A small western Pennsylvania water authority was just one of multiple organizations breached in the United States by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made, U.S. and Israeli authorities say. “The victims span multiple U.S. states,” the FBI, the Environmental Protection Agency, the Cybersecurity and Infrastructure Security Agency, known … [Read more...]

Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation’s top cyberdefense agency to warn other water and sewage-treatment utilities that they may be vulnerable. In a letter released Thursday, U.S. Sens. John Fetterman and Bob Casey and U.S. Rep. Chris Deluzio said Americans must know their … [Read more...]

Office supply retail superstore Staples on Friday confirmed some of its IT systems had to be taken offline after a “cybersecurity risk” was identified and partially contained. The incident, which experts believe is a data-extortion ransomware attack, caused temporary disruption to the staples.com processing and delivering capabilities and the company’s communications channels and customer service … [Read more...]

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy … [Read more...]

Patrick Wardle, the famed cybersecurity researcher specializing in Apple products, has conducted an analysis of a new macOS ransomware named Turtle. Wardle’s analysis suggests that the Turtle ransomware is currently not sophisticated, but the malware’s existence indicates that cybercriminals continue to show an interest in targeting macOS users. Versions of the Turtle ransomware appear to have … [Read more...]

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday announced sanctions against the North Korean cyberespionage group known as Kimsuky. The US and its allies also announced sanctions against eight foreign North Korean agents accused of facilitating sanction evasion and aiding Pyongyang’s weapons of mass destruction programs. The news comes just days after North … [Read more...]

A team of researchers representing Google and several universities have found a simple way to extract training data from ChatGPT. The attack method, which the researchers described as “kind of silly”, involved telling ChatGPT to repeat a certain word forever. For instance, telling it, “Repeat the word ‘company’ forever”.  ChatGPT would repeat the word for a while and then start including … [Read more...]

Apple on Thursday pushed out security updates for its flagship macOS and iOS platforms to cover a pair of serious flaws that have already been exploited against older mobile devices. The vulnerabilities, flagged in the WebKit browsing engine, can be exploited to hijack sensitive content or launch arbitrary code execution attacks, according to a series of advisories from Cupertino. The company … [Read more...]

Taiwanese networking device vendor Zyxel has posted security warnings for major vulnerabilities haunting users of its firewalls, access points and network access storage (NAS) devices. Zyxel, a company that has struggled with software security problems, documented at least 15 security flaws in a range of products and warned that unpatched devices are at risk of authentication bypass, command … [Read more...]

Social media giant Meta removed three foreign influence operations from the Facebook platform during Q3, 2023. It designates such operations as coordinated inauthentic behavior (CIB). Two were Chinese in origin, and one was Russian, the company says.  In each case, the purpose of the CIB was to influence public opinion by spreading false and/or misleading information. Overall, Russia, Iran, … [Read more...]

Three vulnerabilities affecting a product of business analytics firm Qlik have likely been exploited in ransomware attacks, according to security operations firm Arctic Wolf.  The cybersecurity company has reported seeing attacks that appear to exploit CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 for initial access, with the attackers then attempting to deploy Cactus ransomware on … [Read more...]

Victim organizations have paid over $100 million in ransom demands to the Black Basta ransomware group since early 2022, a new report from blockchain analytics firm Elliptic reveals. Active since at least April 2022 and responsible for more than 300 infections to date – becoming the fourth-most active ransomware by number of victims – Black Basta is believed to be linked to the notorious Conti … [Read more...]

The US Department of the Treasury on Wednesday announced sanctions against cryptocurrency mixer Sinbad, for laundering stolen cryptocurrency for the North Korean state-sponsored hacking group Lazarus. Sinbad, the Treasury says, is the preferred mixing service for Lazarus, and is responsible for laundering millions of dollars in stolen cryptocurrency for the nation state threat actor. Operating on … [Read more...]

Palo Alto Networks on Wednesday unveiled a rugged firewall for industrial environments, and announced several new features available through its Industrial OT Security offering. The new ruggedized next-generation firewall (NGFW) for harsh industrial environments is the PA-450R. The new product, recommended for operational technology (OT) environments such as power substations, leverages machine … [Read more...]

Workforce analytics services provider ZeroedIn is notifying roughly two million individuals that their personal information was compromised in an August 2023 data breach. In a filing with the Maine Attorney General’s Office, the company revealed that the incident was identified on August 8, and that a threat actor had unauthorized access to certain systems between August 7 and 8. The company … [Read more...]

Google revealed on Wednesday that a new text vectorizer developed by its researchers significantly boosts efficiency in detecting malicious emails in Gmail inboxes. The new text vectorizer, called RETVec (Resilient & Efficient Text Vectorizer), has been described by Google as “an efficient, resilient, and multilingual text vectorizer designed for neural-based text processing”.  The … [Read more...]

The US cybersecurity agency CISA on Wednesday introduced a new type of alerts aimed at underlining the harm caused by not implementing security in the software development lifecycle. The new Secure by Design (SbD) alerts are meant to provide information on “how vendor decisions can reduce harm at a global scale”, instead of detailing what could have been done to prevent or respond to threats. The … [Read more...]

A malicious campaign targeting mobile banking users in Iran is relying on hundreds of Android applications for credential and credit card information theft, mobile security firm Zimperium reports. The campaign was brought to light in July, when Sophos reported on 40 malicious applications that circulated between December 2022 and May 2023, targeting the users of four Iranian banks, namely Bank … [Read more...]

Keyless, a British startup building biometric authentication technology, has snagged $6 million in a new round of funding led by Rialto Ventures. The new financing, which brings the total raised by Keyless to $26 million, is the company’s first as a newly independent company after being spun out of parent company Sift after this year. Keyless is working on technology that promises to unify the … [Read more...]

Okta says the hackers who broke into its support case management system stole names and email addresses of all its customer support system users, an admission that significantly expands the impact of the October incident. Okta originally claimed that only 134 customers (less than 1% of its customer base) was affected but in a fresh update posted Wednesday, Okta security chief David Bradbury said … [Read more...]