SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Analysis of Mac malware used by North Korean hackers
Apple security expert Patrick Wardle has conducted an analysis of BeaverTail, a piece of macOS malware linked to North Korean threat actors. The malware has been distributed as a trojanized version of the MiroTalk communications app.
Cybercriminals arrested by Ukrainian police
Cybercriminals allegedly responsible for stealing money from the bank accounts of industrial organizations in Ukraine have been arrested. According to Ukrainian police, the hackers installed malware on employee devices. Two members of the group reportedly kidnapped a third member to steal his share of the loot.
Threats to 2024 Summer Olympics
Fortinet and ZeroFox have published reports focusing on the cyber and phyiscal threats to the upcoming 2024 Summer Olympics. The Olympic Games in Paris face cyber threats and risks such as Russian interference, vulnerable mobile applications, malicious emails targeting volunteers, exposed credentials, hacktivist attacks, and phishing attacks.
Senators want information from AT&T and Snowflake on recent incidents
Two senators have sent letters to AT&T and Snowflake requesting information on the recent incidents. AT&T revealed recently that it had suffered a data breach affecting nearly all of its wireless customers. The company’s data was reportedly stolen from Snowflake.
$230 million stolen from crypto platform WazirX
Indian cryptocurrency platform WazirX said $230 million worth of funds were stolen from a wallet as a result of a cyberattack. The company is now working on recovering the stolen cryptocurrency.
Operation Spincaster aims to prevent crypto Scams
Blockchain analysis firm Chainalysis has announced a new initiative whose goal is to disrupt and prevent losses caused by cryptocurrency scams. For the initiative, named Operation Spincaster, the company has teamed up with law enforcement agencies across six countries, training them on how to identify compromised wallets and prevent scams.
Cybersecurity funding soars in Q2 2024
According to Crunchbase, Q2 2024 was the best quarter for cybersecurity funding since Q1 2022, surging 144% year-over-year. Cyber startups received $4.4 billion in the second quarter, 63% more than in the first quarter.
Texas man sentenced to prison for running DDoS attack service
Scott Raul Esparza, 24, of Texas, was sentenced this week to nine months in prison for running a DDoS attack service named Astrostress between 2019 and 2022. His accomplice pleaded guilty last year and faces up to five years in prison.
FBI used Cellebrite to crack Trump shooter’s phone
Cellebrite, an Israeli company known for providing phone-hacking solutions to government agencies, helped the FBI crack the phone of the man who shot at former President Donald Trump last week. Cellebrite was quickly able to crack the shooter’s Android phone using unreleased technology, according to Bloomberg. However, recently leaked documents showed that Cellebrite is unable to unlock some modern iPhones.
One billion data breach victims in Q2 2024
According to a new report from the Identity Theft Resource Center (ITRC), 732 data breaches were reported in the second quarter of 2024, impacting more than one billion individuals. This represents a 1,170% increase compared to the second quarter of 2023.
Related: In Other News: Apple’s Spyware Warning, CDK Global Ransom Payment, Sibanye Cyberattack
Related: In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity
