Security News > 2023 > June

The U.S. Cybersecurity and Infrastructure Security Agency warned today of ongoing distributed denial-of-service attacks after U.S. organizations across multiple industry sectors were hit. "CISA is aware of open-source reporting of targeted denial-of-service and distributed denial-of-service attacks against multiple organizations in multiple sectors," the cybersecurity agency said.

Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps, has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. "There have been improved operational security measures placed in the malware to make it more difficult to analyze and collect intelligence," Volexity researchers Ankur Saini and Charlie Gardner said in a report published this week. Recent intrusions orchestrated by Charming Kitten have made use of other implants such as PowerLess and BellaCiao, suggesting that the group is utilizing an array of espionage tools at its disposal to realize its strategic objectives.

Chipmaking giant TSMC denied being hacked after the LockBit ransomware gang demanded $70 million not to release stolen data.While this Twitter thread has since been deleted, the LockBit ransomware gang created a new entry for TSMC yesterday on their data leak site, demanding $70 million or they would leak stolen data, including credentials for their systems.

They raise legitimate questions about the usage and permissions of AI applications within their infrastructure: Who is using these applications, and for what purposes? Which AI applications have access to company data, and what level of access have they been granted? What is the information employees share with these applications? What are the compliance implications? Each AI tool presents a potential attack surface that must be accounted for: Most AI applications are SaaS based and require OAuth tokens to connect with major business applications such as Google or O365.

The Washington Post is reporting that the US is spying on the UN Secretary General. The reports on Guterres appear to contain the secretary general's personal conversations with aides regarding diplomatic encounters.

Looking for the best cybersecurity certifications to enhance your skills? Explore our comprehensive list of certifications. A cybersecurity certification can help you showcase your skills in cryptography, SecOps and other cybersecurity disciplines.

Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can be shared in conversations. Support for proxy servers was officially launched by the messaging service earlier this January, thereby helping users circumvent government-imposed censorship and internet shutdowns and obtain indirect access to WhatsApp.

How do cyber security professionals best equip themselves with the knowledge and tools to win this fight? Well, SANS Institute remains a trusted resource for cybersecurity training, certifications and research. To that end, SANS has announced a wide range of upcoming training events and summits across Europe, the Middle East and Africa for autumn 2023, delivering top-class training from some of the world's leading cyber security experts.

An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. "This is an active campaign in which the attacker leverages SSH for remote access, running malicious scripts that stealthily enlist victim servers into a peer-to-peer proxy network, such as Peer2Profit or Honeygain," Akamai researcher Allen West said in a Thursday report.

Reynold drew the short straw and drove to Paris to install the rig and train users. The client was sufficiently important that Reynold had to go to Paris - again.