The American Radio Relay League (ARRL) has recently been targeted in a cyberattack that resulted in service disruptions and possibly a data breach. The ARRL is the United States’ national association for amateur radio. The ARRL says it has 100 full-time and part-time staff members, and roughly 160,000 members. The ARRL informed members on Thursday, May 16, that it had been in the process of responding to a “serious incident” involving access to its network and headquarter systems.

The Department of Justice (DoJ) recently announced charges, seizures, arrests, and rewards as part of an effort to disrupt a scheme in which North Korean IT workers infiltrated hundreds of companies and earned millions of dollars for North Korea. According to the DoJ, North Korea has dispatched thousands of skilled IT workers around the world. These workers stole the identities of people living in the United States and leveraged them to get jobs at more than 300 companies.

A team of experts, including researchers from Monash University, have developed a method for implementing quantum-safe digital signatures significantly faster, making online transactions quicker and safer. The study developed a much faster way to implement Falcon, a post-quantum digital signature scheme, for Graphic Processing Units (GPUs).

A new paper led by UC Santa Cruz researchers explores two pieces of malware that attempted to cause blackouts in Ukraine. The paper presents the first study of how the "Industroyer One" and "Industroyer Two" malware attacks operated and interacted with physical power system equipment. The Five Eyes intelligence alliance, including Australia, Canada, New Zealand, the UK, and the US, attributed both attacks to Russia's military intelligence agency, the GRU. This article continues to discuss the study of the Industroyer attacks. 

RunZero has highlighted gaps and trends in enterprise infrastructure, including network segmentation decay, attack surface management issues, and increasing dark matter on modern networks.

A Remote Access Trojan (RAT) called "Deuterbear" has been used by the China-linked "BlackTech" hacking group in a cyber espionage campaign targeting the Asia-Pacific region this year. Trend Micro researchers found that Deuterbear supports shellcode plugins, avoids handshakes for the RAT operation, and uses HTTPS for Command-and-Control (C2) communication. This article continues to discuss findings regarding BlackTech and its use of the Deuterbear RAT. 

A team of UC Santa Cruz students found a security flaw impacting Internet-connected laundry machines provided by CSC ServiceWorks. The students found a vulnerability that allows anyone to remotely send commands to CSC ServiceWorks laundry machines and run cycles for free. This article continues to discuss the discovery of a security vulnerability affecting laundry machines from CSC ServiceWorks. 

The Norwegian National Cyber Security Centre (NCSC) recommends replacing Secure Socket Layer Virtual Private Network (SSL VPN)/WebVPN solutions with alternatives as related vulnerabilities in edge network devices repeatedly get exploited to breach corporate networks. Organizations subject to the "Safety Act" or in critical infrastructure should adopt safer alternatives by the end of 2024. SSL VPN/WebVPN users are urged to switch to Internet Protocol Security (IPsec) with Internet Key Exchange (IKEv2).

The US Cybersecurity and Infrastructure Security Agency (CISA) has released "Encrypted Domain Name System (DNS) Implementation Guidance" for federal civilian agencies to meet requirements regarding the encryption of DNS traffic and improve the cybersecurity of their Information Technology (IT) networks. This guide will help agencies implement feasible technical capabilities for agency networks, DNS infrastructure, on-premises endpoints, cloud deployments, and more. This article continues to discuss the new guidance on encrypted DNS implementation.

Palo Alto Networks' 2024 State of Cloud-Native Security report found that security vulnerabilities in Artificial Intelligence (AI)-generated code are the top cloud security concern for 2024. One hundred percent of survey respondents said their organization uses AI to help in coding. The report focused on AI fears, conflicts between developers and security teams, rushed cloud migration, and fragmentation across multiple cloud tools. This article continues to discuss key findings from Palo Alto Networks' 2024 State of Cloud-Native Security report.