Microsoft’s AI Security Copilot: A New Defense Against Cyberattacks
Microsoft recently introduced its AI Security Copilot, a GPT-4-based chat tool that works with the company’s existing security products to analyze data and offer insights, visualizations, and suggested remedies. Capable of taking action against specific threats, the AI Security Copilot is a promising new tool in the fight against cybercrime.
Google Under Fire: Destroyed Evidence in Antitrust Case
Google faces legal repercussions as it is accused of intentionally disposing chat history related to its anticompetitive agreements. Plaintiffs in the Android antitrust case call for a substantial penalty, arguing that Google hindered the investigation by setting most chat sessions to history-off.
Penetration Test Analysis: Corporate Security Posture Deteriorating
An analysis of 1 million penetration tests revealed that data-exfiltration risk scores have increased significantly in 2022. Cymulate attributes the rise to attackers’ improved tactics and companies’ patching hygiene issues. However, companies have shown progress in malware detection, blocking many attacks via web gateways.
North Korean Hackers Turn to Crypto Mining for Laundering
A Mandiant report found that North Korean state-sponsored hackers have adopted a new tactic for laundering stolen cryptocurrencies. By renting time on computers to mine clean crypto, the hackers avoid detection amid increased regulatory scrutiny on crypto exchanges and laundering services.
Microsoft’s Exchange Online Targets Vulnerable On-Prem Servers
Microsoft is implementing a transport-based enforcement system in Exchange Online to address the risks associated with unsupported and unpatched on-prem Exchange servers. The system will provide alerts, throttling, and eventual blocking of these servers to protect users and networks.
Russia-Iran Cyber Cooperation: A Growing Military Partnership
Russia’s support for Iran’s advanced digital-surveillance capabilities has intensified their military cooperation. With both nations boasting sophisticated cyber capabilities, their collaboration includes providing eavesdropping devices, advanced photography equipment, and lie detectors, among other tools. This development raises concerns about the potential cyber threats they could pose together.
USPS Urged to Strengthen Safeguards Against Change of Address Fraud
Bipartisan lawmakers have called on the US Postal Service to improve its defenses against change of address fraud. The USPS has been criticized for its reliance on paper forms and lack of verification checks, resulting in over 23,000 fraud cases in 2021. Lawmakers propose provisions that would allow citizens to freeze address changes for added protection.
CISA Director Defends Funding Increase Amid Rising Cyber Threats
CISA Director Jen Easterly has argued for a 5% increase in the agency’s funding to address growing cybersecurity threats and protect US critical infrastructure. Easterly warned that reducing the agency’s budget could jeopardize national security and put the country back in a “pre-SolarWinds world.”
Chinese APT Groups Linked to New Linux Malware “Mélofée”
Cybersecurity firm ExaTrack discovered a new piece of Linux malware, “Mélofée,” with connections to Chinese state-sponsored hacking groups Earth Berberoka and APT41. Mélofée enables hackers to perform various operations, including file manipulation and command execution, without detection.
Clipper Malware Campaign Targets TOR Browser Installers
Kaspersky identified a clipper malware campaign targeting TOR anonymity browser users in Russia and Eastern Europe. By monitoring clipboard content and replacing infected wallet addresses, the malware steals cryptocurrencies, netting the operators an estimated $400,000 in illegal profits.
APT43: North Korean Group Focused on Espionage and Financial Gain
APT43, a North Korean nation-state hacking group, has been identified as responsible for campaigns aimed at gathering strategic intelligence and pursuing financial gain. The group targets government, education, research, policy institutes, business services, and manufacturing sectors in South Korea, the US, Japan, and Europe.
Decentralized Phishing: The Rise of IPFS-Based Attacks
Researchers at Kaspersky have discovered a growing trend among cybercriminals who are using the InterPlanetary File System (IPFS) to launch phishing campaigns. This decentralized file protocol offers resiliency against content takedowns and allows attackers to distribute phishing links on a massive scale. IPFS’s distributed nature makes it harder to delete files and reduces hosting costs, making it an appealing choice for cybercriminals.
The world of cybersecurity is constantly evolving, with new threats emerging and existing ones becoming more sophisticated. Staying informed on the latest developments is crucial for both individuals and organizations to protect themselves against cyberattacks. From AI-powered security tools and legal battles to advanced hacking techniques and international cyber cooperation, understanding the dynamic cybersecurity landscape is more critical than ever. That wraps up todays cybersecurity brief and as always stay safe, stay vigilant and we’ll see you tomorrow with another update!