In a study by Forrester in collaboration with exposure management company, Tenable found that companies in the Asia Pacific region could not prevent 41% of cyberattacks within the past two years.
The APAC edition of the report “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity” was based on a survey consisting of 219 cybersecurity leaders in APAC.
Forty US-allied countries pledged to no longer pay cybercrime ransoms at the second annual meeting of the International Counter Ransomware Initiative.
The idea behind the pledge is that as long as ransom is paid to these cyber criminals, it will continue. This initiative would also seek to encourage organizations within the participating countries to focus on improving their cybersecurity infrastructure rather than just folding to these cyber criminals.
As we predicted earlier this year, harsh economic conditions across Western democracies are acting as a catalyst for cybercrime – particularly those cyber-attacks that target staff inside the organization. As cybersecurity becomes more effective, cybercriminals are finding ways to bypass digital security barriers by victimizing and sometimes terrorizing key personnel within the target organization.
SlashNext’s “State of Phishing Report for 2023” report stated the 1265% phishing increase in malicious phishing emails since Q4 2022, correlating to ChatGPT’s launch.
It was also reported that 31,000 phishing emails were sent on a daily basis in the past year, 68% of them being text-based Business Email Compromise (BEC).
US President Joe Biden has issued an executive order aimed at regulating artificial intelligence (AI), urging Congress to pass the necessary legislation as swiftly as possible. The announcement was made only 48 hours before tomorrow’s Global AI Summit in the UK, which US Vice President Kamala Harris will attend. The push to swiftly legislate indicates that the threat of AI is being taken seriously globally, with governments taking a coordinated approach. A mass of legislation and backroom deals with IT companies is surely set to follow.
According to a report by the Identity Theft Resource Center, 42% of small businesses lost revenue due to a cyber attack in 2023.
Despite the record rise of cyber attacks (73%) and revenue loss in small businesses, 85% of small business leaders claim to be prepared for cyber attacks.
Google’s Vulnerability Rewards Program (VRP), a program made to reward researchers who find system vulnerabilities, has been expanded for generative AI.
Google explained the expansion of the VRP as a reaction to the risks brought by AI, and the magnified implications it has for traditional digital security.
Europol released a statement directed to European law enforcement agencies to prepare for the impact quantum computing will have on the cybersecurity ecosystem.
This warning is based on Europol’s latest report, “The Second Quantum Revolution: The Impact of Quantum Computing and Quantum Technologies on Law Enforcement” which dives into the threats and opportunities of quantum computing to threat actors.
Roughly three-quarters of small-to-medium-sized businesses (SMBs) have experienced a cyber-attack, a breach, or both in the last year. According to non-profit organization the Identity Theft Resource Center (ITRC)’s third annual ITRC Business Impact Report, 73 percent of owners or leaders of SMB’s reported being attacked or breached in the past 12 months, following a slight dip in the previous year.
UK Finance has reported a significant increase in authorized push payment (APP) fraud in the first half of 2023.
APP fraud refers to threat actors practicing identity fraud to trick victims into sending money to bank accounts under their control.
Last week, the US seized 17 website domains alleged to have been used to defraud US and foreign businesses. These seizures come hard on the heels of previously sealed October 2022 and January 2023 court-authorized seizures of approximately $1.5 million of the revenue that the same group of IT workers collected from unwitting victims. According to the US Justice Department, The Democratic People’s Republic of North Korea has installed bogus contractors to steal from US companies in order to pay for weapons development.
US energy firm BHI Energy has shared details about an Akira ransomware gang attack that breached its network in May this year.
The gang used a third-party contractor’s account to reach BHI’s internal network through a VPN connection. In the weeks that followed the breach, 767K files, containing 690 GB of data were stolen. These included BHI’s Windows Active Directory database.
The Federal Bureau of Investigation (FBI) warns that cybercriminals and online blackmailers are targeting plastic surgeons to harvest electronically protected health information (ePHI) on their patients. Personal ePHI includes sensitive information and photographs, enabling the cybercriminals to extort money from the patients themselves as well as from plastic surgery practices, something that could prove lucrative to blackmailers targeting wealthy celebrities who are in the public eye.
The BlackCat ransomware group has employed the use of a new tool, called Munchkin, making the Ransomware-as-a-Service (Raas) operation more attractive to potential affiliates. This is because Munchkin allows for the use of remote systems to deploy encryptors on network devices.
After violating a device’s security, the threat actors are able to install something called a VirtualBox, which enhances their ability to propagate a malicious payload across victim networks.
Law enforcement officials are working around the clock to take down ransomware gangs by targeting their funding sources and online infrastructure. As part of these efforts, they have seized the RagnarLocker base, hoping this will disrupt one of the internet’s most malicious ransomware groups.
The collective law enforcement effort is made up of authorities from Europe, the US, and Japan.
Terrorist group Hamas, which was responsible for the recent atrocities committed in Israel, is reported to be using the smartphones of dead and captured Israeli hostages as entry points to monitor Israeli citizens in preparation for forthcoming cyber-strikes on Israel.
According to Lloyds, a single well-orchestrated cyber strike breaching a financial services payments system could lead to losses of $1.1 trillion in the US alone, with global losses amounting to $3.5 trillion over a five-year period. China would face losses of around $470 billion and Japan $200 billion.
A stealthy malware known as SpyNote has made headlines because of its ability to steal data, record calls and access the cameras of devices it has infected.
The malware disguises itself as a phone operating system update, fooling targeted victims into allowing it access privileges
In what the US Federal Bureau of Investigation (FBI) is billing as “their first-ever joint public appearance”, the heads of the intelligence services of five Western governments, known as the “Five Eyes” are now meeting in Palo Alto, California, the heart of Silicon Valley.
Reports show that phishing and malware attacks have spiked by 173% and 110% respectively in the third quarter of this year, compared with the second quarter of the year.
A staggering 493.2 million phishing attacks and 125.7 million malware attacks were logged during this period.
Discord continues to be used by threat actors to launch malware attacks. Researchers have warned the online platform continues to be used to distribute malware and exfiltrate data.
Three ways threat actors have been using Discord include stealing passwords, abusing webhooks, and stealing passwords.
Leading women politicians have become the latest targets of the now-notorious Void Rabisu threat actor following a cyber-campaign aimed at the Women Political Leaders (WPL) Summit in Brussels in June. A new report from Japan-based cybersecurity company Trend Micro shines a light on Void Rabisu’s extensive recent cyber-espionage activities.
The Q3-2023 Ransomware Report of cyber threat intelligence company Cyble has shown that ransomware attacks have doubled over the past year.
The reports also show the healthcare sector to be the most targeted in these attacks, and the US as being the most targeted area.
Israel-based cybersecurity firm Check Point Software said that the company has tracked over 40 groups conducting attacks that overwhelmed and disrupted more than 80 websites starting with the day of the Hamas onslaught. These included government and media sites and have the appearance of a concerted cyber follow-up to the genocidal terrorist attacks that took place on the ground.
According to cybersecurity company SecureWorks’ annual State of the Threat Report, over the last 12 months, attackers have shortened the time between the initial penetration of the corporate network to the ransomware demand itself from 4.5 days to less than one day. This period, known in the cybersecurity industry as ‘dwell time’, offers well-equipped cybercriminals a leisurely opportunity to drain the company of funds and its most sensitive secrets. In 10 percent of cases, ransomware was even deployed within five hours of initial access.
Google has warned users of Android devices to take specific precautionary measures to prevent malware infection. This warning comes after a reported increase in malware aimed at stealing information and money.
Precautionary measures advised by the service provider include turning on Google Play Protect, updating software, and removing untrusted apps.
State security in Pennsylvania, US has warned against a new hacker scam targeting senior citizens, called Phantom Hacker.
The scam artists attempt to convince senior citizens that their accounts holding financial details have been hacked. They then suggest transferring money into an ‘alias’ account under the guise of being federal agency officials.
The official cost of texting fraud in 2022 rose to $330 million, representing a fivefold increase since 2019, with an average cost of $1,000 to the victims concerned. But the US Federal Trade Commission (FTC), which issued the figures, acknowledges that this is only the tip of a gigantic cybercrime iceberg, as most phone scams go unreported.
A cyber-espionage campaign in the Pacific, directed principally at Taiwan, which took place in the Spring, has now come to light. According to cybersecurity company, Symantec, a large-scale program of cyber-enabled international espionage began in February 2023 and continued until at least May 2023.
The LockBit ransomware gang has threatened to release data stolen from CDW Corp, a major IT reseller and services provider in the US, UK, and Canada after discussions over the ransom fee for the data commenced.
The notorious ransomware gang demanded $80 million, with CDW offering just $1.1 million as their ransom counteroffer.
At least seven million customers of San Francisco-based DNA company, 23andMe, are now seeing their confidential and highly personal genetic data up for sale on the internet. The hackers are also offering the millions of victims’ personal email addresses for good measure and to best assist potential blackmailers and fraudsters.
Ancestry site 23andMe with nearly 1M users has acknowledged a hacker leak, with hackers listing stolen data relating to family genetics online for sale.
The hackers seemed to have targeted users of Ashkenazi Jewish heritage. The data includes the last name, sex, and 23andMe’s evaluation of where their ancestors came from. This is now being investigated, to find out who the threat actors are, along with the motive of the attack.
Crypto exchange server Upbit has announced it was targeted by hackers 159,000 times during the first quarter of this year.
This is more than double the number of hacker attacks it experienced in the same period last year. The figures were released by Dunamu, the company that operates Upbit.
Cybersecurity firm, CloudSEK is looking deeper into the leaked data from NATO, an attack claimed by the SiegedSec threat actors. SiegedSec threat actors, who announced this attack on a Telegram group, claim to not be a state-sponsored group. Instead, their attacks are based on ‘hacktivism’ or ‘just for fun’.
This attack on NATO has reportedly compromised 845MB of sensitive information from the organization, impacting 31 nations. NATO is now investigating the SiegedSec claims and is working together with firms to strengthen their cybersecurity efforts so this kind of attack will not be replicated.
Systems powered by artificial intelligence, quantum computing, and cutting-edge microchips, together with genetic engineering, are being viewed with suspicion by the European Commission. As a result, the European Union (EU) is now in close and intense consultation with the EU’s 27 member states to establish an argument for potential trade bans and investment screenings.
The hacker group behind the recent breaches of major casino companies, called Scattered Spider, is suspected to be behind a recent attack against Clorox Co in Malaysia.
This breach has led to a nationwide shortage of cleaning products and displays the same social-engineering tactics of Scattered Spider.
In response to the increasingly hostile cyber environment, Google will tighten bulk email sending regulations next year.
Reports say that the server plans to send new email sender guidelines in February, which will require senders of bulk email to authenticate their emails and adhere to stricter spam regulations.
A new malware threat, identified as BunnyLoader, is being sold in the cyber underground market.
This Malware-as-a-Service (MaaS) threat has various capabilities, including stealing browser credentials, and system information as well as executing a second-stage payload.
Crypto firms have been warned about the new Lazarus malware payload, called ‘LightlessCan’, which easily evades detection. The malware variant has since been used in fake job scams.
The ‘LightlessCan’ malware was discovered on 29 September, while researchers were investigating a fake employment scam attack leveled against a Spanish aerospace firm.
admin
