A National Cybersecurity Alliance (NCA) and CybSafe survey found that over a third of employees who use Artificial Intelligence (AI) for work tasks send sensitive data to AI applications without their employer's knowledge. The "Oh, Behave! 4th Annual Cybersecurity Attitudes and Behaviors Report" included insights from more than 7,000 participants. The report delved into the personal and workplace use of AI, attitudes toward AI usage and AI-generated content, and AI security training. This article continues to discuss key findings from the report regarding AI use and security.

Researcher Simone Margaritelli has detailed an unpatched vulnerability that was expected to pose a significant threat to Linux systems but turned out to be less severe. The unauthenticated Remote Code Execution (RCE) vulnerability said to affect all GNU/Linux systems had been assigned a CVSS score of 9.9, leading the cybersecurity industry to believe it would be a high-impact issue. Margaritelli found zero-day Common UNIX Printing System (CUPS) vulnerabilities that enable remote, unauthenticated attackers to execute code on vulnerable Linux and Unix-like systems.

According to Microsoft, the threat actor "Storm-0501" now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. In 2021, the threat actor became a "Sabbath" ransomware affiliate. They later used "Hive," "BlackCat," "LockBit," and "Hunters International" file-encrypting malware. They recently used "Embargo" ransomware in attacks against US health, government, manufacturing, transportation, and law enforcement organizations. This article continues to discuss Storm-0501's shift in tactics.

The Irish Data Protection Commission fined the US tech company Meta $101.6 million after an investigation that revealed a password security lapse. The watchdog began investigating in 2019 after Meta notified it that some passwords had been inadvertently stored internally in plain text. The passwords were not encrypted, and employees could search for them. This article continues to discuss Meta getting fined over a security lapse involving Facebook passwords.

The US government and global partners want to improve undersea cable infrastructure security and resiliency to protect global communications and data. This includes using cybersecurity best practices to design undersea cable infrastructure in order to reduce hacking risk. The US, UK, Canada, France, the EU, and many other nations endorsed the joint statement, which warned of the national security risks of growing reliance on communication technologies, particularly undersea cables that transmit massive amounts of data.

Business Email Compromise (BEC) attacks have targeted a few North American transportation and logistics companies. An unknown threat actor has weaponized at least 15 company email accounts since May. Proofpoint researchers could not reveal how the threat actor accessed these accounts. The attacker is using the accounts to bury initial access malware in email chains, anticipating that recipients will be distracted by ongoing work conversations. This article continues to discuss the phishing campaign targeting transportation and logistics companies in North America.

A new HTML smuggling campaign targets Russian-speaking users to spread "DCRat" malware, also known as the "DarkCrystal RAT." According to researchers, this is the first time the malware has been deployed this way, instead of through compromised or fake websites or phishing emails with PDF attachments or macro-laced Microsoft Excel documents. This article continues to discuss findings regarding the new HTML smuggling campaign.

The US government recently announced rewards of up to $10 million each for information leading to the arrest of two Russian nationals charged over their involvement in operating and laundering proceeds from carding websites.  Joker's Stash was an underground marketplace for stolen payment card data active since at least 2014 and shut down in January 2021, roughly one month after law enforcement seized its servers.

The US government has sanctioned cryptocurrency exchanges used by Russian cybercriminals. The US Office of Foreign Assets Control (OFAC) has set sanctions against "Cryptex," a cryptocurrency exchange registered in St. Vincent and the Grenadines that operates in Russia. This article continues to discuss the US sanctioning cryptocurrency exchanges used for facilitating Russian cybercrime.

According to security researcher Sam Curry, vulnerabilities in a website dedicated to Kia vehicle owners could have allowed attackers to remotely control millions of cars.  Curry noted that the vulnerabilities could have allowed attackers to gain control of key vehicle functions in roughly 30 seconds, using only the car’s license plate.  Furthermore, the bugs allowed the attackers to harvest the victim’s personal information, such as name, address, email address, and phone number, and to create a second user on the vehicle, without the owner’s knowledge.