SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories:  

Russian APT tool matrix 

A security researcher has published a Russian APT tool matrix, which shows what tools are used by known Russian threat groups. The resource can help defenders detect, block and hunt for attacks. The list of tools includes Mimikatz, Impacket, PsExec, Metasploit and ReGeor. 

Telegram to share information with law enforcement

After its founder was arrested by French authorities over the use of the platform for illegal activities, Telegram said it will hand over users’ IP addresses and phone numbers to law enforcement. The move is meant to discourage criminals.

Zoom unveils enterprise offerings to boost security and compliance

Zoom has announced several new add-on products and functionalities for its enterprise offering to boost — among other things — security and compliance. For communications compliance, the company announced archiving, data loss prevention, information barrier and chat etiquette solutions. It also announced new tools to help meet data residency and privacy compliance requirements. In terms of security and access control, it announced encryption and virtual desktop infrastructure offerings for enhanced protection for data at rest and in transit.

New tool for Greedy Coordinate Gradient attacks on AI chatbots

Bishop Fox has published a blog post explaining ‘greedy coordinate gradient’ (GCG) attacks, which can be used to bypass restrictions placed on large language models (LLMs), basically tricking AI chatbots into misbehaving. The company has also introduced an automated tool named Broken Hill which generates crafted prompts that bypass LLM restrictions. 

China doxes Taiwan hacking group

The Chinese government has published a blog post on a Taiwanese hacking group named Anonymous 64, making public the alleged identities of the group’s members. China claims the group, which has been targeting China, Hong Kong and Macao with anti-China propaganda, is backed by the government of Taiwan. Taiwan has denied the accusations. 

US and allies counter commercial spyware

The US and its allies are preparing new actions aimed at countering the proliferation and misuse of commercial spyware. The announcement was made following a series of sanctions and other measures targeting companies offering these types of solutions. 

Nigerian gets prison sentence in the US for selling stolen information on the dark web

A Nigerian citizen who was extradited from the UK to the US has been sentenced to prison for selling stolen financial information belonging to tens of thousands of individuals on the dark web. Simon Kaura was sentenced to five years in prison without parole. Authorities said his crimes resulted in an intended loss exceeding $6 million.

China’s Salt Typhoon hackers target US ISPs

A hacker group named Salt Typhoon, which has been linked to the Chinese government, has breached into the systems of a handful of internet service providers (ISPs) in the US. The attackers were looking for sensitive information, The Wall Street Journal learned from people familiar with the matter. Investigators are trying to determine whether the hackers gained access to Cisco routers. Microsoft has also launched a probe to determine what information may have been accessed. 

Critical vulnerabilities in HPE Aruba Networking APs

HPE Aruba Networking has released AOS patches to address several critical vulnerabilities in its access points. The vulnerabilities can be exploited for unauthenticated remote code execution on the underlying operating system using specially crafted PAPI packets. 

US lawmakers introduce new healthcare bill
Following a wave of attacks on hospitals and other healthcare organizations, senators Ron Wyden (D-Ore) and Mark Warner (D-Va) have introduced a bill whose goal is to set strong cybersecurity standards for the healthcare system. The Health Infrastructure Security and Accountability Act would require the Department of Health and Human Services to develop and enforce a set of minimum cybersecurity standards. It would also remove the existing cap on fines under the Health Insurance Portability and Accountability Act, and provide funding for hospitals to improve their cybersecurity.

Related: In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit

Related: In Other News: Disney Ditches Slack, Binance Malware Warning, Defense Conference Targeted