News – August 2023

August 17, 2023

CISA released three Industrial Control Systems (ICS) advisories on August 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-229-01 ICONICS and Mitsubishi Electric Products Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

August 17, 2023

A man arrested by detectives investigating criminality linked to last week’s major PSNI data breach has been released on bail to allow for further police enquiries. The 39-year-old man had been detained following a search in Lurgan, Co Armagh on Wednesday. He had been questioned on suspicion of collection of information likely to be of use ...

August 17, 2023

Atlassian has released its security bulletin for August 2023 to address a vulnerability in Confluence Server and Data Center, CVE-2023-28709. A remote attacker can exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Atlassian’s August 2003 Security Bulletin and apply the necessary update. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

August 17, 2023

Since at least 2019, Mandiant has tracked threat actor interest in, and use of, AI capabilities to facilitate a variety of malicious activity. Based on Mandiant own observations and open source accounts, adoption of AI in intrusion operations remains limited and primarily related to social engineering. In contrast, information operations actors of diverse motivations and capabilities ...

August 17, 2023

Researchers have found an expansive and active threat campaign that exploited a severe Citrix NetScaler vulnerability to backdoor thousands of devices, including those that were subsequently patched. Attackers automated the exploitation of the remote code execution vulnerability, tracked as CVE-2023-3519, to place Web shells on vulnerable devices. These were found to persist through patches and reboots. Read ...

August 16, 2023

Someone is targeting LinkedIn accounts, trying to break in with either login credentials leaked elsewhere, or with brute-force attacks. As a result, many people have had their accounts compromised, while others have been locked out due to too many failed login attempts. Read more… Source: TechRadar  

August 16, 2023

Today, CISA released the Remote Monitoring and Management (RMM) Cyber Defense Plan, the first proactive Plan developed by industry and government partners through the Joint Cyber Defense Collaborative (JCDC). This plan addresses systemic risks facing the exploitation of RMM software. Cyber threat actors can gain footholds via RMM software into managed service providers (MSPs) or manage ...

August 16, 2023

China’s Ministry of State Security (MSS) on Wednesday warned of data security risks after recent reports identified US intelligence agencies were behind a cyberattack on Wuhan Earthquake Monitoring Center. A joint investigation team formed by the National Computer Virus Emergency Response Center (CVERC) and Chinese cybersecurity company 360 discovered malicious backdoor software that exhibits characteristics of ...

August 16, 2023

Over 5,000 cybersecurity professionals and leaders convene to promote greater collaboration within the sector Kuala Lumpur, 16 August 2023 — The highly anticipated inaugural Cyber Digital Services Defence & Security Asia (CyberDSA) 2023 has officially commenced at the Kuala Lumpur Convention Centre, graced by the Minister of Communications and Digital, YB Fahmi Fadzil. Embracing the theme ...

August 16, 2023

Cyber crimes in Germany fell by 6.5% in 2022, federal police said on Wednesday, but the decline was not a “relief” as the attacks were more severe and those originating from overseas rose by more than 8%. The economic damage was 203 billion euros ($221.59 billion), down slightly from last year, but still double that of ...