SecurityWeek's cybersecurity roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Recorded Future reveals how four Iranian intelligence and military contractors linked to the Islamic Revolutionary Guard Corps have been engaging with cyber contracting parties, creating a network of organizations in aid of Iranian state-sponsored threat actors' targeting of government, media, critical infrastructure, and other entities in Western countries.
Russia-linked APT group Shuckworm has been observed targeting the Ukrainian military with a new PowerShell backdoor called Subtle-Paws.
The observed attacks, which are part of the Steady#Ursa campaign, also involved lateral movement through infected USB drives.
APT28 brute-forcing government networks for 20 months.
For roughly four years, a financially motivated threat actor tracked as UNC4990 has been relying on weaponized USB drives to infect victims with malware, Mandiant reports.
The threat actor has been hosting its malicious payloads on popular websites, such as Ars Technica, GitHub, GitLab, and Vimeo.
Palo Alto Networks ordered to pay $151.5 million to Centripetal Networks.
Palo Alto Networks was ordered to pay Centripetal Networks $151.5 million, after a jury found the cybersecurity firm infringed on several patents.
Palo Alto disagrees with the decision and plans to seek relief from the court.
Location identity solutions provider Incognia has raised $31 million in Series B funding for its global expansion.
The company's technology can help prevent account takeovers and fake account creation.
Oasis Security has raised $40 million in funding for its non-human identity management solutions to help organizations automate the lifecycle of non-human identities, which can include service accounts, secrets, API keys, tokens and certificates.
UN Cybercrime Treaty endangers human rights, EFF warns.
Patches released for Chrome, Mastodon, Splunk, and WordPress address critical- and high-severity vulnerabilities that could lead to account takeover, remote code execution, and information disclosure.
Check Point announced the preview launch of Infinity AI Copilot, a product that leverages AI and cloud technologies to help organizations automate complex security tasks and provide proactive solutions to threats.
Twice as many vulnerabilities in WordPress were documented in 2023 compared to 2022, Defiant's Wordfence team says in an annual report.
Cross-site scripting, cross-site request forgery, missing authentication/authorization bypass, SQL injection, and information disclosure were the top five most common types of vulnerabilities.
Malware infections remained at the same level, credential stuffing attacks dropped, while XSS attacks surged.
This Cyber News was published on www.securityweek.com. Publication date: Sat, 03 Feb 2024 11:43:05 +0000