According to security researchers at Comparitech, ransomware breaches have cost the US economy tens of billions of dollars in downtime alone over the past seven years.  The researchers analyzed data on all known ransomware attacks affecting medical organizations between 2016 and mid-October 2023, looking at specialist IT news, data breach reports, and state reporting tools.  During the time period, there were 539 reported attacks on healthcare organizations, impacting an estimated 9780 separate hospitals, clinics, and other organizations.

Scientists at the University of Sheffield have found that Natural Language Processing (NLP) tools, such as ChatGPT, can be tricked into generating malicious code, which could lead to cyberattacks. The study is said to be the first to demonstrate that NLP models can be used to attack real-world computer systems in various industries. The results show that Artificial Intelligence (AI) language models are vulnerable to simple backdoor attacks, such as planting a Trojan Horse, which could be activated anytime to steal data or disrupt services.

The Cybernews research team discovered two New England BioLabs (NEB) environment (.env) files hosted publicly on September 18. They contained sensitive information, including database credentials, SMTP server login information, enterprise payment processing information, and more. Both files were designated for the production environment, meaning that they were likely used in real-time operations at the Canada branch of the company.

Recent incidents demonstrate that threat actors see opportunities when new technologies are designed with inadequate security. Technology vendors continue to create functionality and features with the intention of improving digital experiences. They are continuously trying to respond to business and consumer demands for better and faster features. However, new technologies are often developed without much consideration for privacy and security.

The City of Philadelphia has recently issued a notice, reporting a recent security breach that could affect the personal data of individuals.  The breach was first detected on May 24, 2023, when suspicious activities were identified within the City’s email system.  To investigate the matter, the City engaged third-party cybersecurity experts, who determined that unauthorized access to certain email accounts occurred between May 26 and July 28, 2023.  On August 22, 2023, the City also discovered these breached email accounts contained protected health information (PHI).

The US Cybersecurity and Infrastructure Security Agency (CISA) awarded $6.8 million through the Cybersecurity Education and Training Assistance Program (CETAP) to CYBER.ORG, a nonprofit cybersecurity workforce development organization. With this funding, CYBER.ORG will continue supporting the educational growth of elementary and secondary-level students. The organization encourages cybersecurity literacy, instruction, and career exploration opportunities to help address the nation's cybersecurity workforce shortage of more than 660,000 professionals.

The Spanish police have arrested 34 alleged cybercriminals accused of various online scams. In the provinces of Madrid, Málaga, Huelva, Alicante, and Murcia, police conducted 16 investigations as part of the operation against the group. It is believed that the alleged cybercriminals performed scams via email, phone, and text. They allegedly perpetrated "son in distress" scams, the manipulation of delivery notes from technology companies, and vishing campaigns pretending to be electrical supply company employees. They are estimated to have gained around $3.2 million from their scams.

The University of Michigan recently confirmed that personal information was accessed in a data breach discovered in August 2023.  The incident involved unauthorized access to the academic institution’s campus computer network and resulted in system disruption and internet outages.  The university’s investigation into the data breach has revealed that the attackers had access to certain systems between August 23 and 27.

The backdoor implanted on Cisco devices by exploiting a couple of zero-day vulnerabilities in the IOS XE software has been modified to evade detection through previous fingerprinting techniques. According to NCC Group's Fox-IT team, network traffic to a compromised device has shown that the threat actor has changed the implant to perform an additional header check. Therefore, the implant remains active for many devices but now only responds if the proper Authorization HTTP header is set.