CybersecurityHQ News Roundup - December 18, 2024

News By Daniel Michan Published on December 18, 2024


Bureau Raises $30M to Tackle Deepfakes, Payment Fraud

San Francisco-based Bureau secured $30M in Series B funding led by Sorenson Capital, with participation from PayPal Ventures and others. The risk intelligence platform combats payment fraud, deepfake identities, and account takeovers by leveraging a proprietary identity graph containing over 500M records. Plans include R&D investment and international expansion. Read more on TechCrunch.

Recorded Future Tagged as ‘Undesirable’ in Russia

Russia has declared Recorded Future "undesirable," citing alleged involvement in supporting Ukraine's cyber operations. This designation bars the company from business in Russia. The announcement comes as Mastercard finalizes its $2.6B acquisition of the threat intelligence firm. Details at Reuters.

CISA Issues Binding Operational Directive for Cloud Security

CISA's new directive (BOD 25-01) mandates U.S. federal agencies secure cloud configurations by 2025, leveraging Secure Cloud Business Applications (SCuBA) baselines. Agencies must inventory cloud tenants and align with strict security protocols. Explore the directive on CISA.

BeyondTrust Patches Critical Vulnerability Amid Security Incident

BeyondTrust patched CVE-2024-12356, a critical flaw in its PRA and RS tools, after identifying it during a customer security incident probe. Affected users are urged to apply updates to prevent command injection attacks. Full story on SecurityWeek.

Exploitation of Apache Struts 2 Vulnerability Begins

Threat actors are exploiting CVE-2024-53677, a severe Apache Struts 2 flaw, enabling remote code execution via malicious file uploads. Users are advised to update to version 6.4.0 and implement the new upload mechanism to mitigate risks. More on ZDNet.

AI Regulation Heats Up for 2025 Compliance

The EU AI Act begins implementation in February 2025, introducing phased compliance requirements with penalties up to €35M or 7% of global revenue. Organizations must prioritize AI governance and risk management to stay ahead of global regulatory trends. Insights at Forbes.

Cisco Data Leaked After Configuration Error

Hackers leaked 2.9GB of Cisco data from a misconfigured public DevHub. Files include source code and certificates. While Cisco denies a broader breach, security experts warn of exploitation risks. Details at The Verge.

HubPhish Campaign Exploits HubSpot Tools for Credential Theft

Hackers leveraged HubSpot forms in a phishing campaign targeting 20,000 European users, aiming to harvest Microsoft Azure credentials. The campaign highlights the importance of securing third-party tools. Analysis on The Hacker News.

APT29 Hackers Use Rogue RDP in Sophisticated Attacks

Russia-linked APT29 exploited RDP configurations via PyRDP tools, targeting high-profile victims. This innovative approach bypasses traditional detection methods, emphasizing the need for robust RDP monitoring. Full report on Trend Micro.

INTERPOL Rebrands 'Pig Butchering' as 'Romance Baiting'

INTERPOL advocates replacing the term "pig butchering" with "romance baiting" to reduce stigma and encourage victim reporting. The scam involves fake cryptocurrency investments under romantic pretenses. Learn more at Sophos.

U.S. Considers Ban on TP-Link Routers Over Security Concerns

The U.S. government is investigating TP-Link for cybersecurity risks, including botnet involvement. With a 65% market share in SOHO routers, a potential ban could disrupt the market. Read more on WSJ.

Google Warns Gmail Users of New Phishing Wave

Google has flagged a second wave of phishing attacks targeting Gmail users, including extortion and fake invoice scams. Enhanced AI defenses are blocking 99.9% of threats, but users must stay vigilant. Google blog.

Concordia, UNDP Launch Cybersecurity Initiative in Africa

Concordia University, in collaboration with UNDP and Give1Project, has launched a cybersecurity initiative in West and Central Africa. The initiative promotes mutual learning and strengthens cybersecurity capabilities. Learn more at Concordia.

IBM’s Cloud Threat Report: AI-Driven Attacks Still Rare

IBM X-Force's report reveals AI-driven attacks on cloud platforms remain low-risk for now but warns of a potential surge as adoption grows. Organizations should proactively secure AI deployments. Read IBM’s findings.

AI, 5G, and Quantum Risks Explored in New Book

Cybersecurity expert Chuck Brooks’ book, Inside Cyber, delves into the dual-edged nature of AI, 5G, and quantum computing. Brooks stresses preparing for "Q Day" to mitigate quantum cryptography threats. More at Forbes.

China Accuses U.S. of Cyberattacks on Tech Firms

China's CNCERT/CC alleges two U.S.-led cyberattacks since 2023 targeted high-tech firms, stealing trade secrets. The claims reflect ongoing tensions over cybersecurity accusations between the nations. Coverage at Reuters.

LastPass Hackers Steal $5M in Crypto, New Report Claims

Hackers reportedly stole $5M in cryptocurrency using credentials from the 2022 LastPass breach. Investigations continue, but LastPass denies conclusive links between the breach and recent thefts. Details at Forbes.

Drone Swarm Tech Sparks Cybersecurity Concerns

Increased drone swarm sightings have prompted calls for advanced detection and mitigation technology. Experts emphasize preparedness for potential malicious drone uses as accessibility grows. Insights from Northeastern.

Cybersecurity Pros’ Mental Health Under Pressure

A new survey highlights widespread stress among cybersecurity professionals, with 70% citing "negative emotions" linked to workplace challenges. Experts urge better mental health support and organizational investment. Read the full report.

Instil Expands Cybersecurity Operations Post-Acquisition

Belfast’s Instil plans to double its cybersecurity workforce after acquiring Vertical Structure. The move aims to scale services and meet growing global demand for cybersecurity expertise. Details at Silicon Republic.