News – September 2023


  • QR codes in email phishing

    September 27, 2023

    QR codes are everywhere: you can see them on posters and leaflets, ATM screens, price tags and merchandise, historical buildings and monuments. People use them to share information, promote various online resources, pay for their goodies, and pass verification. And yet you don’t see lots of QR codes in email: users often read messages on ...

  • 10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome

    September 27, 2023

    Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser. Attackers could exploit these vulnerabilities to carry out a variety of attacks, in some cases gaining the ability to execute remote code on the targeted machine. Read more… Source: Cisco Talos  

  • Czechia: University of Defence victim of cyber-attack

    September 27, 2023

    Czechia’s University of Defence was the victim of a cyber-attack, with hackers evidently stealing data from the institution’s rector, iRozhlas.cz reported on Wednesday. The news website said the Municipal State Prosecutor’s Office in Brno was looking into the matter. A spokesperson for the National Cyber and Information Security Agency said it would not comment on the ...

  • NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors

    September 27, 2023

    Today, the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA), along with the Japan National Police Agency (NPA) and the Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released joint Cybersecurity Advisory (CSA) People’s Republic of China-Linked Cyber Actors Hide in Router Firmware. The ...

  • A Ransomware Group Is Claiming They’ve Breached Sony’s Systems And Stolen Data

    September 27, 2023

    Although the claims of a data breach are still unverified, Sony has publicly acknowledged the situation and issued a statement to IGN which simply reads, “We are currently investigating the situation, and we have no further comment at this time.” It looks like Sony may have been victim of a breach resulting in the collection of ...

  • Data breaches putting domestic abuse victims’ lives at risk, says UK watchdog

    September 27, 2023

    Councils, police forces and hospitals are putting women’s lives at risk by accidentally disclosing domestic abuse victims’ addresses to perpetrators, the UK’s information watchdog has said. John Edwards, the information commissioner, who has reprimanded seven organisations in just over a year for data breaches affecting victims of abuse, said: “This is a pattern that must ...

  • Analysis of Generative AI Trends and ChatGPT Usage

    September 26, 2023

    The release of ChatGPT underscores the potential of artificial intelligence to revolutionize the daily operations of organizations. This paradigm shift is compelling businesses to reevaluate their conventional approaches and embrace the transformative capabilities offered by AI. Among the noteworthy facets of AI’s evolution, Large Language Models (LLMs) have emerged as a dominant force, reshaping user interactions ...

  • ICS protocol coverage using Snort 3 service inspectors

    September 26, 2023

    With more devices on operational technology (OT) networks now getting connected to wide-reaching IT networks, it is more important than ever to have effective detection capabilities for ICS protocols. However, there are a few issues that usually arise when creating detection for ICS protocol traffic. Oftentimes, the protocols connecting these devices on modern networks originate ...

  • ASEAN, China, and UNODC agree to a plan of action to address criminal scams in Southeast Asia

    September 26, 2023

    Senior officials from ASEAN, China and United Nations Office on Drugs and Crime (UNODC) have agreed to address transnational organized crime and trafficking in persons associated with casinos and scams. “Trafficking in persons connected to casinos and scam operations run by organized crime has mushroomed across Southeast Asia, particularly in the Mekong” remarked Jeremy Douglas, UNODC ...

  • CISA Releases Six Industrial Control Systems Advisories

    September 26, 2023

    CISA released six Industrial Control Systems (ICS) advisories on September 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-269-01 Suprema BioStar 2 ICSA-23-269-02 Hitachi Energy Asset Suite 9 ICSA-23-269-03 Mitsubishi Electric FA Engineering Software Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds Three Known Exploited Vulnerabilities to Catalog