Three former Department of Homeland Security (DHS) employees have recently been sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees.  The three individuals are Charles K. Edwards, a former Acting Inspector General of the DHS Office of Inspector General (DHS-OIG), sentenced to 1.5 years in prison; Sonal Patel, a member of the department IT staff, sentenced to 2 years of probation; and Murali Y. Venkata, also from the IT department, sentenced to 4 months in prison.

Schneider Electric, the energy management and automation giant, has been targeted in a Cactus ransomware attack, resulting in data theft. Researchers discovered that the ransomware attack targeted the company's Sustainability Business division. The attack disrupted some of Schneider Electric's Resource Advisor cloud platform, which continues to experience outages today. The ransomware group allegedly stole terabytes of data during the cyberattack and is now extorting the company by threatening to leak the data if the demanded ransom is not paid.

Researchers have discovered Faust, a new variant of the Phobos ransomware family, in the wild. According to Fortinet FortiGuard Labs, the latest variant of the ransomware is spread through an infection that delivers a Microsoft Excel document containing a VBA script. Security researcher Cara Lin says the attackers used the Gitea service to store several Base64-encoded files, each of which contained a malicious binary. These files trigger a file encryption attack when they are injected into a system's memory.

According to Forescout, Operational Technology (OT) is under constant attack, with key protocols facing many persistent attacks. Many of the attacks involve protocols used in industrial automation and power sectors, such as Modbus, Ethernet/IP, Step7, DNP3, and more. Persistence tactics have increased by 50 percent from 3 percent in 2022. Although most observed commands used by threat actors are still aimed at generic Linux systems, there is a noticeable trend of specific commands executed for network operating systems on widely used routers.

Threat actors installed the Pegasus spyware on phones belonging to several journalists in Togo. Pegasus spyware, developed by the Israeli company NSO Group, enables the controller to access and extract information from an exploited mobile device. The spyware can also intercept and transmit messages, emails, media files, passwords, and more without the user's knowledge or interaction. This article continues to discuss the infection of Togolese journalists' mobile devices with the Pegasus spyware.

The Kansas City Area Transportation Authority (KCATA) recently announced it was targeted by a ransomware attack on Tuesday, January 23.  KCATA is a bi-state public transit agency serving seven counties of Missouri and Kansas, operating 78 bus routes and 6 MetroFlex routes using a fleet of 300 buses.  The company reports that 10.5 million people use their services in a year.  The ransomware attack impacted all its communication systems.  KCATA noted that all services are operating, including fixed-route buses and Freedom and Freedom-On-Demand paratransit services.

A Canadian involved in numerous ransomware and other types of cyberattacks against businesses, government entities, and individuals in Canada was recently sentenced to two years in prison.  The man, Matthew Philbert, 33, of Ottawa, Ontario, was arrested by the Ontario Provincial Police in November 2021, following a 23-month investigation, being charged with fraud, computer intrusions, and intent to perform computer intrusions.  In December 2021, the US Department of Justice (DOJ) also announced charges against Philbert.

Researchers at the University of Oxford have developed a new, user-friendly method for hospitals to contribute to developing Artificial Intelligence (AI) models while protecting patient data. The technique builds on recent advancements in decentralized Machine Learning (ML) and uses low-cost pre-programmed microcomputers, making it easy to implement in hospitals and inexpensive to scale. As patient privacy is critical, hospitals are often limited in sharing data to support AI algorithm development. Once the data is shared, it can be difficult to ensure confidentiality.

A Zero-Knowledge Proof (ZKP) is a cryptographic protocol that enables the prover to convince the verifier that a certain claim is true, without disclosing any details about the claim. This type of verification can be highly effective in situations where sensitive data must remain private. ZKPs are becoming more of a standard in blockchain technology as they help maintain transactional privacy and integrity, and demonstrate their potential to establish a more secure and private blockchain landscape.