News – October 2024

October 15, 2024

Mandiant analyzed 138 vulnerabilities that were disclosed in 2023 and that we tracked as exploited in the wild. Consistent with past analyses, the majority (97) of these vulnerabilities were exploited as zero-days (vulnerabilities exploited before patches are made available, excluding end-of-life technologies). Forty-one vulnerabilities were exploited as n-days (vulnerabilities first exploited after patches are available). While ...

October 15, 2024

Westpac and subsidiaries including St George, Bank of Melbourne and BankSA have been hit by a string of outages. The bank said services were restored on Wednesday afternoon, but some customers continued to report disruptions. Treasurer Jim Chalmers says the government has been in contact with Westpac and described the internet and mobile banking issues as ...

October 15, 2024

In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders. Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced ...

October 15, 2024

Chinese authorities have published another set of allegations that assert the Volt Typhoon cyber-crew is an invention of the US and its allies, and not a crew run by Beijing. Published on Monday in five languages, a document titled “Lie to Me: Volt Typhoon III – Unravelling Cyberespionage and Disinformation Operations Conducted by US Government Agencies” ...

October 15, 2024

SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. Over the years, the group has launched attacks against high-profile entities in South and Southeast Asia. Its primary targets have been military and government entities in Pakistan, ...

October 15, 2024

Sri Lankan police have arrested more than 230 Chinese men accused of targeting international banks in online scams, the foreign minister said on Tuesday (Oct 15), with help from security officials sent by Beijing. Vijitha Herath said police raids over the past week had also seized 250 computers and 500 mobile phones used in the alleged ...

October 15, 2024

In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document. However, the email ...

October 14, 2024

The Kaspersky Digital Footprint Intelligence team analyzed cybersecurity threats coming from dark web cybercriminals who targeted businesses and governments in the Middle East in H1 2024. Our research highlights the most severe and pervasive threats, and identifies potential risks and consequences as well as defensive strategies. The five prevalent cybersecurity threats in the Middle East covered ...

October 14, 2024

French news agency Agence France-Presse (AFP) suffered a cyber attack that disrupted its content delivery infrastructure and file transfer systems. It operates English, French, Arabic, Portuguese, and Spanish news channels and employs over 2,400 people in 150 countries. AFP said it was working to restore impacted systems and has engaged French cybersecurity agency ANSSI and law ...

October 14, 2024

The research team, led by Wang Chao from Shanghai University, found that D-Wave’s quantum computers can optimize problem-solving in a way that makes it possible to attack encryption methods such as RSA. In a potentially alarming development for global cybersecurity, Chinese researchers have unveiled a method using D-Wave’s quantum annealing systems to crack classic encryption, potentially ...