News – August 2023

August 23, 2023

In July 2023, Malwarebytes researchers observed a malvertising campaign that lured potential victims to a fraudulent site for a Windows IT management tool. Unlike previous similar attacks, the final payload was packaged differently and not immediately recognizable. The decoy file came as an MSI installer containing an AutoIT script where the payload was obfuscated to avoid ...

August 23, 2023

Cybersecurity experts warn Australian businesses are under threat as the nation remains one of the most targeted for ransomware attacks. Threat analysis company Flashpoint ranked Australia eight following 11 ransomware attacks in July, behind the USA and the UK. Read more… Source: News.com.au  

August 22, 2023

A previously unknown advanced persistent threat (APT) group used the legitimate Cobra DocGuard software to carry out a supply chain attack with the goal of deploying the Korplug backdoor (aka PlugX) onto victim computers. In the course of this attack, the attackers used malware signed with a legitimate Microsoft certificate. Most of the victims in this ...

August 22, 2023

CISA released four Industrial Control Systems (ICS) advisories on August 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-234-01 Hitachi Energy AFF66x ICSA-23-234-02 Trane Thermostats Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

August 21, 2023

Japanese watchmaker Seiko Group Corp. has been struck by a ransomware attack, with the BlackCat/ALPHV ransomware gang claiming responsibility. The attack, officially described as a data breach, was disclosed by Seiko on Aug. 10 and is said to have taken place on July 28. According to Seiko, an unidentified party or parties gained unauthorized access to ...

August 21, 2023

Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and National Institute of Standards and Technology (NIST) released a joint factsheet, Quantum-Readiness: Migration to Post-Quantum Cryptography (PQC), to inform organizations—especially those that support Critical Infrastructure—of the impacts of quantum capabilities, and to encourage the early planning for migration to post-quantum cryptographic standards ...

August 21, 2023

Operators of critical utility infrastructure across the UK may have been affected by a developing cyber attack on the systems of Energy One, an Australia-based supplier of software and services for the energy sector. The ongoing incident was disclosed via a statement to the Australian Securities Exchange (ASX) on the morning of Monday 21 August (Sunday ...

August 18, 2023

DAR ES SALAM, Tanzania – INTERPOL and AFRIPOL have coordinated an operation across 25 African countries that enabled investigators to arrest 14 suspected cybercriminals and identify 20,674 suspicious cyber networks, highlighting the surge in digital insecurity and cyber threats in the region. The networks identified were linked to financial losses of more than USD 40 ...

August 18, 2023

The rapid advancement of technology has led to an increasing number of cybersecurity incidents that pose significant risks to organizations, their stakeholders, and the general public. Recognizing the importance of transparent and timely reporting of such incidents, the U.S. Securities and Exchange Commission (SEC) announced on July 26, 2023, that it has adopted final rules ...

August 18, 2023

The US embassy in Montenegro has placed billboards on several locations in the capital Podgorica, offering up to $10 million for information on cyber attacks in Montenegro operated against American interests. The billboards seek information about ransomware attacks on state information systems, interference in elections, or “malicious cyber activities against critical American infrastructure”. Montenegro has been ...