In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools


SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories: 

USB drive infects hospital’s systems

Check Point provides an in-depth analysis of malware attributed to China-based espionage group Camaro Dragon that infected an European healthcare institution after an employee participated in a conference in Asia. The malware self-propagates through USB drives and landed on the healthcare organization’s systems after the employee’s drive was accidentally infected during the conference.

Political agreement reached on EU cybersecurity regulation

Advertisement. Scroll to continue reading.

A political agreement has been reached between the European Parliament and the Council of the EU regarding proposed cybersecurity rules whose goal is to boost security in EU institutions, bodies, offices and agencies. 

City of Dallas approved $4 million spend to bolster cyber defenses

After being hit by a ransomware attack in May, Dallas City Council this week approved a nearly $4 million contract to help improve cybersecurity and response.

UK, France issue cybersecurity warnings to law firms

Cybersecurity agencies in the UK and France have recently issued warnings to law firms, providing information on the threats they face and the steps they should take to become more resilient. 

NCSC updates risk management toolbox

The UK National Cyber Security Centre has updated its risk management guidance with three entirely new sections, including a cybersecurity risk management framework, a basic risk assessment and management method, and a risk management toolbox that includes five techniques to deal with risk management.

SolarWinds executives targeted by SEC over supply chain hack

Current and former SolarWinds executives have received a Wells notice from the SEC over the 2020 supply chain hack. The Wells notice indicates that the agency plans on bringing legal action against the executives. 

Jscrambler’s free PCI DSS JavaScript Compliance Tool

Jscrambler has released a tool that helps organizations meet requirements outlined by version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS v4.0), which become mandatory in April 2025. The new PCI DSS JavaScript Compliance Tool is free for unlimited use, but a paid version is also available, with additional capabilities. 

Open source tools released by SEC Consult and Trustwave

SEC Consult has released DNS Analyzer, an open source Burp Suite extension for discovering DNS vulnerabilities in web applications. 

Trustwave has released Snappy, an open source tool for detecting rogue and fake 802.11 wireless access points by fingerprinting Beacon Management Frames.

Google Cloud launches GKE Security Posture dashboard 

Google Cloud announced the general availability of its Google Kubernetes Engine (GKE) Security Posture dashboard. The dashboard is designed to help streamline the security management of GKE clusters, providing features such as misconfiguration detection and vulnerability scanning. 

NanoLock, Otorio and TXOne announce new OT security solutions

NanoLock has announced the general availability of its OT Defender product for North American customers. The industrial cybersecurity product is designed to protect the integrity of manufacturing firms and OT assets from unauthorized access and changes.

TXOne Networks announced Stellar, a solution that leverages Cyber-Physical System Detection and Response (CPSDR) to prevent unexpected system changes from impacting operational reliability and availability.

Otorio announced the availability of its Attack Graph Analysis technology, which enables organizations to proactively manage vulnerabilities in their OT infrastructure. 

Grafana patches critical vulnerability 

Open source analytics and monitoring platform Grafana has released patches for a critical vulnerability leading to account takeover and access to sensitive information. Tracked as CVE-2023-3128, the vulnerability leads to authentication bypass when a multi-tenant Azure AD OAuth application is in use. 

Juniper releases out-of-band patches

Juniper Networks has released out-of-band JunosOS updates to patch an internally discovered high-severity vulnerability that can allow an unauthenticated, network-based attacker to cause a DoS condition.  

Mockingjay process injection technique

Security Joes have revealed a new process injection technique that can be used to evade EDR and XDR detection. Called Mockingjay, the technique abuses Windows libraries that have default read-write-execute (RWX) protections to inject code into processes and avoid using Windows APIs that security solutions typically monitor.

Related: In Other News: Microsoft Win32 App Isolation, Tsunami Hits Linux Servers, ChatGPT Credentials Exposed on Dark Web

Related: In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption



Source link