A Synology DiskStation Manager (DSM) vulnerability could be exploited to decipher an administrator's password. Claroty's Team82 researchers discovered the vulnerability, tracked as CVE-2023-2729, with a CVSS score of 5.9. They found a weak Random Number Generator (RNG) in Synology's DSM Linux-based operating system running on the Network Attached Storage (NAS) products. The problem is the insecure JavaScript Math.random() function used to generate the administrator password for the NAS device.

A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum.  Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info and genetic predispositions.  The threat actor claims the new stolen data includes genetic information on the royal family, the Rothschilds, and the Rockefellers.  Today, the same hacker released an additional CSV file containing the 23andMe data of 139,172 people living in Germany.

The hacktivist group SiegedSec has claimed to be behind a series of attacks against Israeli infrastructure and Industrial Control Systems (ICS). SecurityScorecard's Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team discovered a list of what the hacking group claims to be its Israeli ICS targets, which the group compiled. An image of the list found by analyzing various dark web groups reveals a series of IP addresses, with the claim of having launched attacks against Israeli infrastructure.

Several Advanced Persistent Threat (APT) groups, including two Russian groups, are conducting campaigns to exploit a known vulnerability in the popular WinRAR archive utility and deliver malware. The attackers are exploiting a vulnerability, tracked as CVE-2023-38831, in multiple versions of WinRAR that can result in arbitrary code execution. The WinRAR team released a patch for the vulnerability in August, but threat actors had been exploiting it since at least April, when researchers were unaware of it.

The Cybersecurity and Infrastructure Security Agency (CISA) works with public safety, national security, and emergency preparedness communities to improve seamless and secure communications in order to maintain the safety, security, and resiliency of the US. Any disruption to communications can have a domino effect on a public safety agency's ability to provide critical lifesaving services.

D-Link has recently launched an investigation after a hacker offered to sell information allegedly stolen from one of its networks and has determined that the claims are exaggerated.  On October 1, a user of the new BreachForums cybercrime website claimed they had breached the internal network of D-Link in Taiwan, which gave them access to a database storing the information of 3 million customers, as well as source code for the D-View network monitoring product.

The insurance giant Lloyd's of London has warned that a major cyberattack against payment systems could cost the global economy $3.5 trillion. Modeled by the insurance marketplace and the Cambridge Centre for Risk Studies, the hypothetical scenario is deemed unlikely. Researchers estimated a 3.3 percent chance of happening. In addition, the British government has researched the probability of a cyberattack on the financial system and determined that a catastrophic incident is unlikely.

According to the FBI, cybercriminals are using spoofed emails and phone numbers to target plastic surgery offices across the US. After gaining access to their networks, the attackers steal data from compromised systems to extort surgeons and patients. Stolen documents may contain highly sensitive information, such as medical records and, in some instances, photos taken for medical purposes. The cybercriminals supplement the stolen data with open-source information, such as social media details, to strengthen their extortion attempts.

Researchers have discovered that cryptojackers are targeting exposed Jupyter Notebooks to install cryptocurrency miners and steal credential files for popular cloud services. Jupyter is a service that enables users to host individual code snippets and lets others execute this code in an isolated environment. According to Matt Muir, Threat Research Lead at Cado Security, a Jupyter Notebook refers to an instance of the Jupyter web application where a user would define the code to be run and how it is presented.

A former US Navy IT manager was recently sentenced to five years and five months in prison for hacking into a database, stealing personally identifiable information (PII), and selling it on the dark web.  The man, Marquis Hooper, 32, of Selma, California, who was a chief petty officer, opened under false pretenses an account at a private company operating a database containing the PII of millions of individuals.