SoftwareOne believes there is a need for additional information when it comes to cyber security, as organisations have made it clear that investment in a proper security strategy is paramount. SoftwareOne’s monthly “Cyber security update” provides information on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats. We’ve rounded up the latest security headlines to keep you up to speed and prepared.
Nissan confirms ransomware attack exposed data of 100,000 people; the Akira ransomware gang took responsibility for the attack and claimed it had stolen 100GB of data, including documents containing personal employee information, NDAs, project data, and information on partners and clients.
Researchers from security firm Sysdig recently investigated an attack campaign that spawned 6,000 micro instances from a compromised AWS account across different regions and deployed the client for a blockchain-based content delivery service and bandwidth marketplace called the Meson Network.
Cyber security researchers discovered close to 19 million plaintext passwords exposed on the public internet by misconfigured instances of Firebase, a Google platform for hosting databases, cloud computing, and app development.
IMF detected the breach after which it brought in independent cyber security experts to launch an in-depth investigation and determine the nature of the breach. The investigation determined that 11 IMF email accounts were compromised.
Fujitsu is the world's sixth largest IT services provider discovered that several of its systems were infected by malware and warns that the hackers stole customer data.
A verified App, a member of low-tier BreachForums 2, is selling a database belonging to the Ministry of Health of Saudi Arabia for $5 million. The sample provided by the threat actor includes full names, physical addresses, phone numbers, blood types, staff messages and emails, IDs, and other sensitive information. verifiedBpp claims the 500 GB dataset contains information from 2020 to 2024.This information can be used by cyber-criminals to facilitate social engineering attacks and identity theft. The credibility of verifiedBpp is low: the user registered their account in March 2024 and has authored 2 posts and 2 threads. The account has received no endorsements on the forum and has no confirmed sales.
On March 20, 2024, the cyber security company BlueVoyant reported that the threat actor group Narwhal Spider orchestrated a phishing campaign dubbed as ‘NaurLegal’. This campaign targets a broad spectrum of organisations through phishing emails containing malicious PDF attachments disguised as invoices from reputable law firms, using the WikiLoader loader malware to facilitate the deployment of further malicious payloads such as the IcedID banking Trojan. The company stated that this campaign represents a departure from Narwhal Spider’s typical victimology, which has been primarily focused on Italian organisations, to a broader set of victims within the legal sector.
Conversation Overflow' Cyberattacks Bypass AI Security to Target Execs. A new cyber-attack method called "Conversation Overflow" which aims to bypass artificial intelligence (AI) and machine learning (ML) security controls, SlashNext reported on March 19, 2024. The attack involves creating emails intended for AI/ML algorithms with two distinct parts, one visible to the recipient and one hidden. By including hidden text that mimics "known good" communication, the threat actors trick the AI/ML systems into categorising the email as safe and allowing it into the recipient's inbox. Once the attack bypasses security measures, the threat actors can deliver credential theft messages, requesting that executives re-authenticate passwords and logins.
Cyber security researchers have identified a new form of denial-of-service (DoS) attack that could disrupt over 300,000 internet-connected systems worldwide. This novel attack, which targets the application layer of network communication, has raised significant concerns due to its self-perpetuating nature and the ease with which it can be executed.
A groundbreaking report released by Microsoft AI research yielded that an alarming 87% of UK organisations have been identified as vulnerable to cyber-attacks, highlighting a critical juncture in the nation’s cyber security and AI ambitions.
The study, titled “Mission Critical: Unlocking the UK AI Opportunity Through Cybersecurity,” underscores the urgent need for the UK to bolster its cyber-defences to achieve its goal of becoming a global AI superpower.
On March 20, 2024, Microsoft reported on trends in phishing attacks that take advantage of the US tax season. Overall, threat actors capitalise on the deadline associated with tax filing to create a sense of urgency in their scams. Hence, a new Microsoft Threat Intelligence tax season report outlines some of the various techniques that threat actors use to craft their campaigns and mislead taxpayers into revealing sensitive information, making payments to fake services, or installing malicious payloads. These include phishing emails, text message phishing (smishing), malicious advertising, and voice phishing (vishing). The Microsoft Threat Intelligence tax season report also shows how threat actors impersonate tax payment processors in phishing emails, what cyber-criminals are looking for and who they are targeting, how they can get your data, and, most importantly, how you and your organisation can stay safe.
US National Institute of Standards and Technology released the 2.0 version of its Cyber security Framework, focusing more on governance and supply chain issues and offering resources to speed the framework’s implementation.
Google’s Gemini AI Vulnerability let Hackers Gain Control Over Users. Researchers discovered multiple vulnerabilities in Google’s Gemini Large Language Model (LLM) family, including Gemini Pro and Ultra, that allow attackers to manipulate the model’s response through prompt injection. This could potentially lead to the generation of misleading information, unauthorised access to confidential data, and the execution of malicious code.
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint CSA, to disseminate known TTPs and IOCs associated with the Phobos ransomware variants observed as recently as February 2024, according to open source reporting. Phobos is structured as a ransomware-as-a-service (RaaS) model. Since May 2019, Phobos ransomware incidents impacting state, local, tribal, and territorial (SLTT) governments have been regularly reported to the MS-ISAC. These incidents targeted municipal and county governments, emergency services, education, public healthcare, and other critical infrastructure entities to successfully ransom several million U.S. dollars
Major events of top security conferences in this year to those that are more narrowly focused, this list will help you find the security conferences relevant to you.
Disinformation is ranked as a top global risk for 2024, with deepfakes as one of the most worrying uses of AI. Deepfakes used by agenda-driven, real-time multi-model AI chatbots and avatars, will allow for highly personalised and effective types of manipulation. A zero-trust mindset will become an essential tool to distinguish between what is authentic and what is synthetic in increasingly immersive online environments.
Learn the chaos of AI in elections through deepfakes and also explore how to protect your business in the age of deepfakes.
We operate a dedicated security operations center (SOC) that tracks data vulnerabilities globally to prevent losses due to break-ins or employee errors.
We operate a dedicated security operations center (SOC) that tracks data vulnerabilities globally to prevent losses due to break-ins or employee errors.
