A phishing campaign called "Operation FlightNight" involves phishing lures disguised as invitation letters from the Indian Air Force. The malicious campaign has targeted Indian government entities, including agencies for electronic communications, Information Technology (IT) governance, and national defense. The phishing emails carry an ISO file containing malware as well as a shortcut file (LNK) appearing to be the PDF invitation letter. When opened, it executes the hidden malware while displaying a decoy document that was most likely stolen in a previous intrusion and repurposed.

A campaign involving an updated version of "TheMoon" malware has targeted End-of-Life (EoL) small business routers and Internet of Things (IoT) devices through a cybercriminal proxy service called "Faceless." Lumen Technologies' Black Lotus Labs team discovered that TheMoon malware, which first appeared in 2014, was working quietly while growing to over 40,000 bots from 88 countries by January and February this year. Black Lotus Labs first described the malware in 2019 and noted that it is in a new phase.

Hot Topic recently announced that attackers targeted Hot Topic Rewards accounts in automated attacks using login information obtained from an unknown source.  The company said that it determined that unauthorized parties launched automated attacks against its website and mobile application on November 18-19 and November 25, 2023, using valid account credentials (e.g., email addresses and passwords) obtained from an unknown third-party source.

Point32Health, the second-largest health insurer in Massachusetts, has recently revealed that the personal information of more than 2.8 million individuals was stolen in a ransomware attack in April 2023.

The US Department of Energy (DOE) recently announced a $15 million investment in university-based electric power centers to bolster cybersecurity in the energy sector.  The DOE says the funding will go to six universities selected by the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), which will partner with industry stakeholders and the DOE National Laboratories for cybersecurity research and training development.

Sauvik Das, an assistant professor at Carnegie Mellon University's (CMU) Human-Computer Interaction Institute (HCII), and his team of researchers developed a taxonomy of Artificial Intelligence (AI) privacy risks after analyzing 321 documented AI privacy incidents. The team's goal was to document how the unique capabilities and requirements of AI technologies described in those incidents led to new privacy risks, worsened existing ones, or did not significantly alter known risks. This article continues to discuss the study "Deep Fakes, Phrenology, Surveillance, and More!

Researchers at the Department of Energy's (DOE) Oak Ridge National Laboratory have shown that advanced quantum-based cybersecurity can be implemented in a deployed fiber link. Their findings validate an earlier proof-of-principle laboratory experiment conducted by ORNL scientists in 2015. The team used a true local oscillator to transmit a quantum signal for Quantum Key Distribution (QKD), a secure secret key-sharing method. A local oscillator suppresses the effects of noise scattered from other data transmitted in the same fiber-optic network.

Security researchers have discovered a new cyber espionage group linked to Ukraine that has been active since at least January. They named the group "PhantomCore" and named the attackers' remote access malware "PhantomRAT." The hackers used a known vulnerability in the Windows file archiver tool WinRAR to launch attacks on unnamed Russian companies. Tracked as CVE-2023-38831, the bug was previously exploited by state-controlled hackers linked to Russia and China in early 2023 before being patched. This article continues to discuss findings regarding PhantomCore.

Implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) will improve the US Cybersecurity and Infrastructure Security Agency's (CISA ) ability to use cybersecurity incident and ransomware payment information reported to the agency to identify patterns, fill information gaps, quickly release resources to help entities suffering from cyberattacks, and notify others who may be affected. When information about cyber incidents is shared quickly, CISA can use it to help other organizations avoid a similar incident.