Citrix reports that 42 percent of organizations surveyed in the US are considering or have already moved at least half of their cloud-based workloads back to on-premises infrastructures due to unexpected security issues, high project expectations, and more. According to Information Technology (IT) leaders, the most common reasons for cloud repatriation projects were security concerns, unexpected costs, performance issues, compatibility issues, and service outages.

A team of researchers examined the different approaches to cybersecurity and data protection taken by the EU, the US, and China. In addressing historical data concerns and evolving cyber threats, countries are considering the impact of Large Language Models (LLMs), such as ChatGPT. Cybersecurity and data privacy have emerged as significant concerns, affecting business operations and user safety.

A new paper by National Renewable Energy Laboratory (NREL) researchers, presented at the 2023 IEEE Power and Energy Society's Innovative Smart Grid Technologies conference, emphasizes the importance of solar energy cybersecurity. Securing behind-the-meter Distributed Energy Resources (DERs) is critical as the global energy landscape evolves.

The United States recently announced that it is offering big rewards for information on cybercriminals linked to the recently disrupted LockBit ransomware operation. The UK’s National Crime Agency (NCA) and other law enforcement agencies have seized LockBit domains and servers, causing significant disruption to the cybercrime operation. The NCA has mocked cybercriminals, posting a message in the hijacked LockBit panel informing affiliates that law enforcement may be in touch with them very soon.

Those who use the ConnectWise ScreenConnect remote desktop management tool are being attacked following the release of a Proof-of-Concept (PoC) exploit for a critical security vulnerability in the platform. Researchers warn that the situation could escalate into a massive compromise event. ScreenConnect enables tech support and others to authenticate to a machine as if they were the user. Therefore, it is attractive to threat actors seeking to infiltrate high-value endpoints and other areas of corporate networks.

The US Department of Energy's (DOE) CyberForce Program aims to help build a workforce of skilled cyber defenders for the energy sector by offering engaging competitions, webinars, career fairs, and skill-building resources. The DOE's Office of Cybersecurity, Energy Security, and Emergency Response (CESER) and Argonne National Laboratory (ANL) have announced the winners of the recent inaugural CyberForce Conquer the Hill - Command Edition competition.

Threat actors have repurposed SSH-Snake, a recently open-sourced network mapping tool, to perform malicious activities. SSH-Snake is a self-modifying worm that uses SSH credentials found on a compromised system to spread itself across the network. The worm searches known credential locations and shell history files to determine its next step. It was first released on GitHub in early January 2024, and its developer describes it as a "powerful tool" for automatically traversing networks using SSH private keys discovered on systems.

On January 11, 2024, the Science of Security (SoS) initiative held the kickoff meeting for its newest iteration of collaborative academic research, the SoS Virtual Institutes (VIs). Rita Bush, Chief, Laboratory for Advanced Cybersecurity Research (LACR), and Shavon Donnell, SoS Program Manager, welcomed the attendees, and congratulated the researchers for being selected.  

According to Cisco Talos researchers, hackers are abusing the Google Cloud Run service to spread massive amounts of banking Trojans such as Astaroth, Mekotio, and Ousaban. Google Cloud Run allows users to deploy frontend and backend services, websites, and applications, as well as manage workloads, without the need for infrastructure management or scaling.

According to security researchers at Trend Micro, LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev, likely to become LockBit 4.0, when law enforcement took down the cybercriminal's infrastructure earlier this week.  Trend Micro analyzed a sample of the latest LockBit development that can work on multiple operating systems.