The National Security Agency (NSA) and US federal agency partners have issued new guidance regarding deepfakes. This emerging threat may pose a cybersecurity challenge for National Security Systems (NSS), the Department of Defense (DoD), and Defense Industrial Base (DIB) organizations. They issued the Cybersecurity Information Sheet (CSI) "Contextualizing Deepfake Threats to Organizations" to help organizations identify, defend against, and respond to deepfake threats.

Georgia Tech's Cyber Forensics Innovation (CyFI) Lab discovered that Web App Engaged (WAE) malware has increased by 226 percent since 2020. Therefore, the team created a tool that enables cybersecurity incident responders to purge almost 80 percent of discovered WAE malware by teaming up with service providers. Ph.D. student at Georgia Tech Mingxuan Yao noted that web applications have become integral to our online lives, providing services such as content delivery, data storage, and social networking, but these utilities have made web applications attractive for malware creators.

Brief articles on areas of concern or interest in SoS. They are indexed below.

Cyber Scene articles are intended to provide an informative, timely backdrop of events, thinking, and developments that feed into the technological advancement of Science of Security (SoS) collaboration and extend its outreach. They are indexed below.

Brief articles on current cybercriminal activities. They are indexed below.

Air Canada recently announced that the personal information of some employees was accessed in a recent cyberattack.  Canada’s national airline announced that a threat actor obtained limited access to one of its internal systems that contained “limited personal information of some employees and certain records  .”Air Canada noted that the incident did not impact its flight operations systems.  Furthermore, the company says, customer facing systems were not accessed, and no customer information was compromised in the attack.

Atlassian and the Internet Systems Consortium (ISC) have disclosed multiple security vulnerabilities in their products that could be exploited for Denial-of-Service (DoS) and Remote Code Execution (RCE). The four high-severity flaws were addressed in new versions shipped last month. The vulnerabilities include a deserialization flaw in the Google Gson package that affects Patch Management in Jira Service Management Data Center and Server, a DoS flaw in Confluence Data Center, and more.

Researchers have found a multi-step information-stealing campaign in which hackers infiltrate the systems of hotels, booking sites, and travel agencies, and then use their access to take customers' financial data. By using this indirect method and a fake Booking[.]com payment page, cybercriminals have discovered a way to collect credit card information with a significantly higher success rate. This article continues to discuss the hackers' campaign involving the use of a fake Booking[.]com payment page.

According to Coalition, the frequency of cyber insurance claims rose by 12 percent in the first half of 2023. Early in 2023, Coalition discovered that the frequency and severity of business claims increased across all revenue bands. Companies with revenues greater than $100 million experienced the most significant increase (20 percent) in the number of claims, as well as greater losses from attacks. According to Coalition's report, ransomware claims in the first half of 2023 increased by 27 percent from the second half of 2022.

The list of Advanced Persistent Threat (APT) actors against which telecommunications companies must secure their data and networks now includes an additional sophisticated adversary. The new threat called "Sandman" is a group of unknown origin that emerged in August and has been using LuaJIT, a high-performance, just-in-time compiler for the Lua programming language, to deploy a novel backdoor. Researchers at SentinelOne are tracking the backdoor as "LuaDream" after spotting it in attacks against telecommunications companies in the Middle East, Western Europe, and South Asia.