Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.
The Good News
This week’s good news includes Morocco detaining a French national allegedly involved in cybercrime, Singapore formally establishing a cyber defense unit, the release of a security update by Nvidia for unsupported versions of Windows 7 and 8.1, Cisco fixing severe RCE flaw in VPN routers, and much more.
- A police source notified AFP that Morocco had arrested a 21-year-old French national sought by the US for allegedly participating in cybercrime.
- Two Bills in Singapore have been amended, paving the way for the creation of a new digital intelligence unit inside the nation’s armed forces.
- GeForce Security Update Drivers for Windows 7, 8, and 8.1 were made available by Nvidia. Only security-related modifications are included in the release’s version 473.81; no new features or enhancements to games or other apps are included.
- Small Business VPN routers had severe security flaws that allowed remote, unauthenticated attackers to execute arbitrary code or instructions and cause denial of service (DoS) circumstances. Cisco has now patched these issues.
- Kaspersky executives revealed that their team had fixed a flaw in the Kaspersky VPN Secure Connection that might have allowed an authorized attacker to delete any file on the device.
The Bad News
This week’s bad news includes around 3,200 apps were found to be leaking Twitter API keys, Taiwanese websites facing DDoS attacks, German semiconductor manufacturer being attacked by LV ransomware, Russian organizations being targeted via Woody RAT malware, Phishers exploiting unprotected Amex, Snapchat sites, DHS warning about vulnerabilities in Emergency Alert System, and much more.
- Cybersecurity researchers discovered 3,207 mobile apps making Twitter API keys available to the public, potentially enabling threat actors to take over users’ associated Twitter accounts.
- The Windows Defender command-line tool had been used fraudulently by a threat actor linked to the LockBit 3.0 ransomware-as-a-service (RaaS) operation to decode and load Cobalt Strike payloads.
- Right before House Speaker Nancy Pelosi arrived in Taiwan, several small hacks caused intermittent disruptions on important Taiwanese websites.
- Imran Khan, a former Pakistani prime minister and legendary cricketer, had his official Instagram account hacked to spread false information about an Elon Musk crypto giveaway for $100 million.
- German power electronics maker Semikron admitted that a ransomware attack by LV ransomware caused some of its networks to be encrypted. The perpetrators stole data from their system.
- During a “chaotic” attack on cryptocurrency provider Nomad on Monday night and into Tuesday morning, hackers stole about $200 million in digital money from the business in a matter of hours.
- A new variant of a widespread phishing campaign that employs adversary-in-the-middle (AiTM) strategies as well as several evasion techniques was identified by ThreatLabz.
- The science ministry of Spain disclosed that its top scientific research organization was the victim of a cyberattack that national officials believe originated in Russia.
- Unknown attackers are using Woody RAT malware to target Russian entities. It allows for remote control and data theft from affected workstations.
- From mid-May to late July, cybersecurity researchers discovered many instances of spammers using open redirect flaws affecting the American Express and Snapchat domains to send phishing emails.
- Threat actors allegedly attacked an unidentified firm in the research and technical services industry using a never-before-seen backdoor by taking advantage of a security hole in an obsolete Atlassian Confluence server.
- Up to 29 distinct DrayTek router models were found to be vulnerable to a new severe, unauthenticated remote code execution flaw. When exploited, it may result in the complete compromise of the devices and unauthorized access to the larger network.
- The Department of Homeland Security (DHS) warned that severe security holes might let hackers exploit unpatched Emergency Alert System (EAS) encoder/decoder equipment and send false emergency alerts across TV and radio networks.