Hot Topic recently announced that attackers targeted Hot Topic Rewards accounts in automated attacks using login information obtained from an unknown source.  The company said that it determined that unauthorized parties launched automated attacks against its website and mobile application on November 18-19 and November 25, 2023, using valid account credentials (e.g., email addresses and passwords) obtained from an unknown third-party source.

Point32Health, the second-largest health insurer in Massachusetts, has recently revealed that the personal information of more than 2.8 million individuals was stolen in a ransomware attack in April 2023.

The US Department of Energy (DOE) recently announced a $15 million investment in university-based electric power centers to bolster cybersecurity in the energy sector.  The DOE says the funding will go to six universities selected by the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), which will partner with industry stakeholders and the DOE National Laboratories for cybersecurity research and training development.

Sauvik Das, an assistant professor at Carnegie Mellon University's (CMU) Human-Computer Interaction Institute (HCII), and his team of researchers developed a taxonomy of Artificial Intelligence (AI) privacy risks after analyzing 321 documented AI privacy incidents. The team's goal was to document how the unique capabilities and requirements of AI technologies described in those incidents led to new privacy risks, worsened existing ones, or did not significantly alter known risks. This article continues to discuss the study "Deep Fakes, Phrenology, Surveillance, and More!

Researchers at the Department of Energy's (DOE) Oak Ridge National Laboratory have shown that advanced quantum-based cybersecurity can be implemented in a deployed fiber link. Their findings validate an earlier proof-of-principle laboratory experiment conducted by ORNL scientists in 2015. The team used a true local oscillator to transmit a quantum signal for Quantum Key Distribution (QKD), a secure secret key-sharing method. A local oscillator suppresses the effects of noise scattered from other data transmitted in the same fiber-optic network.

Security researchers have discovered a new cyber espionage group linked to Ukraine that has been active since at least January. They named the group "PhantomCore" and named the attackers' remote access malware "PhantomRAT." The hackers used a known vulnerability in the Windows file archiver tool WinRAR to launch attacks on unnamed Russian companies. Tracked as CVE-2023-38831, the bug was previously exploited by state-controlled hackers linked to Russia and China in early 2023 before being patched. This article continues to discuss findings regarding PhantomCore.

Implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) will improve the US Cybersecurity and Infrastructure Security Agency's (CISA ) ability to use cybersecurity incident and ransomware payment information reported to the agency to identify patterns, fill information gaps, quickly release resources to help entities suffering from cyberattacks, and notify others who may be affected. When information about cyber incidents is shared quickly, CISA can use it to help other organizations avoid a similar incident.

The US Department of State has announced a $10 million bounty for information that will help law enforcement find anyone launching cyberattacks against American infrastructure on behalf of another country. The feds highlighted the BlackCat/ALPHV Ransomware-as-a-Service (RaaS) operation, which helped the adversary who compromised Change Healthcare and led to billions of dollars in damages. This article continues to discuss the bounty put up by the US for information to help crack down on the RaaS group's cyberattacks against US critical infrastructure.

Splunk recently announced security patches for its Enterprise product, including vulnerabilities that have been assigned a high severity rating.  One of the flaws, CVE-2024-29946, impacts the Dashboard Examples Hub in the Splunk Dashboard Studio app and can be exploited to bypass protections for risky Search Processing Language (SPL) commands. Splunk noted that this could let attackers bypass SPL safeguards for risky commands with the permissions of a highly privileged user in the Hub.

To mitigate a malware upload campaign, the Python Package Index (PyPI) repository's maintainers suspended user registration and the creation of new projects. Checkmarx warns that multiple malicious Python packages are being distributed using typosquatting methods. According to researchers, this is a multi-stage attack with a malicious payload aimed at stealing cryptocurrency wallets, sensitive data from browsers, and more. Researchers have also reported that the malicious payload uses a persistence mechanism to survive reboots.