With new automation tools, cybercriminals can now exploit users in many new ways, but at least two stand out as particularly concerning this year: Multi-Factor Authentication (MFA) attacks and Search Engine Optimization (SEO) poisoning. MFA has long been a critical component of business security, and most companies now require it to make it more difficult for adversaries to gain access to and take over accounts. However, cybercriminals are integrating new methods to bypass MFA into their phishing attacks by intercepting or sidestepping generated codes.

According to a recent survey of federal agencies' defensive cyber operations, Artificial Intelligence (AI) tools can help the government better identify and defend against various cyber threats. The report recently released by General Dynamics Information Technology (GDIT) found that many federal officials were overwhelmed with data as well as concerned about human oversight and staffing challenges' impact on existing cyber risks, which AI could address.

Moneris, a payment processing company with clients including Starbucks and IKEA, has been listed on the Medusa ransomware gang's dark web blog. Several samples of the data allegedly stolen in the attack against Moneris are included in the post. The attackers provided screenshots of email conversations, transaction data, and other sensitive information. According to the post, they want the company to pay $6 million to return the stolen data. However, paying attackers does not always imply that data is safe, as cybercriminals sometimes take the money and publish the data.

Trend Micro researchers created a risk matrix by comparing the 16 most active infostealer malware variants across Russian Market and 2easy.shop, two dark web marketplaces. It estimated how "at risk" a piece of stolen data is once it is in a cybercriminal's possession. Cryptocurrency wallets and website credentials were tied first because they are among the most monetizable types of data and the easiest to find on underground sites. Other categories, such as Wi-Fi credentials and desktop screenshots, are less risky because they are more difficult to sell and abuse.

Sapphire Sleet, also known as APT38, BlueNoroff, CageyChameleon, and CryptoCore, is a subgroup of the Lazarus Advanced Persistent Threat (APT) group. The APT group has targeted cryptocurrency exchanges, venture capital firms, and banks. Microsoft researchers are warning of a new social engineering campaign targeting Information Technology (IT) job seekers involving fake skills assessment portals. Sapphire Sleet has previously been observed using platforms such as LinkedIn and applying lures related to skills assessment.

Hackers recently stole over $100 million from the cryptocurrency trading platform Poloniex, taking millions of dollars in Bitcoin and Ethereum with them. The platform confirmed its investigation of the theft and plans to compensate those impacted by the hack. The attack on Poloniex comes after a relative lull in cryptocurrency platform attacks. Millions of dollars in coins were stolen from Exactly Protocol and Harbor Protocol in August. Vyper, one of the most popular Web3 programming languages, was exploited earlier this year by hackers who stole at least $61 million in cryptocurrency.