Welcome reader to your CybersecurityHQ report.

Headlines

More than four million customers of 23andMe, one of the most popular genetic testing services, have had their data leaked — the result of an attack by the hacker Golem. The entries in the data include name, sex, age, location, ancestry markers, yDNA and mtDNA haplogroups, among others. Golem claims to still have millions more.

23andMe claims that they’ve sold more than 12 million DNA test kits in total, meaning this leak represents an enormous portion of their customers. As a result of the news, their stock has plummeted — losing 10% share price in a single day and falling more than 60% off the start of the year.

21-year-old computer science student Luke Farritor used artificial intelligence to crack an ancient code, winning him $40,000 in prize money. Using CT scan technology and a machine-learning algorithm, Farritor deciphered the first word, "porphyras" (meaning "purple" in ancient Greek), from a carbonized Roman scroll preserved since the Vesuvius eruption in 79 AD.

It was part of the Vesuvius Challenge, a 2023 contest from the University of Kentucky rewarding AI-driven decryptions of these ancient texts. Shortly after, biorobotics researcher Youssef Nader identified the same word, securing the second-place prize of $10,000. The grand prize of $700,000 awaits anyone who can read four 140-character passages.

The Symantec Threat Hunter team released a report on Thursday detailing a new Iran-linked campaign that targeted an unnamed Middle Eastern government from February to September 2023. This eight-month-long attack resulted in the theft of files and passwords, and it deployed a PowerShell backdoor called Power Exchange.

Tracked under the name Crambus, the attack monitored emails and allowed the threat actors to execute arbitrary PowerShell commands, write files, and even steal files. Symantec elaborated that, "Crambus is a long-running and experienced espionage group that has extensive expertise in carrying out long campaigns aimed at targets of interest to Iran… its activities over the past two years demonstrate that it represents a continuing threat for organizations in the Middle East and further afield."

Interesting Read

In a recent article for ZDNet, Eileen Yu covers the recent international discussion on multilateral relations in cybersecurity arising out of the Singapore International Cyber Week conference. Global digitalization drives economic growth, powering 15% of the global GDP, according to the World Bank. Naturally, concerns about cyber threats rise along with it.

At the conference, Singapore’s deputy prime minister, Heng Swee Kiat, emphasized the need for international cooperation. Yet he also noted that geopolitical events, like US-China competition and conflicts in Ukraine and Gaza, have hindered technology collaboration. Meanwhile, visiting thought leaders and decision-makers from Poland, Saudi Arabia, and the US expanded on this vision with their own insights.

Cybersecurity Career Opportunities

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team