David
EPA Issues Warning for US Drinking Water Systems – May 21st
On Monday, May 20th, the Environmental Protection Agency (EPA) issued a warning, urging water utility systems in the US to take action to prevent vulnerabilities. The EPA says 70% of water systems inspected don't fully comply with the Safe Drinking Water Act requirements, stating that some have "critical cyber vulnerabilities" such as default passwords that may be easily compromised.
Android Malware Posing as WhatsApp, Instagram, and Snapchat – May 15th
The SonicWall Capture Labs team reported on threat actors developing malicious, fake Android apps to impersonate Google, Instagram, Snapchat, WhatsApp, and X. When downloaded by victims and once permissions have been granted to use them, illegitimate apps aim to steal sensitive data from Android devices, such as contacts, text messages, call logs, and passwords.
Zscaler Clarifies, Only The Test Server Was Compromised – May 14th
In conclusion, in its investigations on hacking claims, Zscaler found that only an isolated test environment was compromised. The investigation arrived after a hacker named 'IntelBroker' confirmed that he breached Zscaler, offering to sell their data for $20K. The incident investigation is now also being conducted with Europol.
Boeing Discloses $200M Ransomware Attempt – May 13th
Boeing made a significant disclosure: The LockBit ransomware group targeted the company, which demanded a staggering $200M extortion payment. Boeing did not pay LockBit a ransom despite 43 GB of company data leaked on the ransomware group's website in November 2023. Boeing is now in contact with the FBI to mitigate the breach.
91% of Orgs Report Use of Gen AI for Cybersecurity – May 1st
Splunk reported that 91% of organizations reported the use of Generative AI for specific cybersecurity usage. The report “State of Security 2024: The Race to Harness AI” also disclosed that 93% of security leaders said public Gen AI was in use across their respective organizations, among other insightful statistics on Gen AI's impact on cybersecurity.
95% of Organizations Changed their Cyber Strategy in the Past Year – April 30th
LogRhythm announced that 95% of companies reported that they’ve altered their cybersecurity strategies within the last twelve months. The “2024 State of the Security Team: Navigating Constant Change” report also disclosed that 98% of respondents state that keeping pace with the shifting regulatory landscape is the leading factor in driving changes in security strategy.
UK Government Launches Updated Cyber Regulations – April 29th
As a testament to the UK's £2.6 billion National Cyber Strategy, the UK Government has proactively launched regulations to safeguard UK consumers and businesses from cyber-attacks. The updated regulations now mandate that manufacturers of consumer electronics adhere to minimum security standards. Additionally, consumers are prohibited from using easily guessable default passwords, a measure aimed at bolstering their personal cyber security.
Middle Eastern Governments Targeted by Evasive “CR4T” Backdoor – April 19th
Kaspersky reported on their discovery of the cyber campaign labeled "DuneQuixote," which targets Middle Eastern government agencies through a sophisticated backdoor to spread malware. The backdoor, "CR4T," is a C/C++-based memory-only implant that enables threat actors to access consoles for command-line execution. This can lead to uploading and downloading illicit files onto affected systems.
Malware Found to Evade Ukranian Detection for 9 Years – April 18th
Cisco Talos revealed its findings, showing that select Ukranian government agencies have been infected with the 'OfflRouter' malware since 2015. Cisco Talos researcher, Vanja Svajcer said. "The virus is still active in Ukraine and is causing potentially confidential documents to be uploaded to publicly accessible document repositories."
73% of SME Security Professionals Failed to Act on a High Priority Security Alert – April 17th
According to a survey from Coro, 73% of SME cybersecurity professionals admittedly say that they've missed, ignored, or failed to act accordingly on a high-priority security alert. The survey also found respondents to spend an average of 4 hours and 43 minutes managing their cyber security tools daily, with an average of 11.55 tools in their security stack.
Two Individuals Linked to “Hive RAT” Arrested – April 16th
The U.S. Department of Justice (DoJ) announced the arrest of two individuals in Australia for their ties to the "Hive RAT" remote access trojan (RAT). The two arrested individuals are suspected of being behind the distribution of the RAT, as found on the ‘Hack Forums’ cybercrime forum.
NSA Publishes AI System Guidelines for Security – April 15th
The National Security Agency (NSA) released a Cybersecurity Information Sheet (CSI) focused on the secure deployment of AI systems. The CSI, entitled "Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems," covers the guidelines set to avoid the exploitation of malicious activity targeting software of still-developing AI technology.
Over 500k Accounts Affected by the Roku Breach – April 12th
Stemming from a breach earlier this year only affecting 15k Roku accounts, a second breach sees heavier implications, affecting over half a million of the company's subscribers. Roku claims that the hackers did not gain access to any financially sensitive customer information and assures that refunds would be made for unauthorized account purchases. For further security measures, Roku also enables a two-factor authentication for all accounts.
US Department of Health and Human Services Falls Victim to Social Engineered Scam – April 11th
The US Department of Health and Human Services (HHS) reported that they fell victim to a social engineering scam over the phone, imitating HHS' financial department, convincing them to hand over ID verification details. The threat actors, aside from imitating HHS' financial department, pulled the attack off by using local area codes and AI voice-changing technology to disguise themselves. The surrendered information could lead to threat actors bypassing multifactor authentication (MFA) security.
Q1 2024 Ransomware Attacks See 22% Drop – April 10th
Cyberint released a report that discloses the 22% drop in ransomware cases from Q4 2023 to Q1 2024, or from 1,309 down to 1,048 cases. The 'Q1 Ransomware Report' credits the decrease in ransomware attacks to a major uptick in law enforcement crackdowns on cyber criminal gangs, with notable major actions against LockBit and ALPHV.