News – August 2023

August 26, 2023

The Metropolitan Police were on red alert tonight after details of officers and staff were hacked in a massive security breach. All 47,000 personnel were warned of the risk their photos, names and ranks had been stolen when cyber crooks penetrated the IT systems of a contractor printing warrant cards and staff passes. Information taken also ...

August 25, 2023

  Lockbit is one of the most prevalent ransomware strains. It comes with an affiliate ransomware-as-a-service (RaaS) program offering up to 80% of the ransom demand to participants, and includes a bug bounty program for those who detect and report vulnerabilities that allow files to be decrypted without paying the ransom. According to the Lockbit owners, the ...

August 25, 2023

Identifying anomalies in the operations of computer systems that control critical safety and security functions calls for extensive expertise, and the actions required need to be tested, analysed and amended in order to be robust. “Anomaly detection plays an important part in early assessment of possible threats targeting the computer-based systems at nuclear and radiological facilities,” ...

August 24, 2023

Belgian IT services firm Econocom on Thursday confirmed it is investigating a cyber attack it believes originated from a service provider working with some of its clients in France. Read more… Source: USNews  

August 24, 2023

Microsoft has identified a nation-state activity group tracked as Flax Typhoon, based in China, that is targeting dozens of organizations in Taiwan with the likely intention of performing espionage. Flax Typhoon gains and maintains long-term access to Taiwanese organizations’ networks with minimal use of malware, relying on tools built into the operating system, along with ...

August 24, 2023

In the new Lazarus Group campaign we recently disclosed, the North Korean state-sponsored actor continues to use much of the same infrastructure despite those components being well-documented by security researchers over the years. Their continued use of the same tactics, techniques and procedures (TTPs) — many of which are publicly known — highlights the group’s confidence ...

August 24, 2023

The United States has charged two cofounders of the cryptocurrency mixer Tornado Cash with money laundering and other crimes a year after authorities banned the Russian-founded platform over its alleged support of North Korean hackers. Roman Semenov and Roman Storm have been charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and conspiracy ...

August 24, 2023

CISA released six Industrial Control Systems (ICS) advisories on August 24, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-236-01 KNX Protocol ICSA-23-236-02 Opto 22 SNAP PAC S1 Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Adds Two Known Exploited Vulnerabilities to Catalog  

August 24, 2023

Artificial intelligence (AI) and large language models (LLMs) can help threat intelligence teams to detect and understand novel threats at scale, reduce burnout-inducing toil, and grow their existing talent by democratizing access to subject matter expertise. However, broad access to foundational Open Source Intelligence (OSINT) data and AI/ML technologies has quickly led to an overwhelming amount ...

August 23, 2023

Cloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its data center systems, including its backups. The Denmark-based cloud company said the ransomware attack began Friday, during which cybercriminals “shut down all systems,” including its website and email, and encrypted customer systems and websites. Read more… Source: TechCrunch