In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report – Source: www.securityweek.com

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories:

UK investigating how social media platforms use children’s data

The UK’s Information Commissioner’s Office (ICO) announced that it’s investigating how social media platforms use children’s personal information. Specifically, the agency is looking into how TikTok uses the information of 13-17-year-olds to recommend them content, and how Reddit and Imgur assess the age of children in the UK.

Rubrik security incident 

Cloud data management firm Rubrik revealed recently that it had detected anomalous activity on a server containing log files. An investigation showed that a threat actor accessed a small number of log files. While the incident appears to have been limited to one server and there is no evidence of unauthorized access to customer data or internal code, some of the compromised log files did store “limited access information”, which triggered a key rotation to mitigate any risk. 

Vermillio raises $16 million for AI licensing and protection platform

Vermillio has raised $16 million in Series A funding for its AI licensing and protection platform. The platform enables IP holders to safely engage with gen-AI, providing them control over their data and AI rights. 

Saudi Arabian OT security firm CQR raises $3 million

Saudi Arabian OT security firm CQR (pronounced ‘Secure’) has raised $3 million. CQR provides products that integrate AI-powered threat detection, risk scoring, and automated response mechanisms. Its flagship product is designed to address the complex cybersecurity needs of national infrastructure and industrial giants.

Mass exploitation campaign targeting ISPs in the US, China

Splunk warns of a massive exploitation campaign targeting numerous ISP infrastructure providers on the West Coast in the US and in China. Originating from Eastern Europe, the campaign relies on brute forcing weak credentials for initial access and focuses on deploying information stealer malware and cryptocurrency miners. A masscan tool has been used to target over 4,000 IP addresses, Splunk says.

Cisco addresses vulnerabilities

Cisco has published two new security advisories. One addresses a low-severity issue in Webex for BroadWorks that could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for SIP communication. The second advisory describes a high-severity flaw in Cisco Secure Client for Windows that can allow an authenticated attacker to execute arbitrary code with elevated privileges. 

Rite Aid settles data breach lawsuit

Pharmacy chain Rite Aid has agreed to a $6.8 million settlement to resolve a class action lawsuit related to a data breach that impacted over two million people. Claimants can receive up to $10,000 for losses stemming from the incident. A ransomware group claimed to have stolen 10 Gb of customer information from Rite Aid systems.

ENISA report

The EU cybersecurity agency ENISA has published a report that aims to identify areas for improvement and tracking of progress across NIS2 Directive sectors. The NIS2 Directive is the EU baseline framework for cybersecurity risk management and incident reporting for important entities. ENISA’s NIS360 report looks at the cybersecurity maturity and criticality of NIS2 sectors. 

Cybereason CEO quits

Bloomberg reported that the CEO of cybersecurity firm Cybereason, Eric Gan, has resigned following a boardroom battle with investors. Gan last month sued two major investors, former Treasury Secretary Steven Mnuchin and SoftBank Vision Fund, accusing them of putting the company at risk of bankruptcy by refusing to accept financing proposals. Manish Narula, the company’s CFO, has been reportedly appointed CEO, but Cybereason has yet to make an official announcement on the matter. 

Google discloses details of serious AMD CPU vulnerability

Google researchers have disclosed the details of a recently patched AMD processor vulnerability that could potentially break confidential computing protections. The vulnerability is tracked as CVE-2024-56161 and it has been dubbed EntrySign by the researchers. 

Related: In Other News: Krispy Kreme Breach Cost, Pwn2Own Berlin, Disney Hack Story

Related: In Other News: Black Basta Chats Leaked, New SEC Cyber Unit, DOGE Site Hacked