July 15th -- In Singapore, the Monetary Authority has mandated that all major retail banks phase out one-time passwords (OTPs) within three months. Doing so is expected to enhance consumer protections in regards to phishing and smishing scams. In the 2000s, OTPs were introduced to make security processes easier for users, but have since become vulnerable to a...

July 12 – Check Point Software Technologies has provided new information about CVE-2024-38112, a Windows zero-day flaw that was fixed in this week’s Patch Tuesday release. The flaw may have been exploited for more than a year ahead of seeing a patch. Vulnerability details CVE-2024-38112 is a spoofing vulnerability in the MSHTML platform. The vulnerability received a score of...

July 10th --  As part of a continuous cyber extortion campaign, cyber criminals have leaked nearly 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, the Red Hot Chili Peppers, Bruce Springsteen, Carrie Underwood, Aerosmith, Phish, Tate McCrae and the Foo Fighters. What happened In April, cyber criminals downloaded Snowflake databases that belonged to more than...

July 8th – Cyber security researchers have observed the existence of 9.94 million plaintext passwords on a popular dark web site. The cyber criminal responsible for the breach goes by the moniker ‘ObamaCare,’ and has a reputation for sharing sensitive information that's been stolen through cyber breaches. More information Wrote the ObamaCare hacker, “Xmas came early this year. I present...

July 3rd – Croatia’s largest and most advanced hospital, the University Hospital Centre Zagreb (KBC Zagreb), serves roughly 10,000 citizens daily across two main campuses and three additional locations throughout Zagreb. The hospital also maintains 30 clinics, seven specialized institutes, and over 2,000 beds. Last week, a cyber attack crippled the hospital system, paralyzing networks. Servers were shut...

July 1st – In June, one of the world’s largest forklift manufacturers, the Crown Equipment Corporation, was hit with a cyber attack that has resulted in multi-week operational disruptions. As the incident unfolded, employees were left in the dark. The company has 19,000 employees across 24 manufacturing plants in 14 locations, worldwide. Employees were told not to come...

June 28th – TeamViewer, a prominent remote software provider, has disclosed a cyber attack linked to the Russian state-affiliated threat actor known as Midnight Blizzard/APT29. The incident was identified on June 26th, when suspicious activity was detected within TeamViewer’s corporate IT environment. Attack details The company swiftly contained the attack. The threat actors have not accessed the company’s product environment...

June 26th – In South Africa, the National Health Laboratory Service (NHLS), which operates 265 laboratories across all nine South African provinces, has confirmed that it’s contending with a ransomware attack. The attack is stymieing efforts to distribute lab results amidst the country's latest mpox outbreak. What happened The ransomware attack began on Saturday morning. Cyber criminals dismantled...

June 24th – In May, the Australian corporation known as Ticketek — which sells more than 23 million tickets to over 20,000 events each year — suffered through a data breach. The data had been stored by a cloud-based supplier — possibly Snowflake. At the time of the breach, no customer accounts were compromised, according to Ticketek. However, shortly...

June 20th – CDK Global, an American car dealership software provisioner that serves 15,000 dealerships across the Untied States, has experience back-to-back cyber attacks that required taking systems offline. The dealerships that the company serves were also negatively affected. Business impact In Manhattan, the CDK Global cyber disruption forced a BMW store to announce that all new business – such...

June 17th – One of the top 10 largest commercial banks in the United States, Truist Bank, has confirmed that its systems were breached in a cyber attack. The incident is concerning in that an unauthorized party gained access to sensitive data and has since attempted to sell it on the dark web. It's all in the details... The...

June 14 – A prominent player in Australia's rare earths mining sector, IIuka Resources Limited (ASX: ILU), recently thwarted a cyber attack. While hackers were unable to bypass the firm's cyber security mechanisms, the attackers planned to deface the company's website. Attackers may have also intended to access internal systems. However, systems remain fully in-tact and no loss...

June 12 – Dubbed WarmCookie, this threat provides cyber attackers with initial access into targeted systems. Once in systems, attackers frequently launch ransomware attacks. How the campaign works Cyber attackers begin by sending victims phishing emails. These emails contain information about new job opportunities and attempt to convince interested parties to click on links to see role descriptions. As you’ve...

June 10th — Earlier today, Microsoft and Google announced the launch of low cost and no cost cyber security services for vulnerable, rural American hospitals. Eligible rural hospitals will receive free security updates, cyber security assessments and cyber security awareness training for hospital staff, as provided by Microsoft. Google is has committed to starting a pilot program that matches...

June 7th — Since Australian authorities sounded the alarm last week, cloud storage and data analysis company Snowflake has been at the center of a data theft debacle. Evidently, cyber criminals successfully compromised several businesses that depend on Snowflake environments. Via the cyber breaches, criminals allegedly obtained records belonging to major organizations; from big banks, to pharmaceutical conglomerates,...

June 5th – On Monday, hospitals in London declared a major IT incident, which proved to be a ransomware attack. In the immediate aftermath, memos were sent to the staff at King’s College hospital, Guy’s and St Thomas’ (including the Royal Brompton and Evelina London children’s hospital) and primary care service providers across London. The issue stemmed from a...

June 3rd – Poland has announced that it will spend over 3 billion zlotys ($760 million) on cyber security, following an unprecedented nation-state cyber attack. Krzysztof Gawkowski, Deputy Prime Minister of Poland, says that “Today, Poland is on the frontline of the cyber fight…” European parliament elections are to be held in Poland on Sunday and authorities are concerned...

May 30th – International law enforcement has removed a major botnet network from the internet. It was linked to large-scale cyber attacks, along with bomb threats, export violations and child exploitation. Investigators believe that the botnet network has infected over 19 million IP addresses, including 613,841 IP addresses that are based in the U.S. The primary operator is believed...

May 28th – Earlier this month, OpenAI launched ChatGPT-4o, a more advanced version of the 4.0 model. This latest model can process audio, visuals and text in real-time. It’s available to all users for free, although the service does have some limitations. In relation to cyber security, experts advise cyber security professionals to temper expectations surrounding any profound...

May 17th -- In the past year, 61% of organizations have reported experiencing cloud security breaches, an increase of nearly 40% over the prior year's numbers, according to Check Point's 2024 Cloud Security Report. The report, based on responses from over 800 cloud and cyber security professionals, indicates that most organizations prioritize threat detection and monitoring over prevention,...

May 15th -- Cyber attacks are affecting schools and causing widespread disruption. In recent months, they've led to cancelled lessons, limited learning, long lunchtime queues, and operational upsets, including the inability to complete homework online. According to recent data from the U.K's Information Commissioner's Office (ICO), there were 347 cyber incidents reported in the U.K's education sector in...

May 13th – Since mid-2023, the Estate cyber crime group, operating out of the Netherlands, has orchestrated waves of ferocious cyber attacks that are executed via a combination of social engineering and one-time passcode (OTP) exploitation. When a person (victim) inputs the OTP, attackers engage in crippling theft that can leave an individual permanently deprived of the funds...

May 9th -- A recent study by a threat research team has revealed a new cyber attack type called "LLMjacking." This attack type targets cloud-hosted large language models (LLM) services through the use of stolen cloud credentials. In contrast with previous discussions of LLM-based AI system threats, which have largely focused on prompt abuse and data manipulation, this...

May 6th -- The U.S. State Department has announced the development of a new global cyber security strategy. The objective is to foster international cooperation around the prevention of nation-state hacking, the safe development of artificial intelligence and other urgent cyber space-related concerns. Secretary of State Antony Blinken is due to present the plan at the RSA Conference...

May 1st -- In the U.S., the Department of Homeland Security (DHS) has released new resources that are intended to help address emerging threats posed by artificial intelligence. The resources include guidelines that focus on reducing AI risks to critical infrastructure. The guidelines aim to limit AI misuse during the development and production of chemical, biological, radiological and...

April 29 -- In the U.S. state of Georgia, Coffee County experienced a cyber incident that prompted officials to temporarily sever computer access to statewide election systems. Earlier this month, the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) informed the County of unusual cyber activity on its IT infrastructure. What happened Close inspection revealed...

April 26 – An increasing number of businesses are turning to zero trust in order to enhance cyber security. This approach reflects a shift away from traditional perimeter-based security models and towards a more comprehensive and proactive security framework. With zero trust, organizations aim to verify and authenticate every user and device that attempts to access their network,...

April 24th -- According to authorities in Seoul, North Korean hackers have conducted sweeping cyber attacks against South Korean defense firms. The attacks have prompted warnings for the industry, which urge organizations to take additional cyber security measures. What happened Reports say that cyber adversaries infiltrated 83 different companies. Sensitive data from at least six different computers was siphoned...

April 22 -- The U.S. National Security Agency, in collaboration with six government agencies from the U.S. and other Five Eyes countries, has released new guidance on the secure deployment of AI systems. Published on April 15th, the corresponding publication from the NSA's Artificial Intelligence Security Center (AISC), is a landmark document. The guidance is structured around three...

April 19th -- A recent joint advisory from the FBI, CISA, Europol's European Cybercrime Center (EC3) and the Netherlands' National Cyber Security Centre (NCSC-NL) highlights the extensive impact of the Akira ransomware operation on organizations worldwide. Since its emergence in March of 2023, Akira has breached the networks of over 250 organizations, amassing approximately $42 million in ransom...

April 17th -- Olympic organizers are bracing for a surge in cyber attacks during this year's Summer Games, due to take place in Paris. Officials expect millions of hacking attempts, some of which are liable to target critical systems. Cyber attacks could cause minor inconveniences (e.g., ticketing delays) or major reputational damage (e.g., empty stadiums). Nation-state backed attempts...

April 15th -- Telegram recently took swift action to account for a critical zero-day vulnerability that was discovered within its Windows desktop application. This vulnerability posed a significant threat, as it allowed for the automatic launch of Python scripts. It's all in the details... Initially, rumors circulated regarding a potential remote code execution (RCE) flaw within Telegram for Windows....

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that Russian government-backed hackers exploited vulnerabilities in Microsoft’s email system to steal sensitive correspondence between officials and the tech company. This alarming breach was highlighted in an emergency directive issued by CISA on April 2. According to the directive, the hackers utilized stolen authentication details shared via email...

Apple has issued a warning to iPhone users across the world about an alarming cyber attack. This highly advanced attack, known as “mercenary spyware,” has affected users in at least 92 countries, including India. Unlike typical cyber criminal activity, these attacks don’t focus on average users seeking personal information. Instead, they specifically target high-profile individuals such as...

In a concerning development, cyber criminals have shifted their focus to the Latin American region, deploying a highly targeted phishing scheme. According to researcher Karla Agregado, this campaign employs a clever tactic: phishing emails containing ZIP file attachments. When recipients unzip these files, they discover an HTML file that appears innocuous but actually leads to a malicious...

Last month, German software developer Andres Freund, who works for Microsoft, was conducting detailed performance tests when he noticed suspicious behavior in a little-known open-source program called XZ Utils. Freund's investigation revealed a disturbing discovery: the latest version of XZ Utils had been deliberately sabotaged by one of its developers, a move that could have created a secret...

April 3rd – Since Friday, the Omni Hotels and Resorts chain, which owns more than 50 different properties across the United States, Canada and Mexico, has been experiencing a widespread system outage. While the company’s website was initially rendered inaccessible by the outage, it has since been restored with a prominent alert warning visitors of “technical difficulties” due...

April 1st – The Indian government has rescued 250 citizens who were entrapped and forced to engage in illegal cyber activities in Cambodia. Reports show that the individuals were offered seemingly legitimate job placements, but upon arriving in the country, were corralled, entrapped and used for forced labor. What’s happening Official documentation indicates that more than 5,000 Indians have...

March 29th – X, the social networking service owned by Elon Musk, has introduced a new conversational AI-based chatbot, known as Grok. In contrast with mild-mannered and neutral-tone chatbots like ChatGPT or Microsoft AI Copilot, Grok exhibits a more unconventional demeanor. Its responses are often delivered in a candid and informal style, occasionally employing extremely colloquial language. For...

March 27th – The Portuguese data protection authority has ordered Worldcoin, a controversial project aiming to create a global digital identity system, to temporarily halt collection of biometric data from Portuguese citizens. The National Data Protection Commission (CNPD) announced the suspension on March 26th, citing concerns over Worldcoin’s unauthorized data gathering, including data collection from minors. About Worldcoin Worldcoin, founded...

March 25th – A new security vulnerability called “GoFetch” has been discovered. It affects Apple’s M1, M2 and M3 processors. The vulnerability can be exploited to steal secret cryptographic keys stored in the CPU’s cache memory. The attack leverages a feature called data memory-dependent prefetchers (DMPs), which are present in modern Apple CPUs. DMPs are designed to improve...

March 22nd - The U.S Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly released an advisory to provide government groups with guidance around defending against Distributed Denial of Service (DDoS) attacks. These attacks aim to disrupt ordinary web traffic by overwhelming target systems with massive...

March 20th – In the U.S., the White House has issued an urgent warning to state leaders, highlighting the occurrence of “disabling” cyber attacks targeting water systems nationwide. In a joint letter, the White House and the Environmental Protection Agency (EPA) have invited state officials to a meeting scheduled for Thursday. The purpose of the gathering is to...

March 18th --  One of the most prevalent ransomware groups of 2023, known as StopCrypt, has revealed its new ransomware variant, which leverages sophisticated evasion tactics. This StopCrypt development was brought to light last week. According to a new report, the ransomware family has become more common than LockBit. In contrast with other ransomware groups, StopCrypt typically targets...

March 15th – For cyber security professionals who are defending the state of Alabama’s networks, the last couple of weeks have translated to a trial-by-fire. The state has found itself in the crosshairs of a number of cyber attacks that have crippled systems and disrupted critical infrastructure operations for government agencies. The trouble began on March 6th, when...

March 13th – In recent weeks, multiple French government departments have been targeted by sophisticated cyber attacks. These breaches have compromised sensitive data and systems, exposing vulnerabilities within the digital infrastructure of the French government. According to reports from French cyber security agencies, the attacks affected several ministries. Hackers were able to gain unauthorized access to internal networks...

March 11th – Quantum computers may bring transformative capabilities to organizations, especially those dealing with specific, complex computational challenges. But they also introduce a certain level of risk. Hewlett Packard has launched what it’s calling the world’s first business-grade PCs, which are designed to protect firmware from quantum-based cyber attacks. Preventing quantum hacks Devices will be upgraded with HP’s Endpoint...

March 8th – CISA intends to bring agencies, industry, regulators and the open source community closer together for the purpose of better securing the open source ecosystem. The agency announced its commitment to this effort during a two-day summit on open source software (OSS) security, where director Jen Easterly emphasized the role of open source code in critical...

March 6th – In Europe, cloud storage costs have taken an outsized bite from budgets, with usage fees eating up a significant portion of allocated resources. More than 50% of EMEA-based firms spent more than intended on cloud storage in 2023. Nonetheless, according to new research, many EMEA organizations are looking to expand cloud storage portfolios. Due to...

March 4th – As North Korea looks to upgrade its semiconductor programs for weapon development purposes, several North Korean hacking groups appear to have infiltrated at least two different South Korean chip manufacturing entities. The news follows an announcement by South Korean President Yoon Suk Yeol, which warned that North Korea may attempt to stage provocations – in...

February 29th – Last year, ahead of the Christmas holiday, the U.S. Federal Bureau of Investigation (F.B.I) ran an international operation intended to squelch the notorious hacking group known as BlackCat or ALPHV. The hacking group is known for operating on a Ransomware-as-a-Service (RaaS) model, and it has also been ranked as the second-most active organized ransomware group...

February 27th – A recent advisory from the U.K. National Cyber Security Centre (NCSC) and international partners highlights the recently developed tactics, techniques and procedures (TTPs) used by APT 29 (also known as Midnight Blizzard, the Dukes or Cozy Bear). The U.S. National Security Agency (NSA), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Cyber National...

February 26th -- Western officials have warned that the cyber spies responsible for the 2019 SolarWinds breach are altering their methods and preparing to infiltrate organizations that have transitioned their networks to the cloud. In the past, cloud hosting has presented a challenge for hackers, as it has significantly diminished the attack surface, limiting hackers' capacity to exploit...

February 22nd – The ‘VoltSchemer’ attacks involve injecting voice commands into a smartphone’s voice assistant using the magnetic field emitted by a standard wireless charger. VoltSchemer can cause physical damage to a phone and can generate intense heat, potentially resulting in temperatures in excess of 500F (260C), which may also affect nearby items. How it works VoltSchemer is an attack...

February 20th – In a U.S. federal court, a man has plead guilty to taking a leadership role in two different cyber attacks that resulted in tens of millions of dollars in losses and that temporarily prevented a Vermont hospital from functioning correctly. Although the attacks occurred more than three years ago, the impact has been felt for...

February 16th – The artificial intelligence company OpenAI has given the world a preview of a new AI tool that, if given a simple text prompt, can generate beautiful, high-quality 60-second videos. The new tool has been dubbed Sora. “We’re teaching AI to understand the physical world in motion, with the goal of training models that help people...

February 14th – Last month, deepfake robocalls that impersonated U.S. President Joe Biden raised alarm among government officials. In the state of New Hampshire, an AI version of Biden encouraged voters not to go to the polls in order to vote this year. Statement auth The emergence of these robocalls, combined with a general rise in deepfakes and AI-based content,...

February 12th – Hive ransomware operators have extorted more than $100 million from thousands of victim organizations. Affected sectors include healthcare, education, finance, and critical infrastructure. The group first emerged in 2021. In November of 2023, cyber security researchers discovered that a new ransomware group, known as Hunters International, had obtained the source code and infrastructure from Hive...

February 9th – The malware family identified as Raspberry Robin is back, with new and innovative methods that facilitate higher levels of unauthorized privilege access than previously. According to Check Point Researchers, Raspberry Robin has introduced two new 1-day Local Privilege Escalation (LPE) exploits, indicating either access to a dedicated exploit developer or a high level of potential...

February 7th — Mozilla has recently launched a new paid service that automatically monitors data and removes people's private info from the web. The service is known as Mozilla Monitor Plus, and is an extension of the Mozilla Monitor (formerly Firefox Monitor) service, which provides information around email address compromises. Mozilla Monitor Plus The new data service aims...

January 31 -- Two U.S. Senators have introduced a bipartisan bill that's intended to strengthen cyber security in the food and agriculture sector. The new bill is known as the Farm and Food Cybersecurity Act. The legislation, proposed by Senators Kirsten Gillibrand (D-NY) and Tom Common (R-AR), targets the identification of cyber security vulnerabilities in agriculture, enhancing cyber...

January 29th -- Software developers are advised to promptly update their Jenkins servers in response to the discovery of a critical vulnerability, CVE-2024-23897. This vulnerability could potentially allow unauthorized attackers, even those without specific permissions, to read arbitrary files on the Jenkins controller file system. Jenkins, a widely used open-source automation server in the Continuous Integration and Continuous Deployment...

January 24th – In the U.S. state of Massachusetts, Anna Jacques Hospital experienced a shutdown of its electronic record systems and networked computers late last year. The attack forced administrators to redirect ambulances to other hospitals until service was restored two days later. A ransomware extortion group known as Money Message publicly admitted that it catalyzed the breach. Neither...

January 22nd – The DNA testing company 23andMe recently made headlines on account of two data breaches that exposed highly sensitive genomics data belonging to millions of customers. In an unprecedented move, the company blamed breach victims, telling them that the theft of data is their own fault. The ‘customer-is-at-fault’ position is based on the idea that customers...

January 18th – The U.S. Federal Bureau of Investigation (FBI), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has issued an urgent advisory regarding the Androxgh0st botnet. This botnet is actively targeting platforms like AWS, SendGrid and Microsoft Office 365 in order to illicitly acquire cloud credentials. Androxgh0st botnet The Androxgh0st botnet first emerged in 2022. It’s a...

January 16th – OpenAI has finally launched its much anticipated GPT store. The company intended to open the GPT Store in November, but plans were delayed on account of internal company events. The store expands ChatGPT’s potential applications and broadens OpenAI’s ecosystem beyond its current offerings. Effectively, the store will operate as a marketplace for AI tools. The GPT...

January 12th – Just days ahead of a critical presidential election, Taiwan has battled an alarming number of cyber attacks. The interference has, reportedly, been quite sophisticated. Taiwanese government agencies alone are contending with an estimated five million cyber attacks per day. Attacks have also been carried out against the country's technology and critical infrastructure entities, with exact...

January 10th – In Moscow, a lawsuit filed by Russian company Elcomsoft alleges that competitor MKO-Systems stole code that can reach into the depths of iOS 16 devices to extract information. The code can grab hidden passwords, locations, browsing history and other data. Elcomsoft states that its law enforcement clients find this software tool useful when trying to...

January 8th – Over the weekend, Beirut International Airport’s information display screens were hacked by domestic anti-Hezbollah groups. Where departure and arrival information would ordinarily be listed, a message accused Hezbollah of putting Lebanon at risk of an all-out war with Israel, which the message writers didn't want. Beirut International Airport attack The message on airport monitors read, “Hassan Nasrallah,...

January 4th – On the social media platform X, formerly known as Twitter, a gold badge indicates that the service has independently verified the account as owned by a celebrity or an organization. The gold badge system was introduced last year as a paid option to help individuals and organizations show account authenticity. It’s the high-profile and business...

January 2nd – Fortunately, your cyber security isn’t trying to lose 100 lbs in 3 months. Unfortunately, cyber threats are escalating, and organizations do need to take more action in order to protect data and the people to whom it belongs. As the new year unfolds, seize the opportunity to elevate your organization’s cyber security. Be sure to set...

Dec. 28 – Chrome's latest version includes a 'safety check' tool, which is designed to notify users of malicious activity and to help free up the browser's memory. When a user's stored passwords have been compromised in a known breach, the tool offers up an alert. It also scans recently installed extensions to identify any software that may...

Dec. 26 – Private media giant National Amusements, which owns Paramount and CBS, has reported a data breach. The company is legally required to file a report with Maine’s attorney general. The breach occurred in December of 2022, but only came to light recently. The stolen information Hackers parsed personal information belonging to 82,128 people. Affected individuals began to...

Dec 20th – Since June of 2022, the Play ransomware group has conducted 300 successful cyber attacks, according to a joint advisory published by the U.S. and Australian governments. The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA) and Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC), have warned that the group has targeted...

Dec. 18th – Data management giant MongoDB works with over 46,000 enterprises, including Adobe, eBay, Verizon and the U.K.’s Department for Work and Pensions. In the last day, MongoDB has shared that a breach in corporate systems exposed customer data, including metadata and contact information. For one customer alone, this included system log data. The company has found...

Dec. 15th – Several years ago, Prince Harry fell prey to phone hacking, as determined by a London High Court judge. The editors of the Daily Mirror, Sunday Mirror and Sunday People were found to have known of the spyware installation, but seemingly stayed silent on the matter. Key facts U.K. tabloids intentionally hacked Prince Harry’s phone Prince...

Dec. 13th – U.S. government officials and cyber security experts are concerned about recent nation-state backed attempts to infiltrate critical infrastructure, including American power, water, and transportation systems. Cyber criminals who appear to be affiliated with China have wormed their way into computer systems belonging to roughly two dozen critical infrastructure organizations across the past year. It is believed...

Dec 11th – At least 18 malicious financial services apps have been downloaded from the Google Play store over 12 million times in the last year alone. These malicious apps steal personal data from devices, including device info, call logs, installed apps, calendar events, local Wi-Fi network details, metadata from images and more. The cyber security community has...

Dec. 8th – The United Kingdom has made allegations against Russia’s Security Service regarding a sustained cyber hacking campaign. The campaign is said to have targeted U.K. politicians and other public figures. “We will continue to work together with our allies to expose Russian covert cyber activity and hold Russia to account for its actions,” said former Prime...

Dec. 6th – In the wake of a ransomware attack, nearly 60 credit unions across the U.S. are contending with breach fallout. Credit union disruptions The National Credit Union Administration is in communication with affected entities, and an investigation is ongoing. Among the organizations significantly impacted by ransomware-related outages is New York-based Mountain Valley Federal Credit Union, although member data...

Dec. 4th – Around the world, water suppliers have been urged to upgrade their cyber security measures, after at least one U.S. operator experienced a breach via its industrial control systems, last week. In the wake of the attack, after the facility’s Unitronics programmable logic controllers (PLCs) were compromised, systems were taken offline and the facility switched to...

Dec. 1 – Travel planners beware. A novel social engineering campaign, in operation for the last 12 months, targets both hotel employees and Booking.com customers. How it works To gain initial access to Booking.com hotel credentials, cyber attackers deploy the Vidar infostealer. In the process, the scam targets hotel front-desk staff, who need to download malicious content in order...

November 29th – As many Cyber Talk readers know, Amazon organizes the annual AWS re:Invent conference, where it makes announcements, launches exciting new products, unveils new product features and releases new tools. The premiere event is currently in underway in Las Vegas. Early this morning, Amazon debuted its new Titan Image Generator, which is now available in preview...

November 27th – Local police departments have issued privacy warnings around Apple’s recent iOS 17 update for iPhones. The update includes a feature called “NameDrop” that allows for contact information to be shared — a little too easily. Users can share contact information simply by situating the phones in close proximity to one another. Nothing needs to be...

November 22 – A prominent Fortune 500 company specializing in title insurance and settlement services for the real estate sector, disclosed a cyber security incident critical computer systems. The company initiated an investigation, informed law enforcement, and implemented measures to assess and contain the situation. As a result, disruptions occurred in services related to title insurance, escrow, and mortgage...

November 20 - The North American Electric Reliability Corp (NERC) announced that it has completed a two-day simulation with power sector companies to test their emergency response and recovery plans for physical and cyber security attacks. Recently, agencies have uncovered plots against power infrastructure and electric substations in various parts of the country. In light of this, NERC...

November 17 - U.S. cyber security and intelligence agencies have issued a joint advisory on the cybercriminal group known as Scattered Spider – a group notorious for carrying out sophisticated phishing campaigns. Scattered Spider is associated with the Gen Z cybercrime ecosystem known as the Com, which engages in illegal activities and swatting attacks. These threat actors specialize in...

November 15 – Are you on the search for last-minute tickets to the Formula 1 Las Vegas Grand Prix? If you are, then be on the lookout for scammers who are aiming to take advantage of the hype surrounding this significant racing event. Many threat actors are creating phishing pages that look identical to the official website that sells...

November 13 – Since Friday Nov. 10, The Australian government has been grappling with a significant cyber security incident that resulted in the suspension of port operations. The port organization is responsible for nearly half of the country’s flow of goods and is investigating potential data breaches and assessing critical systems necessary to resume operations and freight movement. The...

November 9th – In the last 24 hours, ChatGPT and its API have experienced a major outage due to a DDoS attack. Disruptions in the chatbot's functionality were first documented on November 7th, and initially described as partial outages. However, a “major outage” was reported a day later. The attack comes on the heels of OpenAI’s first-ever developer conference,...

November 8th – A new hacking tool, ominously named “Predator AI,” has emerged. What sets this tool apart from others is the integration of artificial intelligence; specifically, a ChatGPT-driven class embedded within a Python script. The unique GPT class adds a chat-like text-processing interface. The integration appears intended to reduce reliance on OpenAI’s API, while also advancing Predator...

November 6th – In the last year, nearly half of C-level executives have requested to bypass one or more cyber security measures. This points to a growing disparity between what executives say and the actions that they take. C-level security skips To conduct the aforementioned research, more than 6,500 executive leaders, cyber security professionals and office workers were polled. While...

November 3rd – IT service desks have recently experienced a wave of social engineering threats. Traditionally, the IT service desk has functioned as the first point of contact for an organization’s employees who are experiencing technical challenges, such as forgotten passwords and computer crashes. In order to assist with such requests, service desk staff typically verify users’ identities...

November 1st - In a U.S.-led initiative, more than forty countries have agreed to never again pay ransom to cyber criminals, and to actively work towards eliminating hackers’ funding sources. The timing couldn’t be better, as ransomware attacks are increasing in volume and sophistication worldwide. Says U.S. deputy national security advisor, Anne Neuberger, the United States experiences the...

October 30th – After a series of devastating healthcare-related breaches across the past few months, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Department of Health and Human Services (HHS), has released a new set of resources intended to help professionals in the healthcare space improve their organization's security posture. This year to-date, CISA has...

October 27th – Since 2021, the nation-state backed group known as APT28 (a.k.a ‘Strontium’ or ‘Fancy Bear’) has been linked to a series of breaches targeting French government entities, businesses, universities and think tanks. Most recently, APT28 leveraged CVE-2023-38831, a remote code execution vulnerability in WinRAR, and a zero-day privilege elevation flaw in Microsoft Outlook to compromise organizations. The...

October 25th 2023 – In Ontario, five different hospitals are contending with a cyber attack that has caused delays in care delivery. Some patients and their families report that they’ve waited hours for care and that procedures have been canceled. One individual required an ambulance to reach the Windsor Regional Hospital’s Met campus and was required to wait...

October 23rd – Across the next two years, Microsoft will invest $5bn in Australia to help protect the nation from cyber threats. While on a trip to Washington D.C., flanked by Microsoft’s vice-chair and president, Brad Smith, Australia's Prime Minister Anthony Albanese confirmed the investment. Australian cyber security strategy The announcement was made just ahead of the Albanese government’s articulation...

October 20th – In New York, two hospitals are diverting patients to other facilities due to cyber attacks. The incidents affect systems at HealthAlliance Hospital, in Kingston, and at Mountainside Residential Care Center, both of which are part of the Westchester Medical Center Health Network. Authorities are investigating the incidents, as is an independent cyber security firm. Across...

October 18th – Ever since Elon Musk purchased Twitter, the platform has changed a lot. The famous blue bird logo disappeared, Twitter Blue was a thing for a minute, and most notably, the platform has rebranded to X. And now, X is has announced a new experiment… The platform will now charge a one dollar per year fee...