SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Google Cloud Threat Horizons report
Cryptomining through credential abuse remains the top threat to cloud applications, according to Google Cloud’s H1 2024 Threat Horizons report (PDF). Threat actors exploit weak passwords and unprotected cloud instances, along with misconfigurations to compromise cloud resources and sell access, deploy cryptominers or file-encrypting ransomware, or exfiltrate data for extortion. Chinese APTs, the report shows, are increasingly targeting cloud instances as well.
Free decryption tool for Rhysida ransomware
South Korean researchers have cracked the file encryption method used by the Rhysida ransomware and managed to develop a decryption tool that victims can leverage to recover their files without paying a ransom. The decryption tool is being distributed through the Korea Internet and Security Agency (KISA).
OpenTitan root of trust open source silicon commercially available
LowRISC and the OpenTitan coalition announced the commercial availability of its open source silicon project. OpenTitan provides chip level root of trust to ensure hardware, including phones, cars and ICS systems, remain in their intended trustworthy state.
NIST guidance on integration of software supply chain security in DevSecOps CI/CD
NIST has published the final version of a document providing information on strategies for integrating software supply chain security measures into DevSecOps CI/CD pipelines.
NIST releases HIPAA cybersecurity resource guide
NIST has also released the final version of a cybersecurity resource guide focusing on implementing HIPAA. It provides practical guidance and resources that can be used by regulated entities to safeguard ePHI and better understand the security concepts in the HIPAA Security Rule.
Seal Security emerges from stealth with $7.4 million in seed funding
Seal Security has emerged from stealth mode with $7.4 million in seed funding. The company provides a generative AI solution designed for automated open source vulnerability remediation and patch management. It offers standalone security patches in five programming languages for vulnerabilities in direct and transitive dependencies.
Whitehat Safe Harbor Agreement
HackerOne has joined forces with the Security Alliance (SEAL) to develop a safe harbor agreement for white hat hackers. The project seeks to solve the legal ambiguity over good faith hacking, a major concern for ethical hackers. SEAL has published its final draft Whitehat Safe Harbor Agreement on GitHub and is seeking comments from the hacking community by March 1, 2024.
Pentagon notifying 26k individuals of data breach
The Pentagon is informing roughly 26,000 employees, job applicants and partners of a data breach discovered one year ago. The incident is related to a service provider inadvertently exposing Defense Department email messages to the internet, including emails containing personal information.
Google says Hamas didn’t use cyber operations to support October 7 attack
Google says it has not observed significant cyberespionage activities from Hamas since the attack launched against Israel on October 7, and there is no indication that the terrorist group used cyber operations to tactically support the attack.
China not backing up US hacking claims with technical evidence
Over the past few years, China has regularly claimed that it has been the target of US hacking operations, but it has failed to back up its allegations with technical evidence, SentinelOne reported. The cybersecurity firm has analyzed China’s efforts in this area.
US hacks Iranian spy ship
NBC News reported, based on information from three US officials, that the United States recently launched a cyberattack against an Iranian military ship that had been spying on cargo vessels in the Red Sea and the Gulf of Aden. The hacker attack was reportedly part of the Biden administration’s response to a recent drone attack that killed three US service members in Jordan.
Related: In Other News: Palo Alto Loses Patent Lawsuit, Identity Firms Get Funding, Government Hackers
Related: In Other News: $350 Million Google Settlement, AI-Powered Fraud, Cybersecurity Funding