ABC News published an article titled “October is Cybersecurity Awareness Month. Here’s How to Stay Safe from Scams,” which discusses how online scams are becoming more sophisticated and offers advice on staying protected. The article highlights the importance of vigilance in protecting against phishing and malware threats. It explains that October is Cybersecurity Awareness Month, focusing on educating people about digital dangers such as malware attacks, phishing scams, and fake websites. The article emphasizes the need to stay alert, advising users to be cautious of unexpected emails or messages and to double-check links before clicking on them. Intrusion Prevention and Detection Systems (IDPS) can help identify and stop malicious actions by using tools that monitor network traffic and systems for suspicious activity, taking action to prevent or respond to potential threats. Additionally, the emphasis on staying safe while browsing the web highlights the importance of secure communication methods and strong security practices.
ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks
CISA advisor and former New York Times cybersecurity journalist Nicole Perlroth ended ISC2 Security Congress with an important reminder for security teams to be vigilant about nation state cyber threats. She explained that the current threat landscape includes both nation state attacks and individual attackers motivated by profit or skill building. Attackers target “cyber-poor” but “target-rich” environments; organizations with valuable data but limited security resources, such as water treatment plants and companies like Marriott.
Perlroth discussed evolving risks, particularly those involving China and Russia, who may use cyberattacks in connection with military moves, like China’s potential action toward Taiwan. Cyber defenses must also adjust to new technology, as AI is now being used to craft sophisticated zero-day attacks. In addition, AI also allows defenders to respond to attacks more efficiently, highlighting the need for cybersecurity teams to manage how employees interact with AI systems safely.
Her advice to cybersecurity professionals: conduct a “sector-by-sector census” to find similar vulnerabilities across industries before adversaries exploit them. It was emphasized that the goal is not fear but awareness and cooperation between government and private sectors, which has already proven successful in some recent cases. Cybersecurity remains a team effort to protect “crown jewels,” whether in critical infrastructure, health, or business data.
In San Francisco, computers at the Internet Archive are busy harvesting government websites ahead of the November elections for the End of Term Web Archive, which preserves federal information for historical records. This initiative involves librarians and technologists who work together to collect and store data that may vanish during administrative transitions, ensuring public access to government actions. With the increasing prevalence of misinformation and the rapid disappearance of web content, the project aims to safeguard essential information that citizens have a right to access. The archive, which includes past government webpages stored on the Wayback Machine, serves as a valuable resource for researchers studying various topics, such as climate change policy and government communications. As the project grows, it emphasizes the importance of public involvement in nominating links for preservation, ensuring that critical information remains accessible for future generations.
Article: Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security
Apple has opened its Private Cloud Compute (PCC) Virtual Research Environment (VRE) to researchers, allowing them to examine its cloud AI security architecture for potential vulnerabilities. By expanding its Security Bounty program, Apple offers rewards of up to $1 million for identifying critical flaws in PCC, such as code execution risks or data leaks. The VRE includes tools and source code on GitHub, aiming to enhance transparency and privacy in Apple’s Artificial Intelligence services. This initiative comes amid broader security concerns around AI, including recent techniques like AI jailbreaks and “backdoor” attacks that exploit model vulnerabilities, posing risks to AI’s integrity and decision-making reliability.
The Department of Justice (DOJ) and Microsoft have collaborated to disrupt a major “sophisticated spear phishing campaign” orchestrated by a russian cyber attack group known as Star Blizzard. The phishing attempt is specifically targeting the U.S. election. The attacks involved sending fraudulent emails to specific individuals, intended to trick recipients into divulging sensitive information, or to infect their devices with malware. The DOJ unsealed a warrant authorizing the seizure of 41 internet domains. By working with Microsoft’s Digital Crime Unit they were able to identify another 66 internet domains ran by the same group.
Despite patches, Windows can still be downgraded to vulnerable versions
This article explains how there is a Windows downgrade attack that was demonstrated at Black Hat USA 2024 by a SafeBreach Labs researcher. The attack allows hackers to take over the Windows Update Process and downgrade critical components to more vulnerable versions. Today, it is still a threat even after multiple patches. The researcher from SafeBreach was able to discover that even after the patches were done there is still an exploit where a hacker is able to bypass one of the main kernel’s security enhancements. By exposing these downgrades, hackers are allowed to reintroduce previously patched vulnerabilities and can bypass security mechanisms without physical access. Going forward, I am curious to see how Windows handles this, as the attack poses significant risks as it undermines Windows defenses, making previously fixed vulnerabilities exploitable again.
Title: Microsoft to Invest $1.7 Billion in AI and Cloud Infrastructure in Indonesia
Microsoft announced a significant investment of $1.7 billion in AI and cloud infrastructure in Indonesia over the next 4 years. This investment aims to enhance the country’s digital transformation efforts and support the development of local talent in the technology sector. The initiative is expected to boost Indonesia’s economy and create new opportunities for businesses and individuals. A study held by Kearney, a global consulting firm, said that AI could contribute nearly $1 trillion to Southeast Asia’s GDP by 2030, of which Indonesia is expected to capture $366 billion.
CISA Warns Active Exploitation of Microsoft SharePoint Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities Catalog following evidence of its active exploitation. CVE-2024-38094 vulnerability affects Microsoft SharePoint and is categorized as a deserialization vulnerability. Malicious cyber actors often target this type of security flaw because it can allow unauthorized remote code execution. Attackers can exploit such vulnerabilities to execute arbitrary code on affected systems, posing significant risks to organizations that rely on SharePoint for collaboration and data management. https://cybersecuritynews.com/microsoft-sharepoint-vulnerability/
Title: Disney to ditch Slack following July data breach.
The Walt Disney Company will no longer use Slack for in-house company communication months after a hack that involved more than a terabyte of company data being leaked to the public.
A recent record-breaking DDoS attack was mitigated by Cloudflare. The attack peaked at 3.8 Tbps and 2.14 billion Pps. The previous DDos record was in late 2021, when Microsoft saw an attack that peaked at 3.47 Tbps and a packet rate of 340 million Pps. The campaign targeted customers in the financial services, telecoms, and internet sectors. The attacks came from systems around the world, including in Vietnam, Russia, Brazil, Spain and the United States however the activity has not been attributed to any specific threat actor. Cloudflare said that the high bitrate attacks are likely emanating from a large botnet comprising infected ASUS home routers that have been exploited.
U.S. cybersecurity officials warn of foreign efforts to sow doubt and chaos around election
With the election looming I think it is worth examining how much of our information infrastructure can be vulnerable to cyber threats. As we have learned in the past weeks ~88% of breaches are due to social engineering. How much easier is that to do when all you have to do is convince someone not to do something. If foreign actors are able to convince demographics voting for the candidates they want to lose not to vote then they would be able to sway our elections. It is more important then ever to fact check and be aware that our voting infrastructure, including our minds, is being targeted as a whole.
Personal liability: A new trend in cybersecurity compliance?
This article details new regulations to go into effect in the European Union (EU) soon that will extend liability to individual IT and business leaders. These new regulations seek to also hold CIOs, CISOs, and other business leaders accountable in cases where breaches occur due to oversight. New regulations such as the Network and Information Security Directive V.2 (NIS) and Digital Operational Resilience Act (DORA) would seek to hold IT and business leaders liable for the oversight of individual contributors. These new regulations would seek to hold leaders accountable in the events of gross oversight and do not make it compulsory to hold leaders accountable, rather an avenue in special cases.
Cyprus Thwarted a Digital Attack Against the Government’s Main Online Portal
Cyprus successfully blocked an attempt to disrupt its government website, which was part of a series of cyberattacks over three days targeting state-owned services and a Greek energy firm’s branch. The attack, which used distributed denial of service (DDoS) tactics, caused a brief disruption to the government site but was quickly resolved without affecting other government department websites. Earlier attacks had targeted Cyprus’ power grid, communication authorities, airports, and a fuel company, but all of these attempts were unsuccessful, with no breach of customer data. The motive and those responsible for the attacks remain unknown.
Tache Johnson says
ABC News published an article titled “October is Cybersecurity Awareness Month. Here’s How to Stay Safe from Scams,” which discusses how online scams are becoming more sophisticated and offers advice on staying protected. The article highlights the importance of vigilance in protecting against phishing and malware threats. It explains that October is Cybersecurity Awareness Month, focusing on educating people about digital dangers such as malware attacks, phishing scams, and fake websites. The article emphasizes the need to stay alert, advising users to be cautious of unexpected emails or messages and to double-check links before clicking on them. Intrusion Prevention and Detection Systems (IDPS) can help identify and stop malicious actions by using tools that monitor network traffic and systems for suspicious activity, taking action to prevent or respond to potential threats. Additionally, the emphasis on staying safe while browsing the web highlights the importance of secure communication methods and strong security practices.
https://abcnews.go.com/US/wireStory/october-cybersecurity-awareness-month-stay-safe-scams-114951055
Christopher Williams says
ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks
CISA advisor and former New York Times cybersecurity journalist Nicole Perlroth ended ISC2 Security Congress with an important reminder for security teams to be vigilant about nation state cyber threats. She explained that the current threat landscape includes both nation state attacks and individual attackers motivated by profit or skill building. Attackers target “cyber-poor” but “target-rich” environments; organizations with valuable data but limited security resources, such as water treatment plants and companies like Marriott.
Perlroth discussed evolving risks, particularly those involving China and Russia, who may use cyberattacks in connection with military moves, like China’s potential action toward Taiwan. Cyber defenses must also adjust to new technology, as AI is now being used to craft sophisticated zero-day attacks. In addition, AI also allows defenders to respond to attacks more efficiently, highlighting the need for cybersecurity teams to manage how employees interact with AI systems safely.
Her advice to cybersecurity professionals: conduct a “sector-by-sector census” to find similar vulnerabilities across industries before adversaries exploit them. It was emphasized that the goal is not fear but awareness and cooperation between government and private sectors, which has already proven successful in some recent cases. Cybersecurity remains a team effort to protect “crown jewels,” whether in critical infrastructure, health, or business data.
https://www.techrepublic.com/article/isc2-security-congress-nation-state-cyber-threats/
Andrea Baum says
Inside The Race To Save Government Websites Before They Vanish Forever
https://www.forbes.com/sites/lesliekatz/2024/10/23/inside-the-race-to-capture-government-websites-before-they-vanish-forever/
In San Francisco, computers at the Internet Archive are busy harvesting government websites ahead of the November elections for the End of Term Web Archive, which preserves federal information for historical records. This initiative involves librarians and technologists who work together to collect and store data that may vanish during administrative transitions, ensuring public access to government actions. With the increasing prevalence of misinformation and the rapid disappearance of web content, the project aims to safeguard essential information that citizens have a right to access. The archive, which includes past government webpages stored on the Wayback Machine, serves as a valuable resource for researchers studying various topics, such as climate change policy and government communications. As the project grows, it emphasizes the importance of public involvement in nominating links for preservation, ensuring that critical information remains accessible for future generations.
Neel Patel says
Article: Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security
Apple has opened its Private Cloud Compute (PCC) Virtual Research Environment (VRE) to researchers, allowing them to examine its cloud AI security architecture for potential vulnerabilities. By expanding its Security Bounty program, Apple offers rewards of up to $1 million for identifying critical flaws in PCC, such as code execution risks or data leaks. The VRE includes tools and source code on GitHub, aiming to enhance transparency and privacy in Apple’s Artificial Intelligence services. This initiative comes amid broader security concerns around AI, including recent techniques like AI jailbreaks and “backdoor” attacks that exploit model vulnerabilities, posing risks to AI’s integrity and decision-making reliability.
Link: https://thehackernews.com/2024/10/apple-opens-pcc-source-code-for.html
Dawn Foreman says
Microsoft Thwarts Russian ‘Spear Phishing’ Campaign Targeting 2024 Election
https://www.newsweek.com/microsoft-doj-thwart-2024-cyber-campaign-1963994
The Department of Justice (DOJ) and Microsoft have collaborated to disrupt a major “sophisticated spear phishing campaign” orchestrated by a russian cyber attack group known as Star Blizzard. The phishing attempt is specifically targeting the U.S. election. The attacks involved sending fraudulent emails to specific individuals, intended to trick recipients into divulging sensitive information, or to infect their devices with malware. The DOJ unsealed a warrant authorizing the seizure of 41 internet domains. By working with Microsoft’s Digital Crime Unit they were able to identify another 66 internet domains ran by the same group.
Vincenzo Macolino says
Despite patches, Windows can still be downgraded to vulnerable versions
This article explains how there is a Windows downgrade attack that was demonstrated at Black Hat USA 2024 by a SafeBreach Labs researcher. The attack allows hackers to take over the Windows Update Process and downgrade critical components to more vulnerable versions. Today, it is still a threat even after multiple patches. The researcher from SafeBreach was able to discover that even after the patches were done there is still an exploit where a hacker is able to bypass one of the main kernel’s security enhancements. By exposing these downgrades, hackers are allowed to reintroduce previously patched vulnerabilities and can bypass security mechanisms without physical access. Going forward, I am curious to see how Windows handles this, as the attack poses significant risks as it undermines Windows defenses, making previously fixed vulnerabilities exploitable again.
https://cybernews.com/security/windows-can-still-be-downgraded-to-vulnerable-versions/#:~:text=At%20Black%20Hat%20USA%202024%2C%20SafeBreach%20Labs%20researcher,even%20bypass%20virtualization-based%20security%20%28VBS%29%20without%20physical%20access.
Brittany Pomish says
Title: Microsoft to Invest $1.7 Billion in AI and Cloud Infrastructure in Indonesia
Microsoft announced a significant investment of $1.7 billion in AI and cloud infrastructure in Indonesia over the next 4 years. This investment aims to enhance the country’s digital transformation efforts and support the development of local talent in the technology sector. The initiative is expected to boost Indonesia’s economy and create new opportunities for businesses and individuals. A study held by Kearney, a global consulting firm, said that AI could contribute nearly $1 trillion to Southeast Asia’s GDP by 2030, of which Indonesia is expected to capture $366 billion.
https://www.independent.co.uk/news/ap-microsoft-satya-nadella-joko-widodo-gdp-b2536928.html
Nelson Ezeatuegwu says
CISA Warns Active Exploitation of Microsoft SharePoint Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities Catalog following evidence of its active exploitation. CVE-2024-38094 vulnerability affects Microsoft SharePoint and is categorized as a deserialization vulnerability. Malicious cyber actors often target this type of security flaw because it can allow unauthorized remote code execution. Attackers can exploit such vulnerabilities to execute arbitrary code on affected systems, posing significant risks to organizations that rely on SharePoint for collaboration and data management.
https://cybersecuritynews.com/microsoft-sharepoint-vulnerability/
James Nyamokoh says
Title: Disney to ditch Slack following July data breach.
The Walt Disney Company will no longer use Slack for in-house company communication months after a hack that involved more than a terabyte of company data being leaked to the public.
Source: https://www.cnbc.com/2024/09/19/disney-to-ditch-slack-after-july-data-breach-.html
Ericberto Mariscal says
Title: Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps
A recent record-breaking DDoS attack was mitigated by Cloudflare. The attack peaked at 3.8 Tbps and 2.14 billion Pps. The previous DDos record was in late 2021, when Microsoft saw an attack that peaked at 3.47 Tbps and a packet rate of 340 million Pps. The campaign targeted customers in the financial services, telecoms, and internet sectors. The attacks came from systems around the world, including in Vietnam, Russia, Brazil, Spain and the United States however the activity has not been attributed to any specific threat actor. Cloudflare said that the high bitrate attacks are likely emanating from a large botnet comprising infected ASUS home routers that have been exploited.
Link: https://www.securityweek.com/record-breaking-ddos-attack-peaked-at-3-8-tbps-2-14-billion-pps/
Benjamin Rooks says
U.S. cybersecurity officials warn of foreign efforts to sow doubt and chaos around election
With the election looming I think it is worth examining how much of our information infrastructure can be vulnerable to cyber threats. As we have learned in the past weeks ~88% of breaches are due to social engineering. How much easier is that to do when all you have to do is convince someone not to do something. If foreign actors are able to convince demographics voting for the candidates they want to lose not to vote then they would be able to sway our elections. It is more important then ever to fact check and be aware that our voting infrastructure, including our minds, is being targeted as a whole.
https://www.pbs.org/newshour/show/u-s-cybersecurity-officials-warn-of-foreign-efforts-to-sow-doubt-and-chaos-around-election
Gbolahan Afolabi says
Personal liability: A new trend in cybersecurity compliance?
This article details new regulations to go into effect in the European Union (EU) soon that will extend liability to individual IT and business leaders. These new regulations seek to also hold CIOs, CISOs, and other business leaders accountable in cases where breaches occur due to oversight. New regulations such as the Network and Information Security Directive V.2 (NIS) and Digital Operational Resilience Act (DORA) would seek to hold IT and business leaders liable for the oversight of individual contributors. These new regulations would seek to hold leaders accountable in the events of gross oversight and do not make it compulsory to hold leaders accountable, rather an avenue in special cases.
Link: https://www.cio.com/article/3594117/personal-liability-a-new-trend-in-cybersecurity-compliance.html
Aisha Ings says
Cyprus Thwarted a Digital Attack Against the Government’s Main Online Portal
Cyprus successfully blocked an attempt to disrupt its government website, which was part of a series of cyberattacks over three days targeting state-owned services and a Greek energy firm’s branch. The attack, which used distributed denial of service (DDoS) tactics, caused a brief disruption to the government site but was quickly resolved without affecting other government department websites. Earlier attacks had targeted Cyprus’ power grid, communication authorities, airports, and a fuel company, but all of these attempts were unsuccessful, with no breach of customer data. The motive and those responsible for the attacks remain unknown.
https://www.securityweek.com/cyprus-thwarted-a-digital-attack-against-the-governments-main-online-portal/