Information Security News 10-21-2024

Chinese Researchers Break RSA Encryption with a Quantum Computer

Article Link: https://www.csoonline.com/article/3562701/chinese-researchers-break-rsa-encryption-with-a-quantum-computer.html

• Chinese researchers used D-Wave’s quantum computers to crack certain versions of RSA encryption algorithms, showing that quantum machines could break widely-used cryptography much sooner than expected. Specifically, the researchers were able to successfully factor a 22-bit RSA integer.
• The study highlighted how quantum computing can make it easier to attack encryption methods like AES and RSA, raising big concerns for the information security industry.
• Companies need to move quickly to adopt quantum-safe encryption, as hackers might steal encrypted data now to decrypt it later with more advanced quantum tools.
• Experts warn that with quantum computing evolving fast, businesses must rethink their encryption strategies to protect sensitive data before it is too late.

AT&T, Verizon, Lumen Executives Hear from Lawmakers About Reported China Hacks

Article Link: https://therecord.media/salt-typhoon-reported-hack-telecoms-house-committee-questions

• Chinese hackers, known as Salt Typhoon, reportedly broke into the AT&T, Verizon, and Lumen networks, possibly exposing sensitive law enforcement wiretap data. As a result, U.S. Congress required briefings from each organization on October 18th regarding the incidents.
• Lawmakers are worried about the growing number of cyberattacks and stressed the need for better security in the U.S. telecom systems to fend off advanced foreign threats.
• Likewise, legislators are asking the companies when they found out about the breaches, who they told, and what data might have been exposed. There’s also a big push for stronger information security measures.
• Senator Ron Wyden (D-OR), a member of the Senate Intelligence Committee, is pushing for updated federal information security rules, including tougher penalties for telecom providers that do not meet security standards, to better protect people’s data, for example.

Student Was Punished for Using AI – Then Sued Teacher and Administrators

Article Link: https://arstechnica.com/tech-policy/2024/10/student-was-punished-for-using-ai-then-his-parents-sued-teacher-and-administrators/

• A Massachusetts family is suing a school after their son was punished for using AI to help with an AP project, arguing the school had no rule against AI. The lawsuit claims the punishment hurt his grades and college prospects.
• The school argues the student used AI without citing it, which they say violated their academic integrity policy. While AI isn’t directly mentioned in the handbook, the school points to rules against unauthorized technology use and plagiarism. The school also allegedly provided students with a written AI use policy that outlined the acceptable use of AI within an academic setting.
• The lawsuit highlights the lack of clear policies on AI in schools and demands the student’s grade be restored, records cleared, and staff trained on AI use in education.
• The student was eventually reinstated to the National Honor Society, but the family claims the damage to his college applications was already done.

SOC Teams: Threat Detection Tools Are Stifling Us

Article Link: https://www.darkreading.com/vulnerabilities-threats/soc-teams-threat-detection-tools-stifling

• A Vectra AI survey of over 500 cybersecurity professionals revealed the Security Operations Center (SOC) teams are overwhelmed by an average of 3,832 security alerts daily, with 62% of alerts ignored and 71% of SOC staff worrying weekly about missing real threats buried in false positives, leading to burnout and frustration.
• More than 50% of respondents said their tools increase workloads rather than reduce them, with many believing vendors intentionally flood them with alerts to cover liability, creating distrust in security software.
• AI is emerging as a solution, with 67% of SOC teams reporting improved threat detection and 73% experiencing reduced burnout after adopting AI-powered tools that better consolidate and prioritize alerts.
• Nearly 90% of surveyed SOCs are increasing their AI investments, aiming to replace outdated tools with AI-driven solutions that reduce alert fatigue and enhance security efficiency.
• Link to Vectra’s Survey: https://www.vectra.ai/about/news/research-reveals-growing-distrust-for-threat-detection-tools-as-soc-teams-struggle-to-identify-real-attacks

Looking at Security Challenges Through the Lens of Different Roles

Article Link: https://www.securityweek.com/looking-at-security-challenges-through-the-lens-of-different-roles/

• In 2024, CISOs are now faced with AI-driven attacks, new regulations, global risk, and handling more cyber threats than ever, making threat intelligence and AI governance critical for resilience.
• Regulations like the Security and Exchange Commission’s (SEC) disclosure rule and the EU AI Act push for companies to focus on compliance and operational resilience through automation.
• Automation helps security teams manage risks, although CISOs still emphasize human oversight while other roles prioritize efficiency, compliance, and threat intelligence.
• As human error is predicted by Forrester to cause 90% of breaches in 2025, role-specific security training is key to shrinking risks and preventing future incidents.

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms

Article Link: https://thehackernews.com/2024/10/cybercriminals-use-unicode-to-hide.html

• Cybercriminals are using Unicode obfuscation to hide credit card skimmers like the “Mongolian Skimmer,” which steals payment information from e-commerce checkout and admin pages by targeting vulnerable Magento and Opencart sites.
• The skimmer’s use of invisible Unicode characters in JavaScript makes the code difficult for humans to read, while advanced event-handling techniques let it run only when users interact with the page, helping it stay hidden.
• A unique aspect of this campaign is the malware’s ability to activate only when a user interacts with the page, helping it evade detection and reduce system performance issues, further complicating its identification.
• Organizations using e-commerce platforms should double-check their site configurations and make sure they are patched against vulnerabilities, while using stronger tools to catch these hidden scripts before they cause damage.

Majority of Global CISOs Want to Split Roles as Regulatory Burdens Grow

Article Link: https://www.cybersecuritydive.com/news/global-cisos-want-split-roles-regulatory/729871/

• A survey by Trellix and Vanson Bourne found that over 80% of the 500 CISOs polled from around the world think their job should be split into two roles, one for handling security and another for dealing with growing regulatory pressures, like those from the Security and Exchange Commission (SEC).
• CISOs are feeling the heat, with many now meeting their boards weekly and facing increased personal liability due to stricter rules, as seen in the SEC’s case against SolarWinds’ CISO, Timothy Brown.
• The survey also shows 90% of CISOs believe their role is being reshaped by new regulations, and 80% say the workload needed to keep up with compliance is becoming impossible to manage.
• While some experts think splitting the job might reflect poor risk management, most CISOs say juggling both security and regulatory demands is no longer feasible.
• Link to Trellix’s Survey: https://www.trellix.com/solutions/mind-of-the-ciso-crossroads/

Despite Massive Security Spending, 44% of CISOs Fail to Detect Breaches

Article Link: https://www.helpnetsecurity.com/2024/10/18/cisos-security-tools/

• Despite $215 billion in security spending, 44% of CISOs could not detect breaches in 2024, based on a survey of 234 global CISOs in Gigamon’s report: CISO Insights: Closing the Cybersecurity Preparedness.
• 81% of CISOs say better visibility into data-in-motion-, especially encrypted traffic, is instrumental for cloud security since this is where the majority of malware hides.
• CISOs are overwhelmed by too many tools, and 60% are looking to streamline and consolidate their security tools, while 46% are turning to AI to help fill the gaps in visibility and manage growing threats.
• Boards are paying more attention to deep observability, with 81% of CISOs saying it’s a top priority for securing cloud environments, which is driving security budget decisions for 2025.
• Link to Gigamon’s Survey: https://www.gigamon.com/company/news-and-events/newsroom/survey-reveals-ciso-priorities-for-2025.html

US Disables Anonymous Sudan Infrastructure Linked to DDoS Attack Spree

Article Link: https://www.cybersecuritydive.com/news/us-disrupts-anonymous-sudan-ddos/730104/

• U.S. authorities charged two Sudanese nationals from Anonymous Sudan for running DDoS attacks, including a big 2023 hit on Microsoft, and took down the tool they used in over 35,000 attacks worldwide.
• The FBI shut down the group’s attack platform, which targeted major organizations like the U.S. State Department, Department of Defense (DoD), Microsoft, and Cedars-Sinai Medical Center.
• Since early 2023, the group’s tool was used in attacks around the world, even selling it to others, with one attack in 2024 forcing Cedars-Sinai to reroute patients.