SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Apple wants to shorten certificate lifespan to 45 days
Apple has published a draft ballot that proposes to incrementally reduce the lifespan of public SSL/TLS certificates from 398 days to 45 days between now and 2027. Sectigo, a sponsor of the proposal, has made available additional information on Apple’s plans, which have raised concerns for many IT teams.
China claims Volt Typhoon was invented by US and Intel processors contain backdoors
China this week again claimed that the notorious Volt Typhoon threat group, which has been linked to the Chinese government, was made up by the US and its allies, and shared unconvincing evidence to back its claims. Separately, the Cybersecurity Association of China said Intel processors sold in the country should be reviewed as they are vulnerable to backdoors created by the NSA.
Chinese researchers break encryption using quantum computing
Chinese researchers reportedly managed to break a widely used encryption method using quantum computing, which “poses a ‘real and substantial threat’ to password-protection mechanisms employed across critical sectors,” according to Chinese media. However, Avesta Hojjati, head of R&D at DigiCert, told SecurityWeek that the findings have been sensationalized and we’re still far from a practical attack. “While the research shows quantum computing’s potential threat to classical encryption, the attack was executed on a 22-bit key—far shorter than the 2048- or 4096-bit keys commonly used in practice today. The suggestion that this poses an imminent risk to widely used encryption standards is misleading,” Hojjati said.
Sipulitie marketplace takedown
Finnish and Swedish authorities this week announced the disruption of Sipulitie, a dark web marketplace active since February 2023 that facilitated various criminal activities. Operating in both Finnish and English and boasting profits of over €1.3 million (~$1.4 million), it was the successor of Sipulimarket, which was disrupted in December 2020. Working with Bitdefender, the authorities also took down the chat-based sales website, Tsatti, operated by the same individual, and identified the administrators and several users of Sipulitie.
ConfusedPilot AI attack
Researchers at the University of Texas at Austin and Symmetry Systems recently disclosed a new AI attack named ConfusedPilot. The attack method targets AI systems based on Retrieval Augmented Generation (RAG), such as Microsoft 365 Copilot. It allows manipulation of AI responses by adding malicious content to any document the AI system might reference, potentially leading to widespread misinformation and compromised decision-making processes within an organization.
Microsoft lost customers’ security logs
Microsoft has admitted that a monitoring agent issue has resulted in partially incomplete log data for customers of some services. The tech giant said that — among others — Entra logs flowing into security products such as Sentinel, Purview, and Defender for Cloud were impacted for roughly one month, from early September to early October. Security teams are being warned of the potential implications.
87,000 Fortinet instances impacted by exploited vulnerability
It recently came to light that CVE-2024-23113, a FortiOS vulnerability addressed by Fortinet in February, has been exploited in the wild. The Shadowserver Foundation has conducted an analysis and determined that over 87,000 instances are still likely affected by the security hole, most of them in the US, followed by Japan and India.
Manipulating watermarks on images generated by AWS Titan
HiddenLayer has detailed its research into the manipulation of digital watermarks in images generated by AWS’s Titan image generator. The company has shown how high-confidence watermarks could be applied to any image to make it appear as if it was generated by the AWS service. It also showed that watermarks could have been removed from images generated by Titan. AWS has rolled out patches and no customer action is required.
Related: In Other News: Doxing With Meta Ray-Ban Glasses, OT Hunting, NVD Backlog
Related: In Other News: Traffic Light Hacking, Ex-Uber CSO Appeal, Funding Plummets, NPD Bankruptcy
