A cyber espionage attack against a government agency in the Middle East involved a novel and sophisticated backdoor malware named Deadglyph. The Deadglyph malware is attributed to the Stealth Falcon Advanced Persistent Threat (APT) group, also known as Project Raven or FruityArmor, a United Arab Emirates (UAE) state-sponsored hacking group. For nearly a decade, the cyber group has been targeting activists, journalists, and dissidents. In a new report released at the LABScon cybersecurity conference, ESET researcher Filip Juracko explains how the new modular malware infects Windows systems.

Although there have been some positive developments, ransomware attacks continue to have a significant impact, according to SpyCloud. Infostealer infections preceded 22 percent of ransomware incidents for North American and European ransomware victim organizations in 2023, with common infostealers such as Raccoon, Vidar, and Redline increasing the likelihood. SpyCloud's analysis reveals that Raccoon infostealer malware was involved in 76 percent of infections preceding ransomware attacks.

In an effort to bolster voting security ahead of the next US Presidential Election, election machine manufacturers are allowing hackers access to their systems. The Election Security Research Forum featured organized penetration testing and bug research for digital scanners, ballot marking devices, and electronic pollbooks, emphasizing the technology that voters may encounter at the polls. The forum also allowed security researchers to interact with system vendors.

The US Cybersecurity and Infrastructure Security Agency (CISA) has published new micro-challenges that are now part of the Cyber Careers Pathway Tool. This interactive tool allows users to explore the 52 work roles in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. CISA's micro-challenges provide an opportunity for K-12 students and individuals looking to reskill or transition from a non-cyber career to gain further insight into the knowledge, skills, and tasks performed in the top cybersecurity workforce roles.

The National Student Clearinghouse, an educational nonprofit that provides reporting, verification, and research services to colleges and universities in North America, has recently revealed that nearly 900 schools are impacted by the MOVEit hack.  The National Student Clearinghouse in late August informed Maine’s attorney general that more than 51,000 individuals were affected by the incident.

The City of Dallas has recently announced that an $8.5 million budget has been approved to support the restoration of its systems following a ransomware attack that happened in May 2023.  The attack was identified on May 3, when the cybercrime gang named Royal started deploying file-encrypting ransomware on multiple systems.  The investigation launched into the matter has revealed that the attackers had access to the city’s network for roughly a month before that.

A team of researchers from the University of Colorado (CU) Boulder is leading a project for 5G wireless security. The National Science Foundation's (NSF) Convergence Accelerator program awarded CU Boulder $5 million for the "GHOST: 5G Hidden Operations through Securing Traffic" project. The work aims to ensure American soldiers, businesses, and non-governmental organizations (NGOs) can use 5G cellular networks in foreign countries without untrusted or potentially malicious network operators being able to extract user information.

According to a new report from New York University (NYU), the immersive Internet experience known as the metaverse will erode users' privacy unless significant measures are taken to improve and regulate how the technology collects and stores personal data. The metaverse relies on Extended Reality (XR) technologies, encompassing Augmented Reality (AR), Virtual Reality (VR), and Mixed Reality (MR).

The US Cybersecurity and Infrastructure Security Agency (CISA) launched the Known Exploited Vulnerabilities (KEV) catalog in November 2021 to provide an authoritative source of vulnerabilities that have been exploited "in the wild." Recently, the catalog has expanded to include over 1,000 vulnerabilities. As part of a vulnerability management program that facilitates prioritization based on organizational attributes, such as how a vulnerable product is being used and the exploitability of the relevant system, every organization should prioritize the mitigation of KEVs.

The APT36 hacking group, also known as Transparent Tribe, has been using at least three YouTube-mimicking Android apps to infect devices with their signature Remote Access Trojan (RAT) called CapraRAT. Once the malware has been installed on a victim's device, it can extract data, record audio and video, and access sensitive communication information, functioning as a spyware tool. APT36 is a Pakistan-aligned threat actor notorious for using malicious Android apps to target Indian defense and government entities, those dealing with Kashmir region affairs, and human rights activists.