Insurance consulting and brokerage firm Keenan & Associates has recently started informing more than 1.5 million individuals that their personal information was stolen in an August 2023 cyberattack.  The company noted that the cyberattack was discovered on August 27, when disruptions occurred on some of its servers, and was contained within hours.  Keenan’s investigation into the cyberattack revealed that an unauthorized party gained access to certain Keenan internal systems at various times between approximately August 21, 2023 and August 27, 2023.

With support from Lockheed Martin, a team of student researchers at Embry-Riddle Aeronautical University's Prescott Campus are developing a Cellular Intrusion Detection (CID) system aimed at detecting unwanted cellular devices in secure areas. Zachary Traynor, an Electrical Engineering senior, recently interned at Lockheed Martin, learning about multi-level security checks and clearances that protect confidential information and products.

According to researchers from the Computer Science and Artificial Intelligence Laboratory (CSAIL) at the Massachusetts Institute of Technology (MIT), ambient light sensors are vulnerable to privacy threats when embedded in a smart device's screen. The team has presented a computational imaging algorithm to recover an image of the environment from the perspective of the display screen using these sensors' subtle single-point light intensity changes in order to show how hackers could use them in conjunction with monitors.

The Farm and Food Cybersecurity Act would require the agriculture secretary to conduct a survey every two years on the state of cyber vulnerabilities and threats to the food and agriculture sectors, as well as collaborate with major intelligence community officials to perform exercises simulating industry-disrupting cyberattacks. According to the US Agency for International Development (USAID), cyberattacks on agriculture supply chains pose a significant threat to global food security because the sector's digitization enables hackers to disrupt farming equipment.

Quantum communication transmission rates have been limited by the "dead time" of single-photon detectors. Researchers at LG Electronics in South Korea recently revealed a new protocol to improve transmission rates while also increasing security. The novel protocol introduces techniques for overcoming the limitations posed by single-photon detectors' dead time and channel loss.

Three former Department of Homeland Security (DHS) employees have recently been sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees.  The three individuals are Charles K. Edwards, a former Acting Inspector General of the DHS Office of Inspector General (DHS-OIG), sentenced to 1.5 years in prison; Sonal Patel, a member of the department IT staff, sentenced to 2 years of probation; and Murali Y. Venkata, also from the IT department, sentenced to 4 months in prison.

Schneider Electric, the energy management and automation giant, has been targeted in a Cactus ransomware attack, resulting in data theft. Researchers discovered that the ransomware attack targeted the company's Sustainability Business division. The attack disrupted some of Schneider Electric's Resource Advisor cloud platform, which continues to experience outages today. The ransomware group allegedly stole terabytes of data during the cyberattack and is now extorting the company by threatening to leak the data if the demanded ransom is not paid.

Researchers have discovered Faust, a new variant of the Phobos ransomware family, in the wild. According to Fortinet FortiGuard Labs, the latest variant of the ransomware is spread through an infection that delivers a Microsoft Excel document containing a VBA script. Security researcher Cara Lin says the attackers used the Gitea service to store several Base64-encoded files, each of which contained a malicious binary. These files trigger a file encryption attack when they are injected into a system's memory.

According to Forescout, Operational Technology (OT) is under constant attack, with key protocols facing many persistent attacks. Many of the attacks involve protocols used in industrial automation and power sectors, such as Modbus, Ethernet/IP, Step7, DNP3, and more. Persistence tactics have increased by 50 percent from 3 percent in 2022. Although most observed commands used by threat actors are still aimed at generic Linux systems, there is a noticeable trend of specific commands executed for network operating systems on widely used routers.

Threat actors installed the Pegasus spyware on phones belonging to several journalists in Togo. Pegasus spyware, developed by the Israeli company NSO Group, enables the controller to access and extract information from an exploited mobile device. The spyware can also intercept and transmit messages, emails, media files, passwords, and more without the user's knowledge or interaction. This article continues to discuss the infection of Togolese journalists' mobile devices with the Pegasus spyware.