A new report from Group-IB details the discovery of over 16,000 malicious domains created during the Inferno Drainer cryptocurrency scam last year. The Inferno Drainer group has been linked to the theft of more than $80 million in digital assets. Inferno Drainer targeted about 100 cryptocurrency brands using thousands of unique domains. The scam involved stealing the digital assets of victims who were duped into connecting their cryptocurrency wallets to fake websites and authorizing transactions.

According to cybersecurity researchers at Bitdefender, thermostats sold by the multinational engineering company Bosch had a flaw that enabled hackers to cut the heating system's power and override the firmware. Models that did not receive an over-the-air firmware update late last year have a flaw that allows hackers to brick or replace the original firmware. The flaw stems from the Wi-Fi chip embedded in the Bosch thermostat. This article continues to discuss the critical security vulnerability found in Bosch thermostats. 

A new app store for ChatGPT could expose users to both malicious and legitimate bots that send their data to insecure and remote locations. ChatGPT's rise in popularity, together with the open-source accessibility of early GPT models, widespread jailbreaks, and creative workarounds, have resulted in a proliferation of custom GPT models in 2023. The newly launched GPT store enables OpenAI subscribers to discover and create custom bots in one place.

The Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog now includes a critical Microsoft SharePoint server bug that can be used as part of a Remote Code Execution (RCE) exploit chain. The vulnerability, tracked as CVE-2023-29357, is an elevation of privilege flaw with a CVSS v3 score of 9.8. The flaw enables attackers to gain administrator privileges on the SharePoint host by using spoofed JSON web tokens (JWTs).

According to security researchers at Comparitech, crypto heists increased in volume by 42% in 2023, with 283 incidents.  This compares to 199 crypto theft incidents in 2022.  However, the total monetary value stolen in 2023 fell by 51% from $3.55bn in 2022 to $1.75bn.  The researchers noted that worryingly, $16.93m of crypto has already been stolen in 2024 as of January 15.  This is double the $8.37m stolen throughout January 2023.

The first research program at Imperial College London's first overseas research and innovation center in Singapore, is a major $20 million grant in collaboration with Nanyang Technological University, Singapore (NTU Singapore), to improve the cybersecurity of medical devices and health data. The IN-CYPHER program will use Imperial's expertise in this area to help Singapore become a global leader in health cybersecurity and Artificial Intelligence (AI) for healthcare.

The Guardio Labs research team discovered a security flaw, dubbed MyFlaw, in the Opera web browser for Microsoft Windows and Apple macOS, which could be used to execute any file on the underlying operating system. The Remote Code Execution (RCE) vulnerability involves My Flow, a feature that allows users to sync messages and files between mobile and desktop devices. According to the company, this is possible through a controlled browser extension, evading the browser's sandbox and the entire browser process. The vulnerability affects both the Opera browser and Opera GX.

A vulnerability, tracked as CVE-2023-36025, that Microsoft fixed in November 2023, is being used by threat actors to deliver Phemedrone Stealer. By exploiting the vulnerability, attackers can bypass Windows Defender SmartScreen checks and associated prompts. If the victim is tricked into downloading and opening a malicious file, Windows will not warn them if the service finds the file or website potentially malicious.

Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical Remote Code Execution (RCE) flaw that affects all versions released before December 5, 2023, including out-of-support releases. The vulnerability, tracked as CVE-2023-22527 with a CVSS v3 score of 10.0, is a template injection vulnerability that allows unauthenticated attackers to carry out RCE on impacted Confluence endpoints. The many potential entry points and ability to use the flaw in chained attacks widen its scope to the point where it is difficult to identify definitive exploitation signs.