Make Sure This Week’s Chrome Patches Are Restarted and Completed; Google Says Cloud Threats Mitigated By MFA, Strategies for Patching Kubernetes Faster, and Essential Security Hygiene; Another Spyware Company Exits the “Law Enforcement” Market

Google has released an emergency update for its Chrome desktop browser to fix a vulnerability that is being actively exploited. The type confusion vulnerability in the Chrome V8 JavaScript engine could “allow a remote attacker to potentially exploit heap corruption via a crafted HTML page.”

Read more in

Google’s Cybersecurity Action team has published a new edition of its Cloud Threat Horizons Report. Among the findings: A Chinese state-sponsored hacking group used the Google Command and Control (GC2) red teaming tool in attacks against organizations in Taiwan and Italy. Weak passwords and API compromise are the most frequently used methods of cloud compromise.

Read more in

QuaDream, an Israeli spyware company, is reportedly shutting down operations just days after Citizen Lab and Microsoft released reports detailing the company’s tools and victims. QuaDream’s spyware “framework” was reportedly used against dissidents, NGO workers, and journalists in North America, Asia, Europe, and the Middle East.

Read more in

The US Department of Health and Human Services (HHS) 405(d) Program and the Health Sector Coordinating Council Cybersecurity Working Group (HSCC CWG) have released resources to help healthcare organizations address cybersecurity concerns: the 2023 edition of the Health Industry Cybersecurity Practices (HICP); Knowledge on Demand, an online educational platform that offers free healthcare-focused cybersecurity awareness training; and a report, Hospital Cyber Resiliency Initiative Landscape Analysis.

Read more in

In a new report from CSC 2.0, the successor to the Cyberspace Solarium Commission, says, “The national security components of the space race today include not just weapons systems but also the security of critical infrastructure — much of which relies on global positioning satellites, remote imagery, and advanced communication.” As such, CSC 2.0 says that space systems should be designated as critical infrastructure.

Read more in

The US State Department’s Bureau of Cyberspace and Digital Policy plans to have a diplomat with training in technology at each of its 168 embassies worldwide by the end of 2024. To meet the goal, the State Department is providing training sessions for its diplomats. The project is being overseen by Nate Fick, who is the first US ambassador at large for Cyberspace and Digital Policy.

Read more in

The US Cybersecurity and Infrastructure Security Agency (CISA) has recently added four new vulnerabilities to its Known Exploited Vulnerability (KEV) catalog. The vulnerabilities are a privilege elevation issue in Android Framework; an insecure deserialization vulnerability in Novi Survey; a type confusion vulnerability in the Google Chromium V8 Engine; and a use-after-free vulnerability in macOS. Federal Civilian Executive Branch (FCEB) agencies have mitigation deadlines for these vulnerabilities in early May.

Read more in

NCR says that a ransomware attack against one of its data centers has created problems for some customers of its Aloha point-of-sale (PoS) software platform. Aloha PoS is used in restaurants. Aloha PoS service disruptions began earlier this month; on April 13, NCR determined that the cause was a ransomware attack. The “data center outage … is impacting a limited number of ancillary Aloha applications for a subset of … hospitality customers.”

Read more in

Rheinmetall, an automotive and arms manufacturer based in Dusseldorf, Germany, has disclosed that it experienced a cyberattack that affects its industrial customer division. A company spokesperson said that their defense division was not affected. The incident occurred on Friday, April 14.

Read more in