Kirsten Doyle

This Halloween, it’s not just ghosts and goblins sending chills down our spines—this season brings some truly spine-tingling stats about the state of cybersecurity in 2024. In our “Spooky Security Stats” roundup, we’re revealing findings from several reports published over the past year, each exposing unsettling trends and ominous insights. From record-breaking ransomware attacks to hair-raising data breaches, these statistics serve as a grim reminder of the threats lurking in today’s digital landscape. Brace yourself for a Halloween treat that highlights the unnerving reality of modern cybersecurity risks—consider this your trick-or-treat security style! Hack-O-Lanterns: Phishing Schemes Lighting Up the Dark…

Microsoft Threat Intelligence has issued an alert following the detection of a sophisticated spear-phishing campaign orchestrated by the Russian threat actor known as Midnight Blizzard. Active since 22 October this year, this operation has distributed spear-phishing emails aimed at government agencies, academia, defense organizations, NGOs, and other critical sectors worldwide. “Based on our investigation of previous Midnight Blizzard spear-phishing campaigns, we assess that the goal of this operation is likely intelligence collection,” Microsoft said. It added that the blog it released aims to provide context on these external spear-phishing attempts, which are standard attack techniques and do not represent any…

ReliaQuest has released a detailed investigation into a cyber intrusion that impacted a manufacturing company in October 2024. The attack has been attributed with high confidence to the predominantly English-speaking cyber collective “Scattered Spider,” now partnering with the notorious “RansomHub” gang. Scattered Spider, previously known for affiliations with the ALPHV (BlackCat) ransomware group, has shifted its focus towards high-stakes ransomware attacks, now working with RansomHub to target large organizations for financial gain. Key Findings from the Incident The attackers gained access through a series of social engineering attacks targeting the company’s help desk. Within hours, they encrypted the company’s systems…

A recent cybersecurity report by SecurityScorecard and KPMG reveals that the US energy sector remains at high risk of cyber threats, particularly from third-party sources. This analysis, evaluating 250 top US energy companies, highlights vulnerabilities across the energy supply chain—from oil and gas production to renewable energy—showing that despite strong security practices in many areas, gaps still leave the sector exposed to ransomware, data breaches, and other cyber disruptions. Energy, as a critical infrastructure sector, intersects multiple industries, such as manufacturing, technology, and automotive, making cybersecurity in this field essential for national resilience. As Craig Jones, Vice President of Security…

As we wrap up our Cybersecurity Awareness Month series, we’d like to extend a huge thank you to everyone who contributed their insights and expertise. The response to this series has been incredible, and we’re grateful for the valuable advice shared by industry leaders throughout each article. In this fourth and final installment, we continue to highlight simple yet powerful steps to “Secure Our World.” While the cyber landscape is ever-evolving, one thing remains clear: adopting the right cybersecurity practices can make a real difference. With the collective wisdom of our experts, we hope this series has provided useful guidance…

In a new and sophisticated campaign, the infamous North Korean-affiliated Lazarus APT group and its BlueNoroff subgroup have once again proven their expertise in exploiting zero-day vulnerabilities. The group, known for targeting financial institutions, governments, and even cryptocurrency platforms, has now expanded its operations to lure investors using a seemingly innocuous decentralized finance (DeFi) game. Lazarus, notorious for using its malware known as Manuscrypt, has been employing the malicious software since 2013 across more than 50 campaigns globally. These include attacks on governments, diplomatic entities, and cryptocurrency platforms. However, their latest exploit, detected as early as 13 May 2024 via…

WhatsApp is rolling out a series of updates aimed at making it easier for users to manage their contacts privately across devices. Previously, users could only add contacts via their mobile device by entering a phone number or scanning a QR code. Now, the Meta company is expanding contact management capabilities to WhatsApp Web and Windows, and eventually other linked devices. This new functionality also introduces the option to save contacts exclusively to WhatsApp. This feature is designed for users who share devices or want to separate personal and business contacts when managing multiple WhatsApp accounts on one phone. “Today…

Cybersecurity experts from Positive Technologies’ Security Expert Center (PT ESC) have uncovered an exploit targeting Roundcube Webmail, an open-source email client written in PHP. According to the researchers, Roundcube’s “extensive functionality and the convenient access it gives users to email accounts via a browser—without the need for full-fledged email clients—have made it popular among commercial and government organizations worldwide.” However, this popularity has also put us in the crosshairs of cybercriminals who rapidly adapt exploits once they become publicly known in the hope of stealing credentials and corporate email communications. The attack leverages a vulnerability—CVE-2024-37383—and poses a significant threat to firms that have yet to update their Roundcube…

The NHS App is set to undergo a major transformation, with plans to make full medical records, test results, and doctor’s letters accessible to patients across England. This initiative is part of a new 10-year strategy aimed at revolutionizing how patients engage with the healthcare system, with digitalization at its core. Government ministers hope the changes will ease healthcare access like apps have eased banking. At present, the app’s functionality is limited because patient records are stored separately by individual GP practices and hospitals, preventing seamless integration. However, under the new strategy, the government intends to establish a unified patient…

A novel attack, dubbed ConfusedPilot, has been discovered, targeting widely used Retrieval Augmented Generation (RAG)-based AI systems such as Microsoft 365 Copilot. This method allows malicious actors to manipulate AI-generated responses by introducing malicious content into documents referenced by these systems. The potential consequences include widespread misinformation and compromised decision-making across entities that rely on AI to help with critical tasks. With 65% of Fortune 500 companies currently implementing or planning to adopt RAG-based AI systems, the implications of these attacks are significant. The researchers from the University of Texas at Austin, led by Professor Mohit Tiwari, have highlighted the…