China, North Korea, and Russia returned to the headlines this week with reports of everything from spreading disinformation to espionage and zero-days. According to Security Week, “Google’s threat hunting unit has again intercepted an active North Korean APT actor sliding into the DMs of security researchers and using zero-days and rigged software tools to take control of their computers.” Reports from Microsoft claim that North Korean hacking groups have compromised the Russian government systems they’ve recently targeted. Meanwhile, Russia is again threating to escalate conflict with the US as tensions rise over the purported use of cyber tools.
Ukraine continues to deploy cyber-operations to the front lines of the war with Russia. According to BBC, “The department uses Artificial Intelligence (AI) visual recognition systems to analyze information gathered from aerial drones (alongside intelligence from human sources, satellites and other technical sources) to provide targets for the military.” Video footage of drone attacks in the city Rostov-on-Don reveal the damage from the attacks.
Additionally, The Register reported that the European Commission published the results of a recent study gauging the efficacy of the EU’s Digital Services Act, (a voluntary commitment intended to mitigate the threat of disinformation on social media platforms) and found, “commitments by social media platforms to mitigate the reach and influence of global online disinformation campaigns have been generally unsuccessful.”
For more on what can be done to address cybersecurity issues with adversaries, check out Ben’s Book of the Month blog in our Library and visit the RSAC Marketplace. Here you’ll find an entire ecosystem of cybersecurity vendors and service providers who can assist with your specific needs.
Now let’s take a look at what else made industry news this week.
Sep. 8: “Apple rolled out rare emergency patches Thursday to fix iPhone, Mac and Apple Watch security flaws, some of which were apparently being used to install Pegasus, the notorious spyware sold to national governments by NSO Group,” The Cybersecurity 202 reported.
Sep. 7: Alleged members of the Trickbot and Conti ransomware gangs have by sanctioned by the US Department of Treasure and the UKs Foreign Office.
Sep. 7: According to Business Insider Africa, the Director-General of Ghana’s Cyber Security Authority, “In the first half of 2023, cyber fraud activities led to direct financial losses of $4.32 million (GH¢49.5m) in Ghana.”
Sep. 6: Bleeping Computer warned, “The Flipper Zero portable wireless pen-testing and hacking tool can be used to aggressively spam Bluetooth connection messages at Apple iOS devices, such as iPhones and iPads.”
Sep. 6: Despite efforts to augment the review process for the Google Chrom store, attackers are successfully bypassing the Manifest V3 standard Google adopted.
Sep. 5: Dark Reading reported, “Following coups in some African nations, Russia is exploiting the instability with the manipulation of media channels to stoke anti-French sentiment, among other things.”
Sep. 5: The September 2023 Android Security Bulletin announced more than a dozen system patches to fix flaws and critical Android vulnerabilities, including one, “in the System component that could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.”
Sep. 5: “A north London school and a Berkshire schools group have become the latest victims of serious cyber-attacks ahead of the new term,” Infosecurity Magazine reported.
Sep. 4: Upon learning of potential cyberthreats from the Environmental Protection Agency and the Water ISAC, Missouri’s Department of Natural Resources issued warnings across the state encouraging password resets and implementation of MFA to protect critical infrastructure networks.