US healthcare technology giant Change Healthcare recently fell victim to a cyberattack that resulted in widespread network disruptions.  The incident was initially disclosed on February 21 at 02:15 EST, when the company announced that some of its applications are unavailable.  In an update at 08:38 EST, Change Healthcare said that it was experiencing enterprise-wide connectivity issues as a result of the incident.  Over 100 applications across dental, pharmacy, medical record, clinical, enrollment, patient engagement, revenue, and payment services were listed as affected.

Sylvester Kaczmarek, Chief Technology Officer at OrbiSky Systems, emphasizes the need for robust cybersecurity measures to protect space assets from attacks threatening global stability and security. A cyberattack could disrupt a satellite's service or disable a spacecraft. Expanding the digital realm into space has created new opportunities for cyber threats and presented significant challenges. This article continues to discuss Kaczmarek's insights on the need to improve cybersecurity for satellites as threats to space-based infrastructure rise.

A new study introduces an innovative approach to addressing the ongoing challenge of zero-day phishing attacks in cybersecurity. Zero-day threats exploit previously unknown vulnerabilities in software, networks, and computer systems before a patch or update is made. Thomas Nagunwa from the Department of Computer Science at the Institute of Finance Management in Dar Es Salaam, Tanzania, has proposed a Machine Learning (ML) model for detecting these emerging and ever-changing threats in real-time.

Iranian state-sponsored Advanced Persistent Threat (APT) groups have posed as hacktivists, claiming attacks launched against Israeli critical infrastructure and air defense systems. According to researchers at Crowdstrike, most cyberattacks against Israel in recent months have been executed by hacktivists and nation-state actors "playing them on TV." These "faketivists" imitate the tactics, techniques, and procedures (TTPs), as well as the aesthetic and rhetoric of legitimate hacktivist groups.

In the past two years, 60 percent of organizations have suffered a breach involving Application Programming Interfaces (APIs). Hackers exploit APIs because they allow them to bypass security controls, gain access to sensitive company data, take over certain functionalities, and more. A publicly exposed API of the social media platform Spoutible could have resulted in attackers stealing users' Two-Factor Authentication (2FA) secrets and encrypted password reset tokens.

Security experts at Crowdstrike recorded a surge in “hands-on-keyboard” threats in 2023, with the average time it took to move laterally from initial access dropping 35% annually to just 62 minutes.  The researchers noted that this so-called “breakout time” is a critical factor in how successful attacks are, as it signifies how long defenders have to detect and contain threats before attackers are able to conduct reconnaissance, establish persistence, and locate their targets.

Major technology companies recently signed a pact to take "reasonable precautions" to prevent Artificial Intelligence (AI) tools from being used to disrupt democratic elections. Executives from Adobe, Amazon, Google, IBM, Meta, Microsoft, OpenAI, and other companies have announced a new framework for responding to AI-generated deepfakes aimed at deceiving voters. The companies have not committed to banning or removing deepfakes. The accord instead specifies how they will attempt to detect and label deceptive AI content distributed on their platforms.

Mustang Panda, a China-linked threat actor, has targeted Asian countries with a variant of the PlugX backdoor called DOPLUGS. DOPLUGS has primarily targeted people in Taiwan and Vietnam. Other targets have been in Hong Kong, India, Japan, Malaysia, Mongolia, and China. Mustang Panda, also known as BASIN, Bronze President, Camaro Dragon, Earth Preta, HoneyMyte, RedDelta, Red Lich, Stately Taurus, TA416, and TEMP.Hex, relies heavily on PlugX. This article continues to discuss the PlugX variant used by Mustang Panda.

President Joe Biden will be issuing an Executive Order (EO) to strengthen US maritime cybersecurity amid increased reliance on digital technology in the shipping sector.  The Order is part of the White House’s ambition to bolster the nation’s supply chains and critical infrastructure, as set out in the Administration’s National Cybersecurity Strategy published in March 2023.  The new EO will give new powers to the Department of Homeland Security to directly address maritime cyber threats.