SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
IBM says average cost of data breach reached $4.45 million
IBM has published its 2023 Cost of a Data Breach Report. The tech giant says the global average cost of a data breach reached a record $4.45 million in 2023, with detection and escalation costs increasing 42% over the past three years.
CISA releases Risk and Vulnerability Assessment report for 2022
CISA has released its Risk and Vulnerability Assessment report for fiscal year 2022 (PDF), concluding that threat actors still often rely on phishing and default credentials to conduct successful cyberattacks. The data comes from assessments conducted by the agency at various government and critical infrastructure organizations.
Vulnerability in D-Link Wi-Fi USB adapter
Users have been informed that the software driver for the D-Link DWA-117 AC600 MU-MIMO Wi-Fi USB adapter is affected by a vulnerability that can be exploited for local privilege escalation. D-Link has released a patch that should address the flaw.
Vulnerabilities found in the Ninja Forms WordPress plugin
WordPress security firm Patchstack warns that the Ninja Forms plugin, which has over 900,000 active installations, is affected by several vulnerabilities, including ones that can allow unauthenticated attackers to obtain sensitive information and achieve privilege escalation on a targeted WordPress website.
Jenkins security updates
Developers of the popular open source automation server Jenkins have patched several vulnerabilities, including a high-severity XSS flaw that can allow an attacker to control build log contents.
Russian hackers target diplomatic entities with GraphicalProton malware
Starting in January 2023, Russia-linked APT actor BlueBravo (also tracked as APT29 and Midnight Blizzard) has been observed using three new malware families in attacks targeting diplomatic and foreign policy institutions in Eastern Europe. Recorded Future provides a technical analysis (PDF) of the malware — called GraphicalNeutrino, QuarterRig, and GraphicalProton — and of the tactics, techniques, and procedures (TTPs) used in the observed attacks.
North Korean hackers compromise JumpCloud customer
Mandiant has provided technical details on the compromise of a US-based software solutions provider as result of the recent JumpCloud cyberattack. Highly-targeted, the sophisticated attack led to the compromise of five JumpCloud customers. Mandiant attributes the attack to UNC4899, a North Korean threat actor focused on cryptocurrency theft.
Google rolls out unknown tracker alerts on Android
Google has started rolling out unknown tracker alerts on Android, a new way to protect users from unwanted Bluetooth tracking. Users will be notified when an unknown Bluetooth tracker separated from its owner is traveling with them and will have the option to learn more on the respective tracker. Users will also be able to manually scan their surroundings for trackers.
Adaptive Shield receives $10 million in funding
SaaS applications security provider Adaptive Shield has received $10 million in funding from Blackstone Innovations Investments, which brings the total investment in the company to $44 million. The new funding will help Adaptive Shield continue expansion and keep up with emerging threats.