Welcome to Cyber Watch series for today, September 8, 2023. At DigitalXForce, our Cyber Intelligence team curates a list of the latest cybersecurity news to keep you informed of stories that matter every week.
This week’s Cyber Watch top 10 list is a compilation of stories from 50+ relevant news sources across the web – all ranked according to the risk impact. We encourage you to review these stories and take steps to protect your organization.
Amerita and PharMerica, providers of specialty infusion and pharmacy services, have reported a data breach that exposed patient information. The breach occurred through a third-party vendor, potentially impacting sensitive data of patients, including medical and financial details.
According to a recent Security Magazine report, “the information at-issue included name, address and certain patient information such as medical history, diagnosis, medications and health insurance information.” This incident underscores the ongoing vulnerability of healthcare organizations to cyber threats and the importance of robust data protection measures.
A sophisticated social engineering scam has targeted customers of identity and access management company Okta. Cybercriminals impersonated Okta’s support team, using convincing email and phone tactics to gain access to user accounts. SC Media reported that “before calling to request an MFA reset, the threat actors appeared to have passwords for the super admin accounts or were “able to manipulate the delegated authentication flow via Active Directory”.
This incident underlines the evolving tactics of phishing and social engineering, showcasing the importance of vigilance and user education in the fight against cybercrime.
A Chinese hacker is under scrutiny for allegedly stealing valuable intellectual property – a signing key – from Microsoft, raising concerns over state-sponsored cyber espionage. The attack targeted Microsoft’s Azure DevOps source code repositories, potentially exposing critical software code and proprietary information.
An InfoSec Magazine report revealed that “a series of unfortunate events allowed the China-backed adversary, which Microsoft tracks as Storm-0558, to gain ‘lawful’ access to the Exchange Online and Azure Active Directory (now called Microsoft Entra ID) accounts of 25 organizations.” This highlights the persistent threat of state-sponsored hacking and its potential consequences for global cybersecurity.
Cybercriminals are weaponizing vulnerabilities in the MinIO storage system, causing alarm among cybersecurity experts. According to a Cybersecurity News report, “threat actors relied on a non-native solution and exploited these vulnerabilities relatively easily.”
By exploiting these flaws, hackers gain unauthorized access to sensitive data stored within MinIO instances, potentially compromising businesses and organizations.
Startling allegations have emerged, suggesting that North Korean hackers orchestrated cryptocurrency thefts to finance the nation’s nuclear program. A report by TRM and Chainalysis sheds light on these cybercriminal activities, revealing the theft of millions in digital assets by state-affiliated hackers.
According to a recent CNBC report, “Hackers exploit what’s known as a blockchain “bridge,” which allows users to transfer their digital assets from one crypto network to another.” This revelation deepens concerns about the illicit use of cryptocurrencies for funding strategic endeavors.
A recent WIRED.com report revealed that “In a little-noticed article released last month in the quarterly publication Foreign Policy Analytics, the International Criminal Court’s lead prosecutor, Karim Khan, spelled out that new commitment: His office will investigate cybercrimes that potentially violate the Rome Statute, the treaty that defines the court’s authority to prosecute illegal acts, including war crimes, crimes against humanity, and genocide.”.
The International Criminal Court (ICC) is stepping into uncharted territory, deliberating the inclusion of cyberwar crimes in its jurisdiction. With the increasing use of cyberattacks as tools of warfare, the ICC’s move signifies a crucial recognition of the digital realm’s impact on global conflicts. The consideration of cyberwar crimes, including state-sponsored cyberattacks, highlights the growing importance of international law in regulating cyberspace.
The Cybersecurity and Infrastructure Security Agency (CISA) has released crucial guidance on adopting effective Distributed Denial of Service (DDoS) mitigations. In light of escalating cyber threats, this guidance aims to equip organizations with robust strategies to defend against disruptive DDoS attacks. Security Week recently reported that “When considering the adoption of mitigations against DDoS attacks, federal agencies should look at content delivery networks (CDNs), internet service providers (ISPs) and upstream providers, and cloud service provider hosted services.”
As DDoS attacks continue to evolve in complexity and scale, staying informed about CISA’s recommendations becomes paramount. Learn about the best practices, tools, and measures outlined in the guidance to bolster your cybersecurity posture, ensuring the resilience of your digital infrastructure against the persistent threat of DDoS attacks in our increasingly interconnected world.
Security experts have uncovered a concerning development in cyber threats as the Chaes4 malware variant emerges, taking aim at financial and logistics industries. This sophisticated malware presents an elevated risk by targeting sectors crucial to global economic operations. The discovery underlines the evolving tactics of cybercriminals and the urgency for enhanced cybersecurity measures.
According to a recent Morphisec report, “this isn’t just any ordinary Chaes variant. It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol.This isn’t just any ordinary Chaes variant. It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol.”
Samsung is set to transform the smart home landscape with its GenAI-powered Bixby, offering enhanced automation and convenience. By leveraging artificial intelligence, Bixby aims to provide users with a more personalized and intuitive smart home experience.
Just recently, IoTTechNews reported that “in addition to enhancing Bixby, Samsung is also introducing Tizen RT—a lightweight version of its Tizen OS that is purpose-built for smart home appliances.“ This development signifies a significant step toward the seamless integration of AI and IoT technologies, promising a future where our homes are even more responsive to our needs.
That’s all for today. Stay tuned for our next episode. See you next week!