Security News

The Federal Security Service of the Russian Federation has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022. The agency says it has taken timely measures to prevent these attacks from causing any negative consequences to Russia.

Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate. Joyce, speaking at CrowdStrike's Government Summit Tuesday, said he doesn't expect to see - at least not "In the near term" - AI used "For automated attacks that will rip through systems at speeds that are unfathomable today."

Belgian HR and payroll giant SD Worx has suffered a cyberattack causing them to shut down all IT systems for its UK and Ireland services. SD Worx is a European HR and payroll management company based out of Belgium that services 5.2 million employees for over 82,000 companies, according to its website.

Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack. In a statement shared on Friday, MSI urged users "To obtain firmware/BIOS updates only from its official website," and to avoid using files from other sources.

A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google's Threat Analysis Group is tracking the cluster under the name ARCHIPELAGO, which it said is a subset of another threat group tracked by Mandiant under the name APT43. The tech giant said it began monitoring the group in 2012, adding it has "Observed the group target individuals with expertise in North Korea policy issues such as sanctions, human rights, and non-proliferation issues."

British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications. The cyber incident prompted the Capita on March 31 to announce an IT issue that impacted its internal systems.

An advanced persistent threat group that has a track record of targeting India and Afghanistan has been linked to a new phishing campaign that delivers Action RAT. According to Cyble, which attributed the operation to SideCopy, the activity cluster is designed to target the Defence Research and Development Organization, the research and development wing of India's Ministry of Defence. Known for emulating the infection chains associated with SideWinder to deliver its own malware, SideCopy is a threat group of Pakistani origin that shares overlaps with Transparent Tribe.

Tom Gillis, senior vice president for Cisco Security, said enterprises are in the midst of a strategic shift away from security through collections of individual software security tools and cloud solutions for securing assets. "For decades, new problems in security have arisen and small companies come up with innovative solutions to address these. But buying individual best-in-breed solutions from new vendors puts the burden on the customer to ingest all of these solutions and integrate them," Gillis said.

CYE's new Cybersecurity Maturity Report 2023 tackles this question by shedding light on the strength of cybersecurity in different sectors, company sizes, and countries. Among countries, Norway scored the highest on overall cybersecurity maturity level, followed by Croatia and Japan.

Latitude Financial Services has disclosed a data breach after suffering a cyberattack, causing the company to shut down internal and customer-facing systems. Latitude is one of Australia's largest personal loans provider and the country's largest non-bank consumer credit lender.