According to Tines, growing workloads, shrinking budgets, and a worsening skills shortage are the main factors holding security professionals back from pursuing high-impact work. Nine out of 10 security teams automate at least a portion of their work, and 93 percent of respondents believe that more automation would improve their work-life balance. Sixty-three percent of surveyed security decision-makers and practitioners are experiencing burnout due to constant cyberattacks, internal pressures, and a lack of resources.

Ransomware activity reached unprecedented levels in September, following a relative pause in August that was still well above summer norms. In September, ransomware groups launched 514 attacks, according to data from NCC Group. This exceeds March 2023's total of 459 attacks, which was significantly skewed by Clop's MOVEit Transfer data theft attacks. During the month, Clop exhibited almost no activity, which may indicate that the sophisticated ransomware group is preparing for its next major attack.

The District of Columbia Board of Elections (DCBOE) recently announced that its full voter roll might have been accessed in a recent data breach at a third-party services provider.  The incident was initially disclosed on October 6, when the agency said that a threat actor accessed 600,000 lines of US voter data after breaching DataNet, which provides website hosting services to DCBOE.  In a recent update, DCBOE revealed that the attackers might have accessed the information of all registered voters.

Vulnerabilities in the implementation of the Open Authorization (OAuth) standard across three major online services may have exposed users to credential theft, financial fraud, and other cybercriminal activities. Researchers from Salt Labs discovered critical Application Programming Interface (API) misconfigurations on the websites of several online companies, including Grammarly, Vidio, and Bukalapak, which leads them to believe that dozens of other websites are likely compromised in the same way.

According to security researchers at IBM, generative AI tools can save phishing actors 16 hours of work designing a scam email but still can’t match a human.  The researchers noted that with only five simple prompts, they were able to trick a generative AI model to develop highly convincing phishing emails in just 5 minutes.  Among the prompts were the top areas of concern for employees working in specific industries; social engineering and marketing techniques that should be used; and the people/company that should be impersonated.

Muaho Chen, a new assistant professor in the Department of Computer Science at the University of California, Davis, will study jailbreaking attacks and other security problems associated with Large Language Models (LLMs) such as ChatGPT. As the development of LLMs and intelligent applications rises, Chen emphasizes that it is crucial to understand how LLM attacks can occur, as well as other dangerous behaviors such as generating hate speech. As their use increases, so does the sensitivity of shared information.

The National Security Agency (NSA)'s Cybersecurity Collaboration Center (CCC) has posted the latest installment of its Cybersecurity Speaker Series, which focuses on the D3FEND cybersecurity framework. Bailey Bickley, Chief of DIB Defense at the CCC, sat down with Eric Chudow, NSA's Technical Advisor for Cybersecurity Publications, and Peter Kaloroumakis, MITRE's D3FEND Lead, to discuss the development, release, and adoption of D3FEND and how it can be used as a reference for architecting, designing, and defending networks.

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new resource guide titled "Empowering Small and Medium-Sized Businesses (SMB): A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan." It aims to help Information and Communications Technology (ICT) SMBs develop and tailor a Supply Chain Risk Management (SCRM) plan that meets their business needs. In regard to the costs and complexity of SCRM, SMBs oftentimes lack the dedicated risk management and SCRM knowledge necessary to mitigate the risk of supply chain disruption.

The US Securities and Exchange Commission (SEC) has recently adopted rules requiring public companies to disclose cybersecurity incidents within four business days. After determining that an incident is material, the company has four business days to disclose it using the new Form 8-K Item 1.05. According to an SEC press release, the company must describe the material parts of the nature, timing, and scope of the incident, as well as its effects. The impact of the rules on companies, their management, boards of directors, and cybersecurity are of much discussion.