The Department of Justice announced that the Russian national behind the malware tool Trickbot, used to launch ransomware attacks on American hospitals, pleaded guilty to his role in the malware tool’s development.
Trickbot was used to facilitate ransomware attacks on a string of American hospitals and health systems, disrupting care delivery and risking patient safety.
A joint advisory by the Federal Bureau of Investigation (FBI), the Environmental Protection Agency, and the Cybersecurity Infrastructure and Security Agency (CISA) announced the Iranian-based threat actor group “Cyber Av3ngers” compromised over 200 internet-connected devices in the US.
Suspected to be anti-Israeli by motive, the “Cyber Av3ngers” group was behind the Pennsylvania Water Authority hacks, disrupting an industrial control device that was made in Israel.
To improve cybersecurity readiness, the U.S. Navy launched its first cybersecurity strategy.
The 14-page Navy cyber strategy outlined cybersecurity as a core competency in modern warfare and highlighted the importance of protecting the information environment.
General Electric (GE) recognized the data theft from threat actor IntelBroker pertaining to a project involving the Defence Advanced Research Projects Agency, sparking national security concerns.
The GE Spokesperson commented on the data theft, saying they are thoroughly investigating the claims, will work on further protecting the integrity of their security systems, and that business operations will not be affected.
According to Truecaller, US consumers were faced with two billion spam calls per month.
Truecaller’s Monthly US Spam and Scam Report also unveiled that around 195 million hours were wasted by answering these scam calls. The goal of these scam calls is to carry out credit card fraud, identity theft, and sensitive data collection.
The Municipal Water Authority of Aliquippa reported a cyberattack that shut down their water pressure technology, to the U.S. Department of Homeland Security this past weekend.
According to the U.S. Department of Homeland Security, the unassuming cyberattack may come with serious international implications, with the attack suspected to come from an anti-Israeli Iranian threat actor group labeled as “Cyber Av3ngers”. This nation-state cyberattack is not the first to disrupt critical water infrastructure.
The UK’s National Cyber Security Center (NCSC), in partnership with the US’s Cybersecurity and Infrastructure Security Agency (CISA) launched the ‘Guidelines for Secure AI System Development’.
The guidelines are set to secure AI system development, to help developers make informed cybersecurity decisions at every step of the AI development process. These AI guidelines were also co-signed in cooperation with 21 other international agencies and ministries from across the world.
The European Union’s Cybersecurity Agency (ENISA) is studying the possibility of broadening the proposed cybersecurity labeling rules that may affect big tech operating in Europe.
The proposed EU certification scheme (EUCS) vouches for further cybersecurity measures of cloud services, ensuring companies in the bloc select an EU-based certified cybersecurity vendor for their business.
Arkose Labs reported a 167% rise in malicious bot attacks for the first half of 2023.
The Arkose Labs report focused on bots also stated that 73% of all website and app traffic measured comprised of malicious bots in order to initiate attack types such as SMS toll fraud, web scraping, card testing, and credential stuffing.
In preparation for the 2024 elections, the European Parliament’s services, the European Commission, and the EU Agency for Cybersecurity conducted a cybersecurity exercise. The drill, held in the European Parliament, involved national and EU partners testing crisis plans and responses to potential cybersecurity incidents. Representatives from electoral and cybersecurity authorities participated, aiming to enhance their capacity to address cybersecurity issues and update protocols for securing election technology.
The exercise addressed risks such as information manipulation and cyber-attacks, crucial for safeguarding the integrity of the upcoming European Parliament election scheduled for June 6-9, 2024.
LivaNova reported a cyber attack to the SEC, resulting in disruption of the company’s operations.
The MedTech company is now in the process of executing its incident response plan and placed some of its systems offline to minimize the damages of the attack.
In a startling revelation, Vikas Singla, the former COO of cybersecurity firm Securolytics, confessed to hacking two Georgia hospitals in June 2021 to enhance the company’s profile. Singla disrupted services at Gwinnett Medical Center hospitals, stealing patient data and publicizing the breach on Twitter.
Facing 17 counts of computer damage and one count of information theft, Vikas Singla agreed to pay over $817,000 in restitution. Due to health issues, prosecutors recommended 57 months of probation, raising concerns about cyber threats jeopardizing public safety and healthcare data.
Samsung notified its customers in the UK that a recent data breach potentially exposed customer data, stemming from a third-party business application vulnerability.
Samsung UK further stated that the data affected only covers customers that purchased Samsung items in the UK online store, and ensured customers that the breach does not include passwords or financial data.
Ransomware gang, ALPHV/BlackCat has reported MeridianLink to the SEC, for not disclosing cyber attack.
ALPHV/BlackCat informed the SEC that MeridianLink did not disclose details of the attack, which could potentially affect the data of the publicly traded company’s thousands of financial organizations, banks, credit unions, and mortgage lenders. The lack of cyber compliance from MeridianLink breaks the SEC’s rule of disclosing cyber attacks within 4 days of the attack occurring to the agency.
ThreatX revealed in their latest research that 97% of consumers expect more cyberattacks this coming year.
The ThreatX research also indicates that 69% of consumers predict these cyberattacks to become more complex, while only 13% believe they will be protected from cyberattacks.
The European Union Agency for Cybersecurity (ENISA) signed a Working Agreement with Ukraine’s Administration of the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) to boost cybersecurity efforts.
The Working Agreement signed by ENISA and SSSCIP will focus on the EU supporting Ukraine in its efforts to protect itself from geopolitically-fueled cyber attacks from Russian threat actors through improving critical infrastructure, cybersecurity skills, and capacity building.
Despite recent talk of a tech slowdown that reaches cyber, Allied Market Research reported that the market is poised to grow to $478.68B by 2030, with a 9.5% annual growth rate.
The data predicting the cybersecurity market’s growth was taken from Allied Market Research’s “Cyber Security Market by Component, Solution, Deployment Model, Enterprise Size, and Industry Vertical: Global Opportunity Analysis and Industry Forecast, 2021–2030”.
The Cybersecurity and Infrastructure Security Agency (CISA) announced a signed Memorandum of Understanding (MoU) with the Republic of Korea’s National Intelligence Service (NIS) to establish collaboration efforts under the bilateral Cyber Framework between the US and the Republic of Korea signed in April.
The framework between the Republic of Korea and the US includes sharing technical and operational cyber threat information and best practices in cyber crisis management.
The US Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) launched the “Shields Ready” cybersecurity campaign to promote critical national infrastructure (CNI).
The “Shields Ready” campaign will tackle CNI by establishing focused strategic strategies to protect organizations from potential disruption, and by building cyber-resilient systems.
Palo Alto Networks announced its purchase of Talon Cyber Security for $625 million to ramp up its merger and acquisition efforts.
Palo Alto Networks credited the acquisition of Talon to its ability to navigate the challenges of today’s connected digital environments.
Ransomware Attacks Double Over Past Two Years Akamai Technologies found that organizations faced an average of 86 ransomware attacks in the past 12 months, based on their latest report “The State of Segmentation 2023”. In comparison, organizations only faced 43 annual attacks two years ago. The 1,200 IT and security professionals who participated in the […]
OpenAI has announced a new team, intended to counter the risks brought by generative AI systems.
Labeled the “preparedness” unit, the new OpenAI branch will be tasked to set preventive measures for systemic AI risks which include individual persuasion, cybersecurity, autonomous replication and adaptation, and chemical, biological, radiological, and nuclear (CBRN) threats.
In a study by Forrester in collaboration with exposure management company, Tenable found that companies in the Asia Pacific region could not prevent 41% of cyberattacks within the past two years.
The APAC edition of the report “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity” was based on a survey consisting of 219 cybersecurity leaders in APAC.
Imposed by the Norwegian Data Protection Authority (DPA), the European Data Protection Board announced its latest extension on the temporary ban of Meta’s Facebook and Instagram’s targeted advertising for data privacy purposes.
The Norwegian DPA explained that Meta apps use content preferences based on user posts and location information to create personalized advertising targeting, which poses a threat to data privacy.
Forty US-allied countries pledged to no longer pay cybercrime ransoms at the second annual meeting of the International Counter Ransomware Initiative.
The idea behind the pledge is that as long as ransom is paid to these cyber criminals, it will continue. This initiative would also seek to encourage organizations within the participating countries to focus on improving their cybersecurity infrastructure rather than just folding to these cyber criminals.
SlashNext’s “State of Phishing Report for 2023” report stated the 1265% phishing increase in malicious phishing emails since Q4 2022, correlating to ChatGPT’s launch.
It was also reported that 31,000 phishing emails were sent on a daily basis in the past year, 68% of them being text-based Business Email Compromise (BEC).
According to a report by the Identity Theft Resource Center, 42% of small businesses lost revenue due to a cyber attack in 2023.
Despite the record rise of cyber attacks (73%) and revenue loss in small businesses, 85% of small business leaders claim to be prepared for cyber attacks.
Google’s Vulnerability Rewards Program (VRP), a program made to reward researchers who find system vulnerabilities, has been expanded for generative AI.
Google explained the expansion of the VRP as a reaction to the risks brought by AI, and the magnified implications it has for traditional digital security.
Europol released a statement directed to European law enforcement agencies to prepare for the impact quantum computing will have on the cybersecurity ecosystem.
This warning is based on Europol’s latest report, “The Second Quantum Revolution: The Impact of Quantum Computing and Quantum Technologies on Law Enforcement” which dives into the threats and opportunities of quantum computing to threat actors.
UK Finance has reported a significant increase in authorized push payment (APP) fraud in the first half of 2023.
APP fraud refers to threat actors practicing identity fraud to trick victims into sending money to bank accounts under their control.
US energy firm BHI Energy has shared details about an Akira ransomware gang attack that breached its network in May this year.
The gang used a third-party contractor’s account to reach BHI’s internal network through a VPN connection. In the weeks that followed the breach, 767K files, containing 690 GB of data were stolen. These included BHI’s Windows Active Directory database.
The BlackCat ransomware group has employed the use of a new tool, called Munchkin, making the Ransomware-as-a-Service (Raas) operation more attractive to potential affiliates. This is because Munchkin allows for the use of remote systems to deploy encryptors on network devices.
After violating a device’s security, the threat actors are able to install something called a VirtualBox, which enhances their ability to propagate a malicious payload across victim networks.
A stealthy malware known as SpyNote has made headlines because of its ability to steal data, record calls and access the cameras of devices it has infected.
The malware disguises itself as a phone operating system update, fooling targeted victims into allowing it access privileges
Reports show that phishing and malware attacks have spiked by 173% and 110% respectively in the third quarter of this year, compared with the second quarter of the year.
A staggering 493.2 million phishing attacks and 125.7 million malware attacks were logged during this period.
Discord continues to be used by threat actors to launch malware attacks. Researchers have warned the online platform continues to be used to distribute malware and exfiltrate data.
Three ways threat actors have been using Discord include stealing passwords, abusing webhooks, and stealing passwords.
Ancestry site 23andMe with nearly 1M users has acknowledged a hacker leak, with hackers listing stolen data relating to family genetics online for sale.
The hackers seemed to have targeted users of Ashkenazi Jewish heritage. The data includes the last name, sex, and 23andMe’s evaluation of where their ancestors came from. This is now being investigated, to find out who the threat actors are, along with the motive of the attack.
Crypto exchange server Upbit has announced it was targeted by hackers 159,000 times during the first quarter of this year.
This is more than double the number of hacker attacks it experienced in the same period last year. The figures were released by Dunamu, the company that operates Upbit.
The hacker group behind the recent breaches of major casino companies, called Scattered Spider, is suspected to be behind a recent attack against Clorox Co in Malaysia.
This breach has led to a nationwide shortage of cleaning products and displays the same social-engineering tactics of Scattered Spider.
In response to the increasingly hostile cyber environment, Google will tighten bulk email sending regulations next year.
Reports say that the server plans to send new email sender guidelines in February, which will require senders of bulk email to authenticate their emails and adhere to stricter spam regulations.
admin