted.

Black hat SEO in Japan

Trend Micro in collaboration with academics and authorities in Japan conducted research into threat groups specializing in black hat search engine optimization (SEO), including their malware and poisoning attacks. The threat actors’ goal is to lure users to fake e-commerce sites.

Hamas-linked hackers expand from espionage to disruptive attacks

Wirte, a Hamas-linked threat actor, has expanded its operations, from espionage to disruptive attacks involving wiper malware, according to Check Point. The security firm said it found “clear links” between a custom malware used by Wirte and a wiper that was used to target Israeli entities in attacks observed in February and October 2024. 

North Korea-linked macOS malware abuses Flutter

Jamf researchers found malware samples that abuse Flutter, Google’s open source UI software development kit, to obfuscate malicious code. The malware targets macOS and it has been linked to North Korean hackers. The researchers said it’s possible that the malware wasn’t actually used in attacks and instead it’s part of tests conducted by the hackers to see if they can bypass detection and pass Apple’s notarization. 

Three individuals arrested and charged in US over SIM swapping

Three residents of Indiana have been arrested and charged over their alleged roles in a SIM swapping operation. The suspects are Indigo Kiara Graham, Cortez Tarmar Crawford, and Trevon Demar Allen. According to authorities, the defendants created fraudulent IDs in victims’ names, performed SIM swaps in exchange for money, and obtained 2FA codes. The SIM swapping ultimately allowed money and data theft, with some victims being extorted for restoring access to data. 

New real-time protections in Android

Google this week announced two new real-time protection features in Android, namely Scam Detection in Phone and Google Play Protect live threat detection. The former, now rolling out to Pixel devices, uses on-device AI to notify users of potential scam calls by detecting conversation patterns commonly associated with scams. The latter, available for Pixel 6 and later devices, analyzes the activity patterns of apps to deliver real-time alerts on potential harmful software, with an initial focus on stalkerware. 

Related: In Other News: FBI’s Ransomware Disruptions, Recall Delayed Again, CrowdStrike Responds to Bloomberg Article

Related: In Other News: China Hacked Singtel, GuLoader Attacks on Industrial Firms, LastPass Phishing Campaign

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.