Welcome to Cyber Watch series for today, August 25, 2023. At DigitalXForce, our Cyber Intelligence team curates a list of the latest cybersecurity news to keep you informed of stories that matter every week.
This week’s Cyber Watch top 10 list is a compilation of stories from 50+ relevant news sources across the web – all ranked according to the risk impact. We encourage you to review these stories and take steps to protect your organization.
According to a recent Radware report, a striking 500% surge in malicious web application transactions has been recorded in 2023, unveiling a pressing cyber threat. This surge underscores the escalating sophistication of cybercriminals in targeting web applications to exploit vulnerabilities and gain unauthorized access.
Security Magazine reported that “the number of malicious web application transactions increased by 500% compared to the first half of 2022, while the total number of DDoS events decreased 33%.” The alarming statistics highlight the growing need for organizations to fortify their web security measures, implement robust firewalls, and ensure regular security updates.
A recent The Hacker News report revealed the emergence of a potent new threat known as “TeleKopye” Telegram bot, which has gained popularity for amplifying phishing attacks. Telekopye bot assists cybercriminals in crafting convincing phishing campaigns by generating replicas of popular websites.
These deceptive sites are used to steal sensitive information from unsuspecting victims. According to a recent The Hacker News report, this bot was linked to a source in Russia.
NIST is taking groundbreaking steps to safeguard digital security with its innovative post-quantum cryptography initiative. As the specter of quantum computing threatens traditional encryption methods, NIST’s undertaking gains immense significance.
According to a report by InfoSecurity Magazine, “the PQC Standardization Process forms part of efforts to facilitate quantum-secured technologies before ‘Q-Day’ – the point at which quantum computers can break existing cryptographic algorithms..”
By developing resilient cryptographic standards, NIST aims to fortify our digital infrastructure against future quantum-powered cyber threats.
A recent data breach has hit Tesla, raising concerns about the security of personal and vehicle information. The breach, which reportedly stemmed from unauthorized access to a third-party vendor’s system, highlights the ongoing vulnerability of even technologically advanced companies.
According to a Cybersecurity News report, “recently, Tesla reported a data breach that exposed more than 75,000 users’ information. But, It has been confirmed that this exposure is not a data breach but results from ‘insider wrongdoing’.”
The incident emphasizes the importance of robust cybersecurity measures, especially for automotive giants that store sensitive customer data.
SC Magazine reported that urgent alerts from the FBI advise immediate attention as exploited Barracuda Email Security Gateway (ESG) appliances put organizations at risk. Attackers target vulnerabilities, potentially compromising sensitive data and communication. According to the report, “a large number of the appliances around the world were hit in a zero-day attack discovered in May and subsequently attributed to a previously unknown threat group, dubbed UNC4841 by Mandiant, suspected of being linked to China.”
The FBI’s call to unplug these appliances highlights the seriousness of the situation and the urgency for businesses to safeguard their digital assets.
An Advanced Persistent Threat (APT) group’s exploitation of the supply chain has triggered alarm bells in the cybersecurity realm as attacks loom in HongKong and other parts of Asia. These sophisticated attackers are infiltrating organizations through third-party vulnerabilities, underscoring the widespread risk of supply chain attacks.
According to Infosecurity Magazine, “the backdoor malware can be used to execute commands, enumerate files, check running processes, download files, open firewall ports and act as a keylogger, suggesting the intent here is cyber-espionage.”
Security incidents of this nature highlights the urgency for businesses to vet their suppliers’ security practices and fortify defenses against evolving APT tactics.
Urgent concern mounts as a critical flaw in Citrix ShareFile is exposed, potentially enabling attackers to execute arbitrary code. CISA warns that this vulnerability poses serious risks to data integrity and confidentiality. A Cybersecurity News report suggests that “Users of this product are recommended to upgrade to the latest version of Citrix to prevent threat actors from exploiting it.”
This explains the significance of prompt software updates and vigilance against exploitation by cybercriminals.
In a historic move, the UK is set to host the world’s first AI Summit at Bletchley Park, renowned for its World War II codebreaking legacy. This landmark event brings together global leaders, experts, and innovators to shape the future of artificial intelligence. According to a recent CNBC report, “It is not yet clear which companies, governments, or researchers will attend the event.”
The choice of venue pays homage to Bletchley Park’s pivotal role in history and underscores the ongoing significance of codebreaking in the digital age.
A surge in cyberattacks worldwide has been attributed to the nefarious SpaceColon toolset. This potent cyber weapon enables attackers to exploit vulnerabilities and gain unauthorized access to systems.
A Hacker News report reads, “Furthermore, there is evidence that the adversary is actively developing a new ransomware strain dubbed ScRansom, which attempts to encrypt all hard, removable, and remote drives using the AES-128 algorithm with a key generated from a hard-coded string.
The alarming rise in attacks highlights the evolving tactics of cybercriminals and the escalating threat landscape.
A significant data breach has struck popular language learning platform Duolingo, with personal information of 26 million users released on a hacking forum. The breach, compromising usernames, email addresses, and encrypted passwords, underlines the persistent threat of cyberattacks.
According to a Bleeping Computer report, “this data was scraped using an exposed application programming interface (API) that has been shared openly since at least March 2023, with researchers tweeting and publicly documenting how to use the API.”
The security incident emphasizes the importance of protecting user data and adhering to stringent cybersecurity practices.
CloudNordic, a major cloud service provider, reels from a ransomware attack causing severe customer data loss. The incident serves as a stark reminder of the havoc ransomware can wreak on businesses and individuals alike.
Cyber News reported that “the company re-established blank systems – such as name servers, web servers, and mail servers – without data, but acknowledges that there’s not much that can be done for the lost emails.”
The fallout highlights the importance of robust cybersecurity measures, disaster recovery plans, and heightened vigilance against evolving cyber threats.
That’s all for today. See you next week!