Major Incidents and Attacks:

  • GOFFEE continues to attack organizations in Russia: Kaspersky researchers analyze GOFFEE’s campaign in H2 2024, with updated infection scheme, new PowerModul implant, and switch to a binary Mythic agent.
  • Russian Threat Actor Launches Spear-Phishing Campaign Against Ukrainians: The Russian threat actor Gamaredon targets Ukrainians with spear-phishing documents related to troop movements.

Vulnerabilities and Exploits:

  • OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation: A high-severity security flaw impacting OttoKit has been under active exploitation within hours of public disclosure.
  • Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes: Cybersecurity researchers detail an incomplete patch for a security flaw impacting the NVIDIA Container Toolkit.
  • Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses: Threat actors upload malicious packages to the npm registry to tamper with legitimate libraries and execute malicious code.

Industry Developments:

  • Zero-Day in CentreStack File Sharing Platform Under Attack: A critical deserialization flaw in Gladinet’s platform is under attack, impacting managed service providers and their customers.
  • AuthZEN Aims to Harmonize Fractured Authorization Controls: An open specification aims to manage permissions and authorizations across multiple cloud services.
  • Ping Identity Doubles Down on Partner Strategy with New Partner Program and Advisory Board: Ping Identity reveals a new partner program and advisory board to enhance its partner strategy.

Regulatory and Policy News:

  • US to sign Pall Mall pact aimed at countering spyware abuses: The U.S. plans to sign an international agreement to govern the use of commercial spyware.
  • Oregon’s environmental agency shuts down network after cyberattack: Oregon’s Department of Environmental Quality experiences a cyberattack, disrupting services like vehicle inspections.

These incidents and developments highlight ongoing threats from threat actors targeting organizations with sophisticated attacks and the importance of addressing vulnerabilities to enhance cybersecurity measures. The regulatory and policy news also underlines the need for international cooperation to combat cyber threats effectively.