Security researchers at ReasonLabs have discovered that three malicious Chrome extensions posing as VPNs were downloaded 1.5 million times, acting as browser hijackers, cashback hack tools, and data stealers.  The researchers noted that the malicious extensions are spread via an installer hidden in pirated copies of popular video games like Grand Theft Auto, Assassins Creed, and The Sims 4, which are distributed from torrent sites.  The researchers notified Google of its findings, and the tech giant removed the offending extensions from the Chrome Web Store.

According to security researchers at Corvus Insurance, ransomware groups seemed to return with a vengeance in November after a quieter month in October, with the highest number of listed victims ever recorded.  The researchers observed 484 new ransomware victims posted to leak sites in November.  This represents a 39.08% increase from October and a 110.43% increase compared with November 2022.  The researchers noted that this is the eleventh month in a row with a year-on-year increase in ransomware victims and the ninth in a row with victim counts above 300.

The National Cybersecurity Center of Excellence (NCCoE) has released NIST Internal Report (IR) 8432, "Cybersecurity of Genomic Data," which delves into current genomic data security practices, challenges, and proposed solutions identified by genomic data stakeholders from industry, government, and academia. The growth of the US bioeconomy has been fueled by genomic data, including DNA sequences, variants, and gene activity. The value of this information has sparked cybersecurity and privacy concerns.

Sauvik Das, assistant professor at Carnegie Mellon's Human-Computer Interaction Institute, and fellow researchers have explored how to disable smart speakers' microphones and provide users with perceptible assurance that they are not being recorded. Many users know that their smart speakers have built-in microphones, but they are unsure when the speakers are recording data and what data is eventually transmitted and processed. Smart speaker manufacturers are commonly companies that gain significant benefits from collecting users' personal data, but there are privacy risks.

Critical vulnerabilities in the Secure Shell (SSH) protocol have been discovered by a team of researchers at Ruhr University Bochum. They discovered that certain security-related parts of the standard are broken, allowing attackers to delete data from the secure connection. SSH is mainly used where servers are managed remotely. This protocol is supported by more than 15 million servers on the Internet. SSH is also implemented in network devices such as routers. SSH attacks can be dangerous because, in the worst-case scenario, attackers can gain complete control of the server.

Internet of Things (IoT) devices process highly sensitive data, thus making it essential to keep them up-to-date to eliminate vulnerabilities and improve cybersecurity, especially as hacker attacks, data misuse, and industrial espionage grow. A new study conducted by researchers at the Fraunhofer Institute for Systems and Innovation Research ISI analyzed data from 52 billion devices, their geographical location, and whether or not their installed firmware is updated. The researchers also looked at the impact of the European General Data Protection Regulation (GDPR).

Smishing is a phishing scheme that uses SMS to your phone. Like traditional phishing scams, hackers are trying to trick you into giving up your personal information via a text—that looks very much like a regular communication from your bank or a business you’ve ordered from before. The SMS text might alert you to with a problem with your account or offer you a free gift. In 2022, Americans were scammed for over $330 millions via smishing. With so many validations coming to our phones, we are used to responding to them. But it’s important to really look to what is being asked for.

According to the threat intelligence platform FalconFeedsio, a newly emerged Iranian cyber gang called "Cyber Toufan" has allegedly leaked data from 49 Israeli companies. Researchers believe many incidents were caused by a breach faced by one hosting company. Since its appearance on November 16, 2023, Cyber Toufan says it compromised high-profile organizations, including the Israel Innovation Authority, Toyota Israel, the Ministry of Welfare and Social Security, Ikea Israel, the cybersecurity and geo-intelligence company Max Security, and more.

Arion Kurtaj, a prominent member of the international cyber extortion gang Lapsus$, has been sentenced to an indefinite hospital order by the UK Southwark Crown Court. The Lapsus$ gang has compromised many high-profile companies, including NVIDIA, Samsung, Ubisoft, Mercado Libre, Vodafone, Microsoft, Okta, and Globant. Kurtaj was found guilty of hacking multiple high-profile companies by a London jury in August 2023. He has been conducting a series of solo attacks since September 2022, gaining access to about 5,000 Revolut customers' records and causing $3 million in damage to Uber.

The US Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of Version 1.0 of its Secure Configuration Baselines for Microsoft 365 (M365), along with its ScubaGear tool that helps organizations quickly assess their M365 services against CISA's recommended policies. These baselines provide easily implementable policy configuration recommendations that complement each federal agency's unique requirements and risk tolerance levels.