SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Amnesty investigation into spyware in Indonesia
Amnesty International has teamed up with several organizations to conduct research into the sale and deployment of spyware and other surveillance technologies in Indonesia. The spyware was reportedly sourced from Israel, Greece, Singapore and Malaysia between 2017 and 2023, and includes technologies from NSO-linked Q Cyber, Intellexa, Saito (Candiru), FinFisher and Wintego.
Israeli private investigator arrested over hack-for-hire scheme
An Israeli private investigator wanted by the United States for his alleged role in a hack-for-hire scheme was arrested in London, but the initial attempt to extradite him failed due to a legal technicality. The man is accused of carrying out a cyberespionage campaign on behalf of an unidentified American public relations firm.
Citrix Netscaler vulnerability nearly identical to Citrix Bleed
Bishop Fox has disclosed the details of a Citrix Netscaler ADC and Gateway vulnerability that can be exploited without authentication to remotely obtain sensitive information from an appliance. The flaw is nearly identical to the Citrix Bleed vulnerability, but it’s less likely to return highly sensitive information to an attacker. Version 13.1-51.15 and later are not affected.
VMware advisories moved to Broadcom support portal
The location of VMware security advisories has changed — they are now available on the Broadcom Support Portal. Some members of the cybersecurity industry complained that they are now only available to logged-in users, but VMware has clarified that they can still be viewed without authentication.
Apple patches iTunes vulnerability
Apple has released iTunes 12.13.2 for Windows 10 and later to address CVE-2024-27793, a vulnerability that can be triggered by getting the targeted user to parse a specially crafted file. Exploitation can lead to unexpected app termination or arbitrary code execution.
DocGo data breach
DocGo, a healthcare provider that offers mobile health and ambulance services, has informed the SEC that a threat actor obtained data from its systems. The company’s investigation so far has shown that only a limited number of healthcare records within its ambulance transportation business were compromised. DocGo said no other business lines were impacted.
New EU cyber rules for electricity providers
The Wall Street Journal reported that electricity providers in the European Union will soon have to perform cybersecurity risk assessments for regulators and disclose incidents. The goal is to prevent hacker attacks from causing blackouts in multiple countries.
European Parliament data breach
As part of preparations made for the upcoming elections, the European Parliament discovered recently that an external recruitment application was breached in early 2024. The compromised application stored sensitive information related to roughly 8,000 candidates for temporary positions. The origin of the attack remains unknown.
2024 report on the cybersecurity posture of the United States
The White House this week announced the Office of the National Cyber Director’s 2024 Report on the Cybersecurity Posture of the United States, a first-of-its-kind report that provides updates on how the nation is addressing cyberspace challenges and opportunities.
Kaspersky accused of helping develop AI for Russian spy drones
InformNapalm, an outfit that claims to ‘expose secrets of the Russian hybrid war’, has accused cybersecurity firm Kaspersky of working with another Russian company on developing AI that Russia is using for spy drones deployed in Ukraine. In response, Kaspersky said it only worked with the company at a lab level rather than on a final product, and described InformNapalm’s article as containing factual inaccuracies and speculations.
Secure by design guidance on choosing secure and verifiable technologies
Cybersecurity agencies in the US, Canada, UK, Australia and New Zealand have released joint Secure by Design guidance on choosing secure and verifiable technologies. The guidance aims to provide organizations with secure by design considerations when procuring digital products and services.
Related: In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO
Related: In Other News: Locked Shields 2024, Data Exposure Bugs, NVIDIA Patches
