SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Interpol and Afripol crack down on cybercrime
Authorities arrested 14 suspects and disrupted thousands of suspicious cyber networks as part of Africa Cyber Surge II, a four-month operation across 25 African countries, focused on identifying cybercriminals and compromised infrastructure. Involved in online fraud, malware hosting, and other malicious activities, the cyber networks were linked to financial losses of more than $40 million.
Florida man pleads guilty to role in hacking scheme
Eddly Joseph, 43, of Gainesville, Florida, admitted in court to participating in an India-based hacking scheme to steal $150,000 from an elderly Montana woman. The fraudsters hacked into the woman’s computer, made it look as if it was infected with malware, and told the woman to withdraw the money from her bank accounts and give it to them for ‘safekeeping’.
SentinelOne explores sale
Cybersecurity firm SentinelOne reportedly hired investment bank Qatalyst Partners to provide advice regarding a potential takeover. The company’s shares fell roughly 80% over the past two years and initial expressions of interest were below SentinelOne’s valuation expectations, Reuters reports.
Facebook expands end-to-end encryption in Messenger
Facebook parent company Meta is expanding end-to-end encryption (E2EE) testing in Messenger, in preparation for enabling it by default for all one-to-one friends and family chats by the end of the year. To access default E2EE, users will need to update the application to newer builds, the internet giant announced.
EY analyzes investor cyber disclosures
EY’s analysis of proxy statements and 10‑K filings over the past six years has shown “steady and significant increases in the percentage of disclosures in certain categories of cyber management and oversight.” The report also shows increases in the frequency of management reporting to the board, cybersecurity as a sought for area of expertise, and in the use of external independent advisors.
CISA publishes first VDP Platform report
In its inaugural VDP Platform Annual Report, the US Cybersecurity and Infrastructure Security Agency (CISA) said its VPD platform facilitated the remediation of more than 1,000 vulnerabilities through December 2022, including nearly 200 critical issues.
Power Platform privilege escalation
Secureworks has informed Microsoft about a Power Platform vulnerability that could have allowed an attacker to escalate privileges. Microsoft was informed about the flaw in April and quickly rolled out a patch.
Nvidia driver vulnerability allows guest-to-host escape
Cisco Talos has detailed three Nvidia driver vulnerabilities that can be exploited for a guest-to-host escape. The vulnerabilities have been described as memory corruption issues that can be exploited using specially crafted executable or shader files. Nvidia has released updates that patch the vulnerabilities.
Critical vulnerabilities in Jupiter X Core WordPress plugin
Patchstack has shared details on two critical-severity vulnerabilities in the Jupiter X Core premium plugin for WordPress. Tracked as CVE-2023-38388 and CVE-2023-38389, they are described as unauthenticated arbitrary file upload and unauthenticated account takeover issues addressed in Jupiter X Core versions 3.3.8 and 3.4.3, respectively.
WinRAR RCE vulnerability
Details were published on a high-severity WinRAR vulnerability (CVE-2023-40477) that can be exploited by remote attackers to execute arbitrary code using specially crafted archive files. The bug was resolved in WinRAR 6.23 in early August along with a zero-day vulnerability (CVE-2023-38831) exploited since at least April 2023 in attacks targeting traders.
Unpatched macOS App Management vulnerability
A researcher has discovered a macOS App Management vulnerability that a malicious application downloaded from the internet can exploit to modify notarized apps. The vulnerability was reported to Apple in October 2022, but the researcher said it remains unpatched. He regrets participating in Apple’s bug bounty program, describing it as a “giant, frustrating waste of time”.
Related: In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities
Related: In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets