Cybercrime New Threat Actor ‘AeroBlade’ Targeted US Aerospace Firm in Espionage Campaign BlackBerry attributes cyberattack against an aerospace organization in the US to a new threat actor named AeroBlade. Ionut ArghireDecember 5, 2023
Cyberwarfare ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government Security agencies say the Cyber Av3ngers group targeting ICS at multiple water facilities is affiliated with the Iranian government. Eduard KovacsDecember 4, 2023
ICS/OT Breaches by Iran-Affiliated Hackers Spanned Multiple U.S. States, Federal Agencies Say The Municipal Water Authority of Aliquippa was just one of multiple organizations breached in the U.S. by Iran-linked "Cyber Av3ngers" hackers Associated PressDecember 2, 2023
Cyberwarfare US Sanctions North Korean Cyberespionage Group Kimsuky The US has announced sanctions against North Korean cyberespionage group Kimsuky over its intelligence gathering activities. Eduard KovacsDecember 1, 2023
Endpoint Security Apple Patches WebKit Flaws Exploited on Older iPhones Apple's security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1. Ryan NaraineNovember 30, 2023
Ransomware Qlik Sense Vulnerabilities Exploited in Ransomware Attacks Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks. Eduard KovacsNovember 30, 2023
Identity & Access Okta Broadens Scope of Data Breach: All Customer Support Users Affected Okta expands scope of October breach, saying hackers stole names and email addresses of all its customer support system users. Ryan NaraineNovember 29, 2023
Vulnerabilities Google Patches Seventh Chrome Zero-Day of 2023 The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023. Ionut ArghireNovember 29, 2023
Malware & Threats Exploitation of Critical ownCloud Vulnerability Begins Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure. Ionut ArghireNovember 28, 2023
ICS/OT Hackers Hijack Industrial Control System at US Water Utility Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or... Eduard KovacsNovember 27, 2023
Artificial Intelligence Pentagon’s AI Initiatives Accelerate Hard Decisions on Lethal Autonomous Weapons The U.S. military is increasing use of AI technology that will fundamentally alter the nature of war. Associated PressNovember 26, 2023
Supply Chain Security North Korean Software Supply Chain Attack Hits North America, Asia North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply... Eduard KovacsNovember 24, 2023