Please welcome our newest CyAN member, Will Rivera, from the United States! Will Rivera is a seasoned leader with over 17 years of experience in advocacy and mission-driven organizations. As Managing Director at MyOwn Image, he drives nationwide efforts to combat technology-facilitated violence and promote …
Contents: News CyAN Members Op Eds and Articles Events News: How Chinese insiders are stealing data scooped up by President Xi’s national surveillance system https://www.theregister.com/2024/12/08/chinese_insiders_stealing_data/ Chinese insiders have reportedly leaked data from President Xi Jinping’s national surveillance system, exposing significant vulnerabilities within the massive monitoring …
BT Group confirms attackers tried to break into Conferencing division
https://www.theregister.com/2024/12/05/bt_group_confirms_attempted_attack/
BT Group recently disclosed an attempted cyberattack on its Conferencing division, thwarted before significant damage occurred. The attackers targeted vulnerabilities in communication systems, aiming to disrupt services or access sensitive business data. BT’s swift response underscores the critical need for robust monitoring and rapid incident response capabilities. Communication platforms are increasingly attractive to cybercriminals, given their role in modern business operations. This incident highlights that even large organisations are not immune to evolving cyber threats, driving home the importance of multi-layered cybersecurity strategies to safeguard critical infrastructure.
‘Large number’ of Americans’ metadata stolen by Salt Typhoon hackers
https://www.itnews.com.au/news/large-number-of-americans-metadata-stolen-by-salt-typhoon-hackers-613694
The Salt Typhoon hacking group has reportedly stolen a vast amount of Americans’ metadata in a targeted cyber espionage campaign. The group, believed to be state-sponsored, exploited vulnerabilities to collect sensitive information, raising significant concerns about national security and privacy. Metadata theft, while often overlooked, provides valuable insights into communication patterns and behaviours, making it a powerful tool for adversaries. This incident highlights the urgent need for stronger data protection laws and robust defences to counter increasingly sophisticated state-backed cyber threats.
Eurocops take down ‘secure’ criminal chat system known as Matrix
https://www.theregister.com/2024/12/04/eurocop_crack_matrix/
European law enforcement agencies have dismantled the Matrix, a supposedly secure criminal chat system used by organised crime groups. The operation led to multiple arrests and significant evidence collection, including encrypted messages that were successfully deciphered. The takedown highlights the growing capability of law enforcement to crack encrypted networks and disrupt illicit activities. This case serves as a stark reminder that even “secure” systems are vulnerable when targeted by determined investigators, underscoring the importance of transparency and compliance for legitimate service providers.
Police Shutter Largest German-Speaking Criminal Marketplace
https://www.databreachtoday.com/police-shutter-largest-german-speaking-criminal-marketplace-a-26970
Authorities have closed down the largest German-speaking criminal marketplace, seizing servers and arresting key suspects. This platform facilitated the sale of illicit goods and services, including stolen data, counterfeit documents, and hacking tools. Over 2.3 million messages were intercepted, providing critical insights into criminal operations. The takedown demonstrates the success of international collaboration in combating cybercrime and the growing focus on dismantling dark web marketplaces. Experts emphasise the need for continuous vigilance to disrupt these evolving criminal ecosystems.
UK underestimates threat of cyber-attacks from hostile states and gangs, says security chief
https://www.theguardian.com/technology/2024/dec/03/uk-underestimates-threat-of-cyber-attacks-from-hostile-states-and-gangs-says-security-chief
The UK’s security chief has issued a stark warning that the nation is underestimating the threat posed by cyberattacks orchestrated by hostile states and organised criminal gangs. The vulnerabilities in critical infrastructure, financial systems, and public services make the country a prime target. Calls for robust investment in cybersecurity, including enhanced training and threat intelligence sharing, are urgent. Without immediate action, adversaries could exploit these gaps to carry out damaging attacks, potentially impacting national security and economic stability. The report stresses that a coordinated, proactive approach is vital to strengthen defences against increasingly complex threats.
Data on 760K workers from Xerox, Nokia, BofA, Morgan Stanley and more dumped online
https://www.theregister.com/2024/12/03/760k_xerox_nokia_bofa_morgan/
A significant data breach has exposed sensitive information of 760,000 employees from global corporations including Xerox, Nokia, BofA, and Morgan Stanley. The leaked data, reportedly stolen during a MOVEit Transfer attack, includes personal and employment details, raising serious concerns about corporate data security and privacy. Experts emphasise the need for robust encryption and secure data transfer practices to mitigate such risks. This incident highlights the widespread impact of supply chain vulnerabilities, with attackers targeting third-party vendors to infiltrate major organisations. Companies must strengthen oversight of their partners and implement comprehensive incident response strategies.
CFPB Proposes Rule to Stop Data Brokers from Selling Sensitive Personal Data to Scammers, Stalkers, and Spies
The Consumer Financial Protection Bureau (CFPB) has proposed a new rule targeting data brokers who sell sensitive personal information, aiming to protect consumers from misuse by scammers, stalkers, and spies. The rule would impose stricter controls on the collection, storage, and sale of data, particularly concerning financial and health-related details. Advocates praise the move as a step towards greater transparency and consumer rights, though critics warn of potential compliance challenges. If enacted, the rule could reshape data brokerage practices, forcing companies to prioritise security and ethical handling of personal information.
U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack
As cyberattacks hit unprecedented levels, U.S. officials are urging citizens to adopt encrypted messaging apps to safeguard sensitive communications. These attacks, which target individuals and critical infrastructure alike, underscore the pressing need for personal cybersecurity measures. End-to-end encrypted platforms offer robust protection, shielding data from interception even by advanced threat actors. This guidance reflects the growing importance of digital literacy, emphasising that secure communication is a vital defense in an era of increasingly sophisticated cybercrime. Public awareness and adoption of these tools are essential to enhancing national resilience against evolving threats.
8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play
https://thehackernews.com/2024/12/8-million-android-users-hit-by-spyloan.html
Over 8 million Android users have fallen victim to SpyLoan malware embedded in loan apps downloaded from Google Play. These apps exploit user data for extortion, demanding payments with threats of sharing private information. The malware highlights gaps in app store security, as malicious apps evade detection with increasingly sophisticated tactics. Cybersecurity experts stress the need for stricter vetting processes, user vigilance, and enhanced app permissions management. This incident underscores the risks of trusting unofficial financial apps, emphasising the importance of verifying app legitimacy before installation.
‘Russia can turn the lights off’: how the UK is preparing for cyberwar
The UK is ramping up its defences against potential Russian cyberattacks targeting critical infrastructure, including energy grids and communication networks. Security experts warn that the scale and sophistication of state-sponsored threats could disrupt essential services and compromise national security. This article highlights ongoing efforts to bolster cybersecurity, such as increased funding, international collaboration, and proactive threat intelligence. While preparations are underway, officials stress the importance of resilience and public-private partnerships to address emerging challenges. The stakes underscore the urgent need for vigilance in an evolving geopolitical landscape.
Australia and UK partner to combat scams
https://itwire.com/business-it-news/security/australia-and-uk-partner-to-combat-scams.html
Australia and the UK have joined forces to tackle the escalating issue of online scams, focusing on disrupting criminal networks and protecting consumers. This partnership enhances data sharing, coordinates enforcement actions, and launches public awareness campaigns aimed at reducing fraud. Both nations aim to counteract advanced tactics such as AI-driven phishing, social engineering, and identity theft. The collaboration is expected to set new standards for international cooperation, ensuring safer online environments and fostering trust in digital transactions. With shared expertise and resources, this alliance strengthens efforts to combat evolving cybercrime challenges.
Bug Bounties: Bringing Hackers and Manufacturers Together
https://www.databreachtoday.com/bug-bounties-bringing-hackers-manufacturers-together-a-26969
Bug bounty programs are bridging the gap between ethical hackers and manufacturers, fostering collaboration to identify and fix vulnerabilities before they can be exploited. This article highlights the evolution of these initiatives, showcasing how they incentivise hackers to report flaws responsibly, while manufacturers gain critical insights to bolster their defences. By embracing bug bounties, companies demonstrate a proactive stance on security, addressing risks in real time. As cyber threats grow more sophisticated, such programs offer a win-win, enhancing safety for users and strengthening trust in technology. The approach also sets a precedent for industry-wide adoption, promoting a culture of accountability and innovation in cybersecurity.
Third-Party Risk Management in Formula 1
https://www.linkedin.com/pulse/third-party-risk-management-formula-1-mohit-makhija-mba-cism–f1qcc
The fast-paced world of Formula 1 isn’t just about racing; it’s also a lesson in managing third-party risks. This article explores how F1 teams collaborate with numerous suppliers and tech partners, highlighting the crucial role of effective risk management to maintain performance and security. As teams depend on cutting-edge technology and data sharing, vulnerabilities can arise from third-party integrations. The piece by CyAN Member Mohit Makhija stresses the importance of robust vetting, ongoing monitoring, and clear communication channels to mitigate potential risks. Drawing parallels to broader industries, it showcases how lessons from Formula 1’s meticulous approach can be applied to other sectors, underscoring the need for speed and precision in addressing third-party challenges.
New Podcast: China’s Cyber-Range Exercises
https://cybersecurityadvisors.network/2024/12/06/new-podcast-chinas-cyber-range-exercises/
A Conversation with Mei Danowski (Natto Thoughts) and Eugenio Benincasa (ETH Zürich Center for Strategic Studies)
Mei Danowski is researcher focused on strategic threat intelligence, and a co-founder Natto Thoughts. Eugenio Benincasa is a senior cyberdefense researcher with the Center for Security Studies at the ETH Zürich. They recently collaborated on an article for Natto Thoughts, about Chinese cyber range exercises.
When Networking Turns Toxic: The Dark Side of Industry Events
https://www.linkedin.com/pulse/when-networking-turns-toxic-dark-side-industry-events-mcdonald-eep0c
Industry events can be powerful platforms for connection and collaboration, yet they often expose attendees to hidden risks. This piece highlights how these gatherings can inadvertently enable harmful behaviours, such as harassment, exclusion, or even exploitation, which disproportionately affect underrepresented groups. Tying into the themes of the #16DaysOfActivism, it underscores the need for safer, more inclusive spaces that empower everyone equally. On the cyber front, the risks are just as pressing—events frequently lack secure digital protocols, making them fertile ground for phishing, data breaches, and malware attacks. By fostering both personal and cyber safety, industries can transform networking into a force for good.
AI Global Everything will be held from 4th to 6th February 2025 in Dubai, U.A.E.
GITEX AFRICA, Marrakesh, Morocco: 14 – 16 April, 2025
GISEC: the 14th edition of Middle East & Africa’s Cybersecurity Event to be held from 6th to 8th May 2025, at Dubai Word Trade Center, Dubai, UAE
Russia arrests one of its own – a cybercrime suspect on FBI’s most wanted list
https://www.theregister.com/2024/12/02/russia_ransomware_arrest/
Russia has detained a high-profile cybercriminal who was on the FBI’s most-wanted list. This rare collaboration between the U.S. and Russia marks a significant development in combating transnational cybercrime. While details of the arrest remain sparse, experts speculate it could signal a strategic shift in Russia’s approach to international cybercrime. The move underscores the growing pressure on nations to address cyber threats that transcend borders. However, long-term cooperation remains uncertain amid geopolitical tensions.
Meta plans to build a $10B subsea cable spanning the world, sources say
https://techcrunch.com/2024/11/29/meta-plans-to-build-a-10b-subsea-cable-spanning-the-world-sources-say
Meta is reportedly planning a $10 billion subsea cable project designed to improve global connectivity and support its metaverse ambitions. The massive undertaking highlights the tech giant’s commitment to data infrastructure and its role in driving internet access worldwide. Critics, however, raise concerns over data sovereignty and the environmental impact of such large-scale projects. If completed, the cable will mark a major milestone in enhancing internet capacity, with significant implications for global digital transformation.
National security watchdog mulls new limits on hacking powers
https://www.innovationaus.com/national-security-watchdog-mulls-new-limits-on-hacking-powers
Australia’s Inspector-General of Intelligence and Security is considering stricter controls on government hacking powers following public backlash. The review comes amid concerns over privacy and the potential misuse of hacking tools by intelligence agencies. Advocacy groups argue for greater oversight and transparency, emphasising the need to balance national security with civil liberties. The outcome of this review could set a precedent for how democratic nations address the ethical implications of state-sponsored hacking.
Warning: Patch Advantech Industrial Wireless Access Points
https://www.databreachtoday.com/warning-patch-advantech-industrial-wireless-access-points-a-26943
A critical vulnerability in Advantech Industrial Wireless Access Points has prompted an urgent patch advisory to prevent exploitation. The flaw could allow attackers to infiltrate industrial networks, posing risks to critical infrastructure. Security researchers stress the importance of immediate action to protect against potential breaches. This incident highlights the ongoing challenges of securing industrial IoT devices, particularly as cyber threats continue to evolve in complexity and impact.
Telcos required to block or flag scam texts under Labor crackdown
https://www.theguardian.com/australia-news/2024/dec/03/albanese-government-scam-text-message-warnings-telcos-law-change
Australia’s Labor government has introduced new measures requiring telcos to block or flag scam texts in real-time. The initiative is part of a broader crackdown on fraud targeting mobile users. Experts applaud the move but warn that robust implementation will be key to its success. Telcos face challenges in balancing security measures with user privacy, while scammers continue to innovate. The policy reflects growing efforts to combat cybercrime at the infrastructure level, setting a potential example for other nations.
The workplace has become a surveillance state
https://www.theregister.com/2024/11/27/workplace_surveillance/
Workplace surveillance is on the rise, with employers leveraging advanced tools to monitor employees’ productivity, communications, and even keystrokes. Critics warn that this trend erodes trust and privacy, creating a “surveillance state” in corporate settings. While organisations argue these measures boost efficiency and security, experts highlight the psychological toll on workers and potential legal ramifications. Striking a balance between monitoring and respecting employee rights is becoming a key challenge in the modern workplace.
“Rockstar 2FA” Phishing-as-a-Service Steals Microsoft 365 Credentials Via AiTM Attacks
https://cybersecuritynews.com/rockstar-2fa/
A new phishing-as-a-service campaign, dubbed “Rockstar 2FA,” is using adversary-in-the-middle (AiTM) attacks to bypass multi-factor authentication and steal Microsoft 365 credentials. The service is being marketed to cybercriminals, lowering the technical barrier to sophisticated attacks. Researchers warn organisations to implement robust email security measures and adopt phishing-resistant MFA methods. This case underscores the evolving nature of phishing threats and the urgent need for organisations to stay ahead of attackers.
AWS launches an incident response service to combat cybersecurity threats
https://techcrunch.com/2024/12/01/aws-launches-an-incident-response-service-to-combat-cybersecurity-threats/
AWS has unveiled a new incident response service aimed at helping customers navigate cybersecurity crises more effectively. The service offers automated threat detection, real-time insights, and expert support to minimise downtime and damage. Analysts see this as a strategic move to strengthen AWS’s position in the cybersecurity market, though it also highlights the increasing complexity of cloud security. Organisations are encouraged to integrate such services into their broader security strategies to enhance resilience against evolving threats.
INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million
INTERPOL’s latest crackdown on financial cybercrime has resulted in 5,500 arrests and the seizure of $400 million in assets. The operation targeted phishing scams, money laundering, and other forms of digital fraud across 30 countries. Authorities credit international cooperation for the operation’s success, underscoring the global nature of cybercrime. Experts highlight the need for continued cross-border collaboration to disrupt criminal networks and strengthen global financial security.
Alder Hey children’s hospital explores ‘data breach’ after ransomware claims
Alder Hey Children’s Hospital is investigating claims of a ransomware attack that allegedly compromised patient data. While the hospital has yet to confirm the breach, experts warn that healthcare institutions remain prime targets for cybercriminals due to their sensitive data and critical operations. The incident underscores the importance of robust cybersecurity measures in healthcare, including timely patching, incident response planning, and employee training. Investigations are ongoing to assess the extent of the damage.
New Windows Cyber Attack Warning As 0-Click Russian Backdoor Confirmed
Security researchers have confirmed the existence of a 0-click backdoor targeting Windows systems, attributed to a Russian-linked cybercriminal group. The backdoor allows attackers to gain access without user interaction, posing significant risks to organisations globally. Microsoft has released patches to address the vulnerability, urging users to update systems immediately. This attack highlights the evolving sophistication of cyber threats and the need for proactive monitoring and patch management to safeguard critical infrastructure.
RansomHub claims to net data hat-trick against Bologna FC
https://www.theregister.com/2024/11/30/bologna_fc_ransomhub/
RansomHub, a ransomware gang, claims to have stolen sensitive data from Bologna FC in a high-profile cyberattack targeting the football club. The breach reportedly includes financial and operational data, putting the organisation at risk of reputational and legal fallout. Experts warn that sports organisations, often seen as soft targets, need to prioritise cybersecurity. The incident underscores the growing trend of ransomware groups targeting non-traditional sectors to maximise impact and leverage.
Zabbix urges upgrades after critical SQL injection bug disclosure
https://www.theregister.com/2024/11/29/zabbix_urges_upgrades_after_critical/
Zabbix, a popular open-source monitoring tool, has disclosed a critical SQL injection vulnerability that could allow attackers to gain unauthorised access to sensitive systems. Users are urged to upgrade to the latest version immediately to mitigate potential exploitation. This incident highlights the persistent risks associated with third-party software vulnerabilities and the need for timely updates. Organisations relying on Zabbix for monitoring must act swiftly to protect against potential breaches.
Uganda confirms hack of central bank accounts, official downplays extent of loss
Uganda has confirmed a cyberattack on its central bank accounts, with officials stating the financial impact is limited. However, the incident raises concerns about the security of critical financial systems in developing nations. Experts highlight the importance of robust cybersecurity measures and international cooperation to protect against increasingly sophisticated threats. This case underscores the need for financial institutions to prioritise resilience and incident response planning in the face of growing cyber risks.
Trump will take a largely deregulatory approach to tech, while aiming to aggressively pursue foreign cyber threat actors.
Former President Trump’s anticipated return to office could bring a deregulatory approach to the tech industry, prioritising reduced compliance burdens for businesses. However, his administration is also expected to intensify efforts against foreign cyber threats, particularly those from adversarial nations. Analysts warn that deregulation could weaken safeguards, while aggressive policies against cyber actors may escalate geopolitical tensions. The tech sector faces a complex mix of opportunities and challenges under this potential policy direction.
Researchers Say Here’s How To Prepare Now For Post Quantum Cybersecurity
Post-quantum cybersecurity is becoming a critical focus as quantum computing advances threaten current encryption methods. Researchers recommend transitioning to quantum-resistant algorithms and preparing for hybrid encryption solutions to ensure long-term data security. Organisations are urged to assess their cryptographic dependencies and plan proactive migrations. This transition highlights the growing importance of staying ahead of technological disruptions to safeguard sensitive information in a rapidly evolving digital landscape.
Telco security is a dumpster fire and everyone’s getting burned
https://www.theregister.com/2024/12/02/telco_security_opinion/
Telco security vulnerabilities are becoming increasingly apparent, exposing both consumers and organisations to risks ranging from data breaches to service outages. This opinion piece explores the systemic flaws in the telco sector, including outdated infrastructure and insufficient regulations. Experts call for comprehensive reforms, urging telcos to adopt zero-trust principles and robust incident response protocols. Addressing these issues is essential to restore trust and resilience in a critical industry supporting global connectivity.
The Importance of Tech Allies in the 16 Days of Activism
https://www.linkedin.com/pulse/importance-tech-allies-16-days-activism-kim-chandler-mcdonald-q4m1c
In this piece, CyAN member Kim Chandler McDonald highlights the pivotal role of technology in combating gender-based violence during the 16 Days of Activism. From secure communication tools to AI-driven abuse detection, technology offers solutions to empower victims and hold perpetrators accountable. However, the article stresses the importance of ethical design and robust privacy measures to prevent misuse. Building a safer digital environment requires collaboration among technologists, advocates, and policymakers.
Empowering Developers Through Security Training: The Role of Secure Coding and Threat Modeling (and a hat-tip to Microsoft!)
In this article, CyAN member Nick Kelly advocates for empowering developers with security training, focusing on secure coding practices and threat modelling. Highlighting Microsoft’s initiatives as an example, the piece emphasises how equipping developers with the right tools and knowledge can significantly reduce vulnerabilities. Bridging the gap between development and security is essential to building resilient systems, fostering a culture of collaboration and proactive defence against cyber threats.
Contents: News Analysis Statistics & Insights – Powered by evisec CyAN News Events News: Labor has passed its proposed social media ban for under-16s. Here’s what we know – and what we don’t https://www.theguardian.com/australia-news/2024/nov/21/labor-social-media-ban-under-16s-details-what-is-covered-which-platform The newly passed social media ban for under-16s without parental consent …
Australia’s first Cyber Security Act becomes law
https://ia.acs.org.au/article/2024/australia-s-first-cyber-security-act-becomes-law.html
Australia’s inaugural Cyber Security Act has officially passed, mandating critical infrastructure providers to adopt stringent cybersecurity measures. The legislation focuses on protecting essential services like energy, health, and communications from evolving cyber threats. Businesses are now required to report incidents promptly and meet compliance standards to mitigate risks. Experts view this as a crucial step in bolstering national resilience, although questions remain about enforcement and SME support.
China has utterly pwned ‘thousands and thousands’ of devices at US telcos
https://www.theregister.com/2024/11/25/salt_typhoon_mark_warner_warning/
The Russian APT group Fancy Bear has developed a “Nearest Neighbor” attack leveraging unsecured nearby Wi-Fi networks to compromise targets. This technique allows hackers to infiltrate systems without needing direct network access, posing significant risks to organisations relying on wireless security. The attack highlights vulnerabilities in urban environments, where proximity to targets is easily exploited. Cybersecurity professionals are urged to review wireless protocols and enhance network segmentation to counter such threats.
Fancy Bear ‘Nearest Neighbor’ Attack Uses Nearby Wi-Fi Network
https://www.darkreading.com/cyberattacks-data-breaches/fancy-bear-nearest-neighbor-attack-wi-fi
Global leaders convened in Washington to discuss AI safety and its geopolitical implications, but the event was overshadowed by former President Trump’s vow to undo Biden’s AI policy if re-elected. The meeting sought to foster international collaboration on AI governance, addressing concerns over its misuse and security risks. Experts warn that partisan divides could stall progress on essential regulations. The session highlighted the delicate balance between innovation and safety as nations grapple with the rapid evolution of AI technologies.
Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack
Russian cyber-espionage agents reportedly hacked a building across the street from a US company to carry out a Wi-Fi-based cyberattack. Dubbed the “Nearest Neighbor” attack, this method highlights the lengths state-backed actors will go to infiltrate systems. By exploiting unsecured Wi-Fi networks, attackers bypass traditional defences. Experts recommend implementing stringent access controls and regular audits of wireless security to reduce risks from close-proximity threats in densely populated areas.
Bangkok busts SMS Blaster sending 1 million scam texts from a van
https://www.wired.com/story/chineses-surveillance-state-is-selling-citizens-data-as-a-side-hustle
Thai authorities have uncovered a mobile SMS-blasting operation sending over a million scam texts from a single van. The setup, equipped with SIM banks and custom devices, highlights the persistent threat of phishing scams targeting mobile users. Officials are cracking down on these operations, but experts stress the need for public awareness campaigns and telecom cooperation to curb such large-scale fraud. This case underscores the evolving tactics of cybercriminals exploiting mobile vulnerabilities.
Salt Typhoon hackers backdoor telcos with new GhostSpider malware
The Salt Typhoon APT group has been deploying GhostSpider malware to infiltrate global telecom networks. By exploiting vulnerabilities and ‘backdooring’ systems, the group gains access to sensitive communications and operational data. This advanced malware highlights the increasing sophistication of state-sponsored actors targeting critical infrastructure. Security experts urge telecom providers to prioritise patch management, enhance threat monitoring, and employ advanced endpoint protection to mitigate such risks.
Australian government dumps plan to regulate online misinformation
Australia has shelved its proposal to regulate online misinformation following backlash from industry groups and civil society. Critics argued the plan could stifle free speech and create compliance burdens for tech platforms. While the government has pledged to revisit the issue, experts warn that unchecked misinformation continues to pose risks to democratic processes and public trust. Policymakers must now balance free expression with accountability in addressing digital disinformation.
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
https://thehackernews.com/2024/11/north-korean-hackers-steal-10m-with-ai.html
North Korean cybercriminals have stolen over $10 million through AI-driven scams and malware distributed via LinkedIn. The attackers use fake profiles and tailored phishing techniques to target victims, blending social engineering with advanced tools to bypass defences. This incident highlights the growing use of AI in cybercrime and the risks posed by trusted platforms. Experts recommend vigilance, multi-factor authentication, and employee training to reduce exposure to such sophisticated threats.
Volunteer DEF CON hackers dive into America’s leaky water infrastructure
https://www.theregister.com/2024/11/24/water_defcon_hacker/
DEF CON volunteers are working to address cybersecurity gaps in America’s water infrastructure, following warnings of potential risks to public safety. The project has identified outdated systems, weak access controls, and insufficient monitoring as key vulnerabilities. Experts stress the urgent need for investment in modernising critical infrastructure to protect against escalating cyber threats. This collaboration underscores the role of the cybersecurity community in safeguarding essential services.
Passwords are giving way to better security methods – until those are hacked too, that is
https://www.theguardian.com/business/2024/nov/24/small-business-data-security-methods
With passwords increasingly seen as weak points, alternative methods like biometric authentication and passkeys are gaining traction. However, experts warn that these newer technologies are not immune to hacking and must be paired with robust security frameworks. The shift highlights the need for constant innovation in authentication technologies to outpace evolving threats. Organisations are urged to adopt a layered approach to security, combining advanced tools with strong user awareness initiatives.
DOJ seized credit card marketplace PopeyTools and charges its administrators
https://securityaffairs.com/171319/cyber-crime/doj-seized-credit-card-marketplace-popeyetools.html
The US Department of Justice has taken down the PopeyTools credit card marketplace, seizing its infrastructure and filing charges against its administrators. PopeyTools facilitated the sale of stolen credit card data, enabling large-scale fraud. This takedown highlights the importance of international cooperation in dismantling cybercrime networks. Experts stress the need for ongoing efforts to disrupt underground marketplaces and strengthen global financial cybersecurity. underground marketplaces and strengthen global financial cybersecurity.
AI increasingly used for sextortion, scams and child abuse, says senior UK police chief
A senior UK police official has warned about the alarming rise of AI in enabling sextortion, financial scams, and child exploitation. Deepfake technology and AI-generated content are being weaponised to deceive and manipulate victims, complicating law enforcement efforts. Authorities are calling for stricter AI regulations and enhanced public awareness to combat these emerging threats. Experts stress that collaboration between policymakers, tech companies, and law enforcement is critical to tackling this growing misuse of AI.
Hackers abuse Avast anti-rootkit driver to disable defences
Cybercriminals have exploited a vulnerability in Avast’s anti-rootkit driver to disable endpoint defences and escalate attacks. The abuse of legitimate software underscores the evolving tactics of attackers using trusted tools to bypass detection. Avast has issued updates to address the flaw, and experts recommend organisations regularly update software and deploy endpoint detection solutions to mitigate risks. This incident highlights the importance of monitoring for misuse of legitimate software in cybersecurity strategies.
Andrew Tate’s site ransacked, subscriber data stolen
https://www.theregister.com/2024/11/22/andrew_tate_raid/
Hackers have breached Andrew Tate’s website, exfiltrating sensitive subscriber data, including personal information and payment details. The incident raises concerns about the security practices of high-profile individuals and their platforms. Experts recommend robust security measures, such as regular penetration testing and multi-factor authentication, to safeguard personal brands and online communities. This breach underscores the growing risk of cyberattacks targeting celebrity-run digital assets.
Faux ChatGPT, Claude API Packages Deliver JarkaStealer
https://www.darkreading.com/application-security/faux-chatgpt-claude-api-packages-jarkastealer
Malicious packages masquerading as ChatGPT and Claude APIs are delivering the JarkaStealer malware, targeting developers and organisations. Distributed via compromised software repositories, the malware exfiltrates sensitive data, including login credentials and API keys. This highlights the risks of supply chain attacks in software development environments. Experts urge developers to verify the integrity of third-party packages and adopt security tools to detect malicious dependencies in codebases.
1,000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole
https://www.theregister.com/2024/11/22/palo_alto_firewalls_under_exploit/
Over 1,000 Palo Alto Networks firewalls have been compromised as attackers exploit a recently patched vulnerability, highlighting the risks of delayed updates. These breaches allow unauthorised access to critical systems, jeopardising sensitive data and operations. Experts emphasise the importance of timely patch management and advanced monitoring to detect unusual activity. Organisations are urged to prioritise proactive defense strategies to protect critical infrastructure from similar exploits.
Stronger cyber protections in health care targeted in new Senate bill
https://cyberscoop.com/senate-cybersecurity-health-care-data-bill/
A newly introduced Senate bill aims to strengthen cybersecurity in the healthcare sector, focusing on critical vulnerabilities that put patient data and services at risk. The proposed legislation includes measures to improve incident reporting, enhance collaboration, and fund modernised defences for healthcare providers. Lawmakers are responding to increasing attacks on hospitals and medical systems, emphasising the need for proactive measures to safeguard patient safety and sensitive information.
Leaky Cybersecurity Holes Put Water Systems at Risk
https://www.darkreading.com/vulnerabilities-threats/leaky-cybersecurity-holes-water-systems-risk
Critical water infrastructure remains vulnerable to cyberattacks due to outdated systems and insufficient cybersecurity measures, leaving essential services exposed to disruption. Experts warn that weak access controls and unpatched vulnerabilities create significant risks to public safety. Recent analyses call for urgent investment in upgrading water system defences, implementing real-time monitoring, and enhancing incident response capabilities to prevent catastrophic failures in critical infrastructure.
Wire cutters: how the world’s vital undersea data cables are being targeted
Undersea data cables, which facilitate global internet connectivity, are increasingly at risk from targeted attacks and geopolitical tensions. These cables are critical to economic and communication stability, yet they remain poorly protected against sabotage. Experts are urging nations to enhance surveillance and build redundancies to safeguard this infrastructure. The rising threat to subsea cables highlights the need for international cooperation to address vulnerabilities in this essential network.
CyAN recently published a two-part video/podcast series about the role of undersea communications links in cyberwarfare – part I available here via our Secure-in-Mind YouTube channel, as well as the usual audio-only podcasts.
Quishing’, ‘vishing’ and AI scams – the new cybercriminal techniques duping Australians
Cybercriminals are evolving their tactics with methods like “quishing” (QR code phishing), “vishing” (voice phishing), and AI-driven scams. Australians are increasingly targeted by these sophisticated schemes, which exploit trust and new technologies to steal data or funds. Experts recommend public awareness campaigns, multi-factor authentication, and robust endpoint protections to counter these emerging threats. As cybercriminal methods advance, proactive defense and education are critical to staying ahead.
Social media ban bill lifts online safety fines to $50m
https://www.innovationaus.com/social-media-ban-bill-lifts-online-safety-fines-to-50m/
A proposed Australian bill targeting online safety introduces fines of up to $50 million for social media platforms that fail to comply with new safety standards. The legislation aims to address harmful content, improve reporting mechanisms, and enforce accountability on tech companies. Critics argue that the penalties may be difficult to enforce, but proponents view this as a necessary step to protect users, particularly children, from online abuse and exploitation. The debate underscores the balance between safety and regulation.
Banning under-16s from social media ripe for High Court challenge
https://www.innovationaus.com/banning-under-16s-from-social-media-ripe-for-high-court-challenge/
A proposed law banning under-16s from social media in Australia is facing criticism and potential legal challenges over concerns it infringes on personal freedoms and parental rights. The policy aims to protect minors from harmful content but raises questions about enforcement and the broader implications for digital access. Experts warn that implementing such a ban could face significant hurdles in the High Court, with some advocating for improved safety features over outright restrictions.
Trump taps border hawk to head DHS. Will Noem’s ‘enthusiasm’ extend to digital domain?
https://www.theregister.com/2024/11/23/trump_noem_homeland_security/
South Dakota Governor Kristi Noem, known for her hardline stance on border security, has been tapped by Trump to head the Department of Homeland Security if he is re-elected. Questions abound over whether her focus will extend to digital threats, given DHS’s pivotal role in cybersecurity. Experts highlight the need for leadership that prioritises both physical and digital resilience, as escalating cyberattacks threaten critical infrastructure and national security.
A long time coming: Australia’s first Cyber Security Bill 2024
Australia’s first Cyber Security Bill has been a milestone in addressing evolving cyber threats. The legislation introduces mandatory reporting for cyber incidents, alongside a compliance framework for critical infrastructure providers. Legal experts praise its potential to enhance national security but caution that the implementation may burden smaller businesses. The bill reflects Australia’s commitment to cybersecurity, signalling a shift toward proactive defense measures in the digital age.
Beyond the Firewall: UAE’s Financial Security Evolution
https://enterpriseitworldmea.com/beyond-the-firewall-uaes-financial-security-evolution/
CyAN’s Bharat Raigangar in discussion with Dr. Mathew Nicho discuss the UAE’s innovative approaches to enhancing financial cybersecurity in a rapidly digitising economy and Dr. Nicho’s Cyber ‘Threat Report: The UAE Financial Sector Cyber Threat Landscape’. Their conversation highlights key challenges, including the rise of financial crime and the importance of balancing regulation with innovation. They emphasise the need for stronger collaboration between public and private sectors to address evolving threats and safeguard critical financial systems and the UAE’s advancements in positioning it as a leader in global financial security.
16 Days of Activism Against Gender-Based Violence – Breaking Chains: Standing Against Technology-Facilitated Abuse and Online Violence
https://www.linkedin.com/pulse/16-days-activism-against-gender-based-violence-chains-mcdonald-466jc
As part of the global 16 Days of Activism Against Gender-Based Violence, CyAN’s Kim Chandler McDonald highlights the urgent need to address technology-facilitated abuse and online violence. From cyberstalking to coercive control, digital platforms are increasingly weaponised against women. This campaign advocates for stronger regulations, better education, and collaboration between tech companies and policymakers to create safer digital spaces. CyAN remains committed to supporting this vital initiative.
CyAN awards at Supply Chain CyberSecurity Summit in Dubai
https://cybersecurityadvisors.network/2024/11/26/cyan-sponsors-supply-chain-cybersecurity-awards/
CyAN proudly sponsored two prestigious awards at the recently concluded Supply Chain CyberSecurity Summit, held in Dubai, U.A.E., on November 20–21, 2024:
Best TPRM Program and Best Innovative CyberSecurity Solution for Supply Chain. The Best TPRM Program was awarded to Syed Ubaid Ali Jafri, Head of Cyber Defense & Offensive Security at Habib Bank Limited (HBL). His innovative framework has significantly enhanced HBL’s ability to manage third-party risks and serves as a model for effective risk assessment across industries. T
The Best Innovative CyberSecurity Solution for Supply Chain went to Finesse for their CyberHUB RiskOpsAI™. This cutting-edge solution exemplifies their commitment to solving complex cybersecurity challenges and building stronger, more resilient supply chains. A huge congratulations to all the winners for their remarkable achievements!
Cyan sponsored two awards during the recently concluded Supply Chain CyberSecurity Summit (Middle East Edition), held in Dubai, U.A.E. on Nov 20-21st 2024. The two winners: Category “Best TPRM Program” – Syed Ubaid Ali Jafri The winner’s work has had a profound impact on his …
