About 100,000 Industrial Control Systems (ICSs) were discovered on the public web, leaving them vulnerable to attackers probing for vulnerabilities and at risk of unauthorized access. The affected ICSs are power grids, traffic light systems, and water systems. For critical infrastructure systems, exposed ICSs include sensors, actuators, switches, building management systems, and automatic tank gauges. The cybersecurity company BitSight issued a warning after identifying the threat in multiple industries, impacting many Fortune 1000 companies in 96 countries.

According to Clorox, a  cyberattack that brought the cleaning giant’s business to a near halt in August will cause the company’s sales to tumble between 23% and 28% for the quarter that ended Sept. 30.  The company also warned that it will end up with a loss in the quarter, instead of the nearly $150 million in profit that investors had expected.  The computer intrusion caused the company to take some systems offline, leading to product outages and processing delays.  As a result, the company has struggled to restock its goods.

The Defense Advanced Research Projects Agency (DARPA), the research and development agency of the US Department of Defense (DOD), has awarded a team of computer scientists at Cornell University a $3 million grant in support of using reinforcement learning to make computer networks more robust, dynamic, and secure. The researchers hope that their project titled LANCER (LeArning Network CybERagents) will result in more intelligent and dynamic defenses for cybersecurity professionals in the ongoing cat-and-mouse game between attackers and defenders.

Nation-states are prioritizing seizing control of another nation's satellite infrastructure and destroying or disabling it in today's global cyber cold war. Interrupting a rival nation's satellites halts real-time communications, the situational awareness of military operating units, and navigation. For national security, satellites and space access are critical. By 2030, about 1,700 satellites will be launched annually.

Security professionals and researchers from ESET, Rapid7, the Electronic Frontier Foundation (EFF), and more, have expressed concerns over the European Union (EU) requiring software publishers to disclose unpatched vulnerabilities to government agencies within 24 hours of exploitation.

Earlier this year, security researcher Daniel Milisic discovered that an inexpensive Android TV streaming box called the T95 came infected with malware, and multiple other researchers confirmed his findings. The cybersecurity company Human Security has recently revealed new information regarding the scope of infected devices as well as the hidden, interconnected fraud schemes linked to streaming boxes. Researchers at Human Security discovered seven Android TV boxes and one tablet with the backdoors installed.

Business software maker Atlassian recently called immediate attention to a major security defect in its Confluence Data Center and Server products and warned that the issue has already been exploited as zero-day in the wild.  Atlassian confirmed that “a handful of customers” were hit by exploits targeting a remotely exploitable flaw in Confluence Data Center and Server instances.  The vulnerability tracked as CVE-2023-22515 is described as a remotely exploitable privilege escalation issue affecting on-prem instances of Confluence Server and Confluence Data Center.

According to Menlo Security researchers, threat actors have used an open redirection vulnerability contained by the Indeed job search platform to carry out phishing attacks. The phishing attacks targeted senior executives in banking, finance, insurance, real estate, manufacturing, and other industries. The campaign was observed between July and August, with threat actors using the phishing kit known as EvilProxy. EvilProxy actors use Reverse Proxy and Cookie Injection to circumvent two-factor authentication (2FA).

According to a new report by NCC Group that examines various Artificial Intelligence (AI) cybersecurity use cases, generative AI, particularly ChatGPT, should not be considered a reliable resource for detecting vulnerabilities in developed code without human expert oversight. However, Machine Learning (ML) models show significant promise for helping detect zero-day attacks.

US chip giant Qualcomm recently announced patches for over two dozen product vulnerabilities, including three zero-days reported by Google cybersecurity units.  Qualcomm learned from Google's Threat Analysis Group and Google Project Zero that flaws tracked as CVE-2023-33106, CVE-2023-33107, CVE-2023-33063, and CVE-2022-22071 "may be under limited, targeted exploitation." No information has been shared on the attacks exploiting these vulnerabilities, but the fact that they were reported by Google suggests that they may have been exploited by commercial spyware vendors.