SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Europe’s energy grid targeted by thousands of cyberattacks
Europe’s energy grid has been targeted by thousands of cyberattacks, company executives and government officials told Politico, calling for urgent action. While most attacks don’t cause any disruption, Russian hackers have been known to disrupt power in Ukraine, including as recently as October 2022.
Slovenia’s largest power utility hit by ransomware
Slovenia’s largest power utility, HSE, has been targeted in a ransomware attack. File-encrypting malware spread on the company’s network, with the attackers reportedly breaching “security and control systems”. However, HSE representatives said there was no risk to electricity supply.
European chip giant NXP targeted by Chinese cyberspies
NXP, Europe’s largest chip manufacturer, was targeted by a Chinese cyberespionage group known as Chimera between late 2017 and early 2020, stealing chip designs and other intellectual property, NRC reported. NXP said the breach did not result in material damage, arguing that the stolen information cannot be easily used to replicate its products.
Ukraine claims it hacked Russian aviation agency
Ukrainian government hackers allegedly breached the systems of Russian aviation agency Rosaviatsia. The information they obtained as a result of the hack allegedly shows that Western sanctions are accelerating the collapse of Russia’s aviation sector.
Japan’s JAXA space agency hacked
The Japanese government has confirmed that the country’s JAXA space agency was targeted in a cyberattack. According to various media reports, the attack took place during the summer and raised concerns that information related to Japan’s space program may have been compromised, but there is no indication to date that sensitive information has been stolen.
Texas water utility hit by ransomware
The North Texas Municipal Water District, which provides water and wastewater services to two million residents across 10 counties, was targeted by the Daixin ransomware group, which claims to have stolen over 33,000 files. The company confirmed that hackers gained access to its business network, but said there was no impact to its core services.
DeleFriend flaw could expose Google Workspace domains to takeover
Hunters researchers claim to have found a ‘severe design flaw’ in the Google Workspace Domain Wide Delegation feature that could allow an attacker to take complete control of a Google Workspace domain. The issue has been dubbed DeleFriend. Google, however, does not agree with the company’s assessment and says it’s up to customers to prevent abuse.
Temu launches bug bounty program
Online marketplace Temu has launched a bug bounty program, with rewards of up to $5,000 for critical vulnerabilities. The bug bounty program is hosted on HackerOne.
Former Motoral employee pleads guilty to hacking
A former Motorola employee has pleaded guilty to charges related to hacking and passport fraud. Andrew Mahn targeted Motorola employees after he left the company in an effort to gain access to systems that would allow him to unlock premium radio equipment features. The passport fraud charge is related to him trying to get a passport in a false name while he was being investigated. Motorola is not named by the Justice Department, but The Register made the connection.
Real identity of Killnet leader revealed
Russian publication Gazeta.Ru claims to have learned the real identity of the leader of the notorious Russian hacker group Killnet. The leader, KillMilk, is said to be Nikolai Nikolaevich Serafimov and the Russian hacker community is allegedly tired of him, but they’re also afraid of him because he can expose the real identity of many.