According to Forescout, Operational Technology (OT) is under constant attack, with key protocols facing many persistent attacks. Many of the attacks involve protocols used in industrial automation and power sectors, such as Modbus, Ethernet/IP, Step7, DNP3, and more. Persistence tactics have increased by 50 percent from 3 percent in 2022. Although most observed commands used by threat actors are still aimed at generic Linux systems, there is a noticeable trend of specific commands executed for network operating systems on widely used routers.

Threat actors installed the Pegasus spyware on phones belonging to several journalists in Togo. Pegasus spyware, developed by the Israeli company NSO Group, enables the controller to access and extract information from an exploited mobile device. The spyware can also intercept and transmit messages, emails, media files, passwords, and more without the user's knowledge or interaction. This article continues to discuss the infection of Togolese journalists' mobile devices with the Pegasus spyware.

The Kansas City Area Transportation Authority (KCATA) recently announced it was targeted by a ransomware attack on Tuesday, January 23.  KCATA is a bi-state public transit agency serving seven counties of Missouri and Kansas, operating 78 bus routes and 6 MetroFlex routes using a fleet of 300 buses.  The company reports that 10.5 million people use their services in a year.  The ransomware attack impacted all its communication systems.  KCATA noted that all services are operating, including fixed-route buses and Freedom and Freedom-On-Demand paratransit services.

A Canadian involved in numerous ransomware and other types of cyberattacks against businesses, government entities, and individuals in Canada was recently sentenced to two years in prison.  The man, Matthew Philbert, 33, of Ottawa, Ontario, was arrested by the Ontario Provincial Police in November 2021, following a 23-month investigation, being charged with fraud, computer intrusions, and intent to perform computer intrusions.  In December 2021, the US Department of Justice (DOJ) also announced charges against Philbert.

Researchers at the University of Oxford have developed a new, user-friendly method for hospitals to contribute to developing Artificial Intelligence (AI) models while protecting patient data. The technique builds on recent advancements in decentralized Machine Learning (ML) and uses low-cost pre-programmed microcomputers, making it easy to implement in hospitals and inexpensive to scale. As patient privacy is critical, hospitals are often limited in sharing data to support AI algorithm development. Once the data is shared, it can be difficult to ensure confidentiality.

A Zero-Knowledge Proof (ZKP) is a cryptographic protocol that enables the prover to convince the verifier that a certain claim is true, without disclosing any details about the claim. This type of verification can be highly effective in situations where sensitive data must remain private. ZKPs are becoming more of a standard in blockchain technology as they help maintain transactional privacy and integrity, and demonstrate their potential to establish a more secure and private blockchain landscape.

Researchers from the National Institute of Standards and Technology (NIST) discovered that Artificial Intelligence (AI) systems, which rely on large amounts of data to execute tasks, can fail when exposed to untrustworthy data. A new NIST report that is part of the institute's overall effort to support the development of trustworthy AI brings further attention to the possibility of cybercriminals poisoning AI systems by exposing them to bad data. NIST researchers also found that there is no single defense that developers or cybersecurity experts can use to protect AI systems.

BlackBerry researchers urge Mexican companies with annual revenues of over $100 million to be on the lookout for a cybercrime campaign. The researchers reported that financially motivated hackers are infecting systems with the AllaKore RAT malware in order to steal banking credentials and unique authentication information. This threat actor has persistently targeted Mexican entities for more than two years and shows no signs of slowing.

Turkish hackers infiltrated the system of Lev, a popular cinema chain in Israel, to spread a threatening message. On January 23, hackers screened a message written in Hebrew with video footage. To upload the message, the hackers broke into the external system that updates advertising screens and trailers. MeshSec, a threat actor, claims to be responsible for the cyberattack. This article continues to discuss the hijacking of Lev's cinema screens claimed by MeshSec.