Cisco has released the first fixes for the IOS XE zero-day vulnerability, tracked as CVE-2023-20198, which attackers exploited to deliver a malicious implant. The fixes were recently made available, but several cybersecurity companies and organizations observed a significant decrease in the number of Internet-facing Cisco devices infected with the implant. Several theories have been proposed regarding the cause of this change, but the real reason remains unclear.

A research team in the US has developed a novel hardware accelerator prototype for edge devices that can encrypt cloud-sent and -received messages with 1,000 to 6,000 times the energy efficiency of a standard RISC-V processor. Their proposed method is called RISE. Smartphones, Internet of Things (IoT) sensors, wearable devices, and other edge devices typically have limited computational capabilities and memory, requiring frequent data transmission to the cloud for processing. However, the data exchange between edge devices and the cloud poses security and privacy risks.

Identity and access management (IAM) specialist Okta has recently found itself on the receiving end of another security breach after a threat actor was able to access a stolen credential.  Okta said an adversary used the credential to access its support case management system.  The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases.  The company noted that it should known that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted.

A team of digital security researchers at the University of Wisconsin-Madison discovered that some widely used websites are vulnerable to browser extensions capable of extracting sensitive information from HTML code, including passwords, credit card numbers, and social security numbers. About 15 percent of the more than 7,000 websites examined by the researchers retain sensitive information as plain text in their HTML source code.

The International Criminal Court (ICC) has recently revealed that a September cyberattack on its IT systems was a highly targeted espionage attempt, although attribution thus far remains elusive.  The ICC noted that based on the forensic analysis carried out, the court has already taken and will continue to take all necessary steps to address any compromise to data belonging to individuals, organizations, and states.  Should evidence be found that specific data entrusted to the court has been compromised, those affected would be contacted immediately and directly by the court.

Polytechnique Montréal has announced a cybersecurity project to prevent insider threats. Through the Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2), experts from Polytechnique Montréal, HEC Montréal, and Université de Montréal will develop a solution for this issue. Every employee, consultant, and third party with access to a company's computer systems represents a potential entry point for a cyberattack or intrusion. Whether malicious, careless, or simply unaware, these users increasingly serve as the entry point for cybercriminals.

Kevin McSheehan, an ethical hacker, took over a Central Intelligence Agency (CIA) Telegram channel used to receive intelligence by exploiting a flaw in how X, formerly Twitter, truncates URLs. He discovered the issue after hovering over the link to the CIA's Telegram channel displayed on its X social media profile. Shortly after September 27, when the CIA updated its profile, the Telegram link shortened, cutting off part of the full username, which allowed McSheehan to register the new, unregistered handle.

According to FIDO Alliance, consumers want stronger, more user-friendly alternatives to passwords despite their continued widespread use. Manually entering a password without any form of additional authentication was the most commonly used authentication method among the use cases followed, including accessing work computers and accounts (37 percent), streaming services (25 percent), social media (26 percent), and smart home devices (17 percent). Consumers enter a password manually about four times every day or around 1,280 times yearly.

According to researchers, Iran-backed hackers spent eight months inside the systems of a Middle East government, stealing emails and files. Symantec attributed the campaign to a group it calls Crambus, but is also known as APT34, OilRig, or MuddyWater. The intrusion lasted from February to September, and although the researchers did not name the targeted country, Crambus had previously been observed in Saudi Arabia, Israel, the United Arab Emirates, Iraq, Jordan, Lebanon, Kuwait, Qatar, Albania, the US, and Turkey.

ExelaStealer, a new information stealer, has joined the field of off-the-shelf malware designed to steal sensitive data from compromised Windows systems. James Slaughter, a researcher at Fortinet FortiGuard Labs, noted that ExelaStealer is a primarily open-source infostealer that offers paid customizations. It is written in Python and supports JavaScript. The infostealer is equipped to steal passwords, Discord tokens, credit cards, cookies, keystrokes, clipboard content, and more. This article continues to discuss findings regarding the ExelaStealer infostealer.