Cyber News Around the world
In the fast paced landscape of cyber research, we are happy to serve as a vital hub for the swift and informed dissemination of news within the cyber community. By cultivating a collaborative environment and promoting the transparent sharing of news, we aim to empower our community to stay ahead of cyber adversaries and contribute to the ongoing development of resilient cyber solutions.
March 2024:
Cyber Daily: The list of countries blaming China for a recent wave of cyber-espionage is growing, with Finland being the latest country to accuse Chinese state-sponsored hackers for being behind an attack on government systems.
BBC: A ransomware group is threatening to publish a huge cache of stolen data following a cyber attack on a Scottish health board.
Read more: Hackers threaten to publish huger cache of NHS data
Cyber Daily: Artificial Intelligence (AI) is set to change the cybersecurity industry in a major way. We already know that AI tools are being used by threat actors, but a new study is testing whether or not these tools can be used to fight cyber-crime.
Read more: Can generative AI be used to fight cyber crime?
Politico: The Biden administration and Congress are stepping up efforts to counter cyberattacks on satellites and other space infrastructure.
Forbes: Cybercrime isn’t just a futuristic Hollywood plotline, it’s a real threat that targets everyone—from wide-eyed kids to seasoned adults and wise grandparents.
Read more: 7 Cyber Safety Tips To Outsmart Scammers
Cyber Daily: A hacking group linked to Russia’s Foreign Intelligence Service (SVR) is targeting German political parties. Germany, which has provided a substantial amount of military support to Ukraine, has faced persistent espionage threats from Russia since the beginning of the invasion of Ukraine.
Read more: German political parties are latest targets of Russian cyber spies
USA: The Environmental Protection Agency and National Security Council are urging states to stay alert for cyber threats targeting water sector infrastructure. Warning that hackers linked to China and the IRGC still pose a threat to water sector systems that clean and distribute water to communities.
Read more: White House warns states of continued cyber threats to water infrastructure
BBC: A criminal investigation has started into a cyber-attack that has disrupted Leicester City Council's systems for more than a week. The council said it could not comment on the nature of the incident while the investigation was ongoing. Systems and phone lines have been down since 7 March.
Read more: Criminal investigation into Leicester City Council cyber-attack
Cyberscoop: The financial services industry could be increasingly vulnerable to cyber-enabled fraud perpetrated by threat actors leveraging artificial intelligence tools, according to a USA Treasury Department report released Wednesday that examines AI-specific cyber risks to the critical infrastructure sector.
Read more: Treasury report calls out cyber risks to financial sector fueled by AI
IT World: Researchers in quantum computing and cybersecurity have developed a machine learning model that improves the early detection of cybersecurity threats and increases the explainability of results.
Read more: Quantum AI Model Improves Early Cyber Threat Detection
Cisco: Tech giant Cisco has released its 2024 Cybersecurity Readiness Index, which surveys 8,000 private sector security and business leaders — and found that 54% had experienced a cyber attack in the last year.
Read more: Cisco: 54% of Businesses Suffered a Cyber Attack in 12 Months
The European Union Agency for Cybersecurity (ENISA) publishes the executive summary of this year’s ‘Foresight Cybersecurity Threats for 2030’ presenting an overview of key findings in the top 10 ranking.
Read more: Skills shortage and unpatched systems soar to high-ranking 2030 cyber threats
Forbes: Practical cybersecurity recommendations to align your operational technology (OT) cybersecurity strategy to the Joint Cyber Defense Collaborative (JCDC) priorities that will improve your cybersecurity resiliency.
Read more: Put New Joint Cyber Defense Collaborative Priorities Into Action
Federal Cybersecurity and Infrastructure Security Agency (CISA): which had previously issued warnings about hackers exploiting zero-day vulnerabilities in certain Ivanti products, now says that it has had its own systems compromised.
Read more: Federal Cyber Agency Offlines 2 Systems After Ivanti Hack
National Law Review: Since the dawn of digitalization, the collection and retention of personal and other business confidential data by employers has implicated security and privacy challenges—by amassing a treasure trove of data for bad actors (or unwitting/unauthorized employees) and drawing a roadmap for those seeking to breach the system. Adding artificial intelligence (AI) into the mix creates further areas of concern.
Read more: More Critical Than Ever: Cyber Risk "Tabletop Exercises" in the AI Infused Workplace
Nissan hack in Australia and New Zealand, customers have been the victims of a malicious cyberattack, compromising the personal information of over 10,000 individuals.
Read more: 10K+ Users Data Stolen by Hackers
Lloyds Publishes Report: Major leaps in the effectiveness of Generative AI (GenAI) and Large Language Models (LLMs) have dominated the discussion around artificial intelligence over the past 18 months. Given its growing availability and sophistication, the technology will inevitably reshape the cyber risk landscape.
Read more: Generative AI: Transforming the cyber landscape
Microsoft and OpenAI: Found and shutdown suscipious accounts belonging to five state-affiliated malicious actors using AI tools, including ChatGPT, to carry out cyberattacks.
Read more: Cyber attackers are using AI to get better, Microsoft executive says
Asia Times: US now features cybersecurity in annual Cobra Gold joint exercises while Huawei is working hand-in-hand with Thai authorities to thwart cyber threats.
Read more: US, China wrestling for Thailand’s cyber soul
Microsoft: corporate email systems were attacked by Midnight Blizzard, a Russian state-sponsored actor.
Read more: Microsoft says Russian hackers are trying to get into its source code
Calcalist: the pace at which AI is evolving presents challenges and opportunities in the realm of cybersecurity as well. For instance, cybercriminals can exploit advanced AI tools to craft malware and sophisticated cyberattacks that can cause significant damage to organizations and critical infrastructure.
Read more: Hackers can use ChatGPT too: How GenAI became a powerful cyber-weapon
February 2024:
Check Point Research: 2024's Cyber Battelground Unveiled - Escalating Ransomware Epidemic, the Eveloution of Cyber Warfare Tactics and Strategic use of AI in Defense
Read more: Check Point's Latest Security Report
Microsoft: Since Hamas attacked Israel in October 2023, Iranian government-aligned actors have launched a series of cyberattacks and influence operations (IO) intended to help the Hamas cause and weaken Israel and its political allies and business partners.
Read more: Iran accelerates cyber ops against Israel from chaotic start
BBC on Ransomware Attacks in the UK.
Read more: Why some cyber-attacks hit harder than others
Forbes: Cybersecurity attack at Change Healthcare, a subsidiary of UnitedHealth Group, has caused prescription delays and disruptions at a number of pharmacies across the U.S. and is ongoing.
Read more: Change Healthcare Cyberattack Disrupts Services Nationwide—Here’s What To Know
January 2024:
World Economic Forum Report
Read more: Global Cybersecurity Outlook 2024
Microsoft: security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access.
Read more: Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
December 2023:
The Washington Post reviews the year's cybersecurity trends.
Read more: The year in cyber
The World Economic Forums shares the major stories that defined cybersecurity in 2023.
Read more: 6 stories that defined cybersecurity in 2023
The Wall Street Journal's review of regulation and cybercrime in 2023.
Read more: Regulators Got Tough on Cyber in 2023 as Crime Soared
Computer Security Online (CSO) projects the next few years will see AI tip the scales between threat actors and security teams protecting the enterprise. Collaboration with government is key to the tech industry coming out ahead.
Read more: Surviving the cyber arms race in the age of generative AI
As the SEC's expanded cybersecurity rules come into effect, drastic changes in regulatory compliance ensue.
Reuters reports that Britain's National Grid has removed components supplied by China-backed Nari Technology over cyber security fears.
Read more: Britain's National Grid drops China-based supplier over cyber security fears - FT
The American National Security Agency (NSA), along with the FBI, warn that Russian Foreign Intelligence Service (SVR) cyber actors are exploiting a publicly known vulnerability to compromise victims globally, including in the United States and in allied countries.
Read more: Russian Cyber Actors are Exploiting a Known Vulnerability with Worldwide Impact
Services restored following a cybersecurity breech at the Long Beach Public Library, which took the majority of its official website’s connections, networks and systems offline.
Read more: Long Beach Public Library’s digital offerings brought back online after cyber attack
Museums, galleries and archives have been urged to tighten their cyber security following the massive ransomware attack on the British Library, a major hack by the criminal group Rhysida that has left it severely incapacitated.
Read more: Museums on alert following British Library cyber attack
Calcalist reports joint investigation revealed that the Iranian Ministry of Intelligence’s Agrius and Hezbollah’s Lebanese Cedar were behind the cyber attack on Ziv Medical Center in Israel, in which 300,000 patient records were stolen.
Read more: Iran and Hezbollah were behind cyberattack on Israeli hospital, says National Cyber Directorate
Draft regulation establishes EU capabilities to make Europe more resilient and reactive in front of cyber threats, while strengthening cooperation mechanisms.
A recent cyber attack on Ukraine’s largest telecommunications provider, Kyivstar, caused temporary chaos among subscribers and thrust the cyber front of Russia’s ongoing invasion back into the spotlight.
Read more: Ukrainian telecoms hack highlights cyber dangers of Russia’s invasion
The European Research Council (ERC) warns researchers to maintain academic integrity if they use artificial intelligence (AI) tools to write research proposals.
Read more: European Research Council issues warning on AI’s use in grant applications
Time reports that 70% of Iran’s petrol stations have seen their services disrupted after a massive cyber attack was carried out by the hacker group Gonjeshke Darande, which also claimed responsibility for attacks against Iranian petrol stations, rail networks and steel factories, according to Iranian state media.
Read more: What to Know About the Hacker Group That Shut Down 70% of Iran’s Gas Stations
The Washington Post reports the Chinese military is ramping up its ability to disrupt key American infrastructure, including power and water utilities as well as communications and transportation systems, according to U.S. officials and industry security officials.
Read more: China’s cyber army is invading critical U.S. services
BBC News reports the UK is accusing Russia's Security Service, the FSB, of a sustained cyber-hacking campaign, targeting politicians and others in public life.
Read more: Russia hacking: 'FSB in years-long cyber attacks on UK', says government
November 2023:
The EU Council presidency and European Parliament's negotioators have reached a provisional agreement on the proposed legislation regarding cybersecurity requirements for products with digital elements, which aims to ensure that products such as connected home cameras, fridges, TVs and toys are safe before they are placed on the market (cyber resilience act).
Calcalist reports that the Israeli Knesset (parliament) approved full access to the biometric database to the Israel Defense Forces (IDF), the Shin Bet and the Mossad and seeks to grant them access to private security cameras.
Read more: Israel’s security bodies receive direct access to biometric databases and cameras
October 2023:
Reuters indicates that both public and private companies need to make sure they are complying with pertinent parts of new regulations as the SEC readies its new rules on cybersecurity and disclosure of breaches.
Read more: Companies should prepare to comply with new SEC cybersecurity rules
September 2023:
BBC News reports Ukraine cyber-operators are being deployed on the front lines of the war, duelling close-up with their Russian counterparts in a new kind of high-tech battle.
Read more: Ukraine war: Cyber-teams fight a high-tech war on front lines
Reuters Legal News and Westlaw Today provide an attorney analysis on cybersecurity law, compliance and protection and government imposed civil obligations on organizations.
Read more: Cybersecurity law, compliance and protection
August 2023:
Computer Security Online (CSO) says the US Securities and Exchange Commission’s aggressive new rules mark a profound regulatory shift in how businesses are now required to manage their cybersecurity risks.
Read more: Balancing risk and compliance: implications of the SEC’s new cybersecurity regulations
The International Association for Privacy Professionals (IAPP), the world's larget global information privacy community, on the California Privacy Protection Agency issued draft regarding risk assessments and cybersecurity audits. The regulations, if adopted, would have the indirect effect of imposing significant cybersecurity requirements on companies collecting or otherwise processing personal data.
Read more: California privacy agency lays out vision for cybersecurity regulation
July 2023:
The Federal Register, the Daily Journal of the United States Government, published a proposed rule by the Federal Trade Commission (FTC).
June 2023:
The Washington Post reports that SEC rules changes are the latest battleground over government cybersecurity mandates.
Read more: Proposed SEC Cyber Regulations Draw Mixed Reviews
May 2023:
The European Council approved conclusions on cyber defence, stressing the need for the EU and its member states to further strengthen their resilience to cyber threats and enhance its common cyber security and cyber defence against malicious behaviour and acts of aggression in cyberspace.
April 2023:
The EU Cyber Solidarity Act includes a series of actions to strengthen solidarity and enhance coordinated EU detection and situational awareness, while at the same time supporting Member States' preparedness and response capabilities to significant or large-scale cybersecurity incidents.