News – October 2023


  • Remediation for Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966)

    October 17, 2023

    On Oct. 10, 2023, Citrix released a security bulletin for a sensitive information disclosure vulnerability (CVE-2023-4966) impacting NetScaler ADC and NetScaler Gateway appliances. Mandiant has identified zero-day exploitation of this vulnerability in the wild beginning in late August 2023. Successful exploitation could result in the ability to hijack existing authenticated sessions, therefore bypassing multifactor authentication ...

  • DarkGate Opens Organizations for Attack via Skype, Teams

    October 17, 2023

    From July to September, Trend Micro observed the DarkGate campaign (detected by Trend Micro as TrojanSpy.AutoIt.DARKGATE.AA) abusing instant messaging platforms to deliver a VBA loader script to victims. This script downloaded and executed a second-stage payload consisting of a AutoIT scripting containing the DarkGate malware code. It’s unclear how the originating accounts of the instant messaging ...

  • Analyzing cyber activity surrounding the conflict in the Middle East

    October 17, 2023

    In light of the ongoing escalation in the Middle East, Group-IB’s Threat Intelligence unit has been monitoring the activity of different threat actors involved in the conflict in cyber space. As they noted in the Hi-Tech Crime Trends 2022/2023 report, any rise in political tensions or the outbreak of hostilities is almost always accompanied by ...

  • Hackers trying to corrupt AI, raising level of ransomware threat

    October 17, 2023

    Cyber criminals are actively trying to corrupt generative artificial intelligence (AI), which may then put the ability to create ransomware in the hands of individuals. The looming threat is what keeps Mr Willis Lim, the director of the National Cyber Threat Analysis Centre at the Cyber Security Agency of Singapore (CSA), up at night. Generative ...

  • Over 70pc of Irish businesses suffered cyber attack in the past 12 months – report

    October 17, 2023

    Over 70pc of Irish businesses have suffered a cyber attack over the past year, a new report from insurer Hiscox has revealed. Around 71pc of the 200 Irish businesses surveyed experienced a cyber attack in the past 12 months, up 22pc from the same period last year. Ireland also had the highest median average number ...

  • Kaspersky uncovers APT campaign targeting APAC government entities

    October 17, 2023

    Kaspersky researchers have discovered a persistent campaign compromising a specific type of secure USB drive used to provide encryption for safe data storage. Dubbed “TetrisPhantom,” this espionage effort targets government entities in the Asia-Pacific region (APAC), and shows no discernible overlap with any known threat actor. These and other findings are detailed in Kaspersky’s new ...

  • Urgent global response needed for “insidious” cybercrime – Interpol

    October 16, 2023

    SINGAPORE – New types of cybercrime are emerging all the time. Manipulative and well-organized cybercriminals are exploiting digital technologies to tailor their attacks and target weaknesses in online systems, networks and infrastructures. The complex and borderless nature of cybercrime is compounded by the involvement of transnational organized crime groups, underlining the need to mount an ...

  • Thailand: House of Representatives’ Website Hacked, Cyber Attack Investigation Underway

    October 16, 2023

    The House of Representatives’ website fell victim to a cyber attack on Sunday, October 15, 2023. The hackers, who go by the name 3MUSKETEERZ, managed to breach the website’s security and display a picture of a troll in the photo journal section. Additionally, the perpetrators altered the press releases and committee schedules featured on the site. ...

  • China’s cyber security association sets up special committee to bolster AI research

    October 15, 2023

    China has set up a professional committee focusing on governance of artificial intelligence (AI) security in a bid to build a sustained foundation for the sound development of the emerging industry, according to the country’s cyber security association. On Thursday, an inaugural meeting was held in Beijing for the AI security governance committee under the ...

  • Understanding DNS Tunneling Traffic in the Wild

    October 13, 2023

    Palo Alto Unit 42 researchers present a study on why and how domain name system (DNS) tunneling techniques are used in the wild. Motivated by their findings, they present a system to automatically attribute tunneling domains to tools and campaigns. Attackers adopt DNS tunneling techniques to bypass security policies in enterprise networks because most enterprises ...