According to researchers at Cryspen, multiple implementations of the Kyber Key Encapsulation Mechanism (KEM) for quantum-safe encryption are vulnerable to a set of flaws called KyberSlash that enable secret keys to be recovered. CRYSTALS-Kyber is the official implementation of the KEM and a part of the CRYSTALS (Cryptographic Suite for Algebraic Lattices) algorithm suite. It was designed for general encryption and is part of the algorithms selected by the National Institute of Standards and Technology (NIST) to withstand attacks from quantum computers.

The "Anonymous Arabic" threat group released Silver RAT, a Remote Access Trojan (RAT) capable of bypassing security software and silently launching hidden applications. According to the cybersecurity company Cyfirma, the developers maintain an active and sophisticated presence on multiple hacker forums and social media platforms. The actors, who are believed to be of Syrian origin and linked to the development of another RAT known as S500 RAT, also operate a Telegram channel that offers leaked databases, carding activities, and more.

A state-supported cyberespionage group likely affiliated to Turkey has recently been observed targeting numerous public and private entities in the Netherlands for intelligence gathering, Dutch incident response provider Hunt & Hackett reports.  The company noted that over the past year, the advanced persistent threat (APT) actor, tracked as Sea Turtle, Cosmic Wolf, Marbled Dust, Silicon, and Teal Kurma, targeted government, telecommunications, media, and NGO entities, along with ISPs and IT services providers in the country, as part of multiple espionage campaigns.

According to security researchers at blockchain intelligence firm TRM, North Korean hackers stole at least $600m in cryptocurrency in 2023.  The researchers noted that this figure represents a 30% reduction on cryptocurrency stolen by Democratic People's Republic of Korea (DPRK) linked hackers compared to 2022, at $850m.  The researchers did note that if additional crypto heists committed in the final days of 2023 are attributed to DPRK, the total amount stolen last year could rise to as much as $700m.

Orrick, Herrington & Sutcliffe, a law firm that specializes in cyberattacks, recently disclosed that they were affected by a data breach in early 2023 and that more than 600,000 individuals were impacted.  The law firm noted that between February 28 and March 13, 2023, attackers had unauthorized access to a portion of its network, including a file share storing files related to Orrick’s clients.  Orrick said its analysis of the exposed files determined that personal information pertaining to the customers of its clients was compromised in the attack.

A FAMU-FSU College of Engineering researcher is working on improving electric grid cybersecurity. Assistant Professor Olugbenga Moses Anubi's project "Concurrent Learning Cyber-Physical Framework for Resilient Electric Power System" (CyberPREPS) will enable energy transmission systems to continue operating in the wake of cyberattacks. Anubi and his team will develop algorithms for detecting and mitigating the effects of electric grid cyberattacks.

Khalil El-Khatib, a networking and information technology expert in the Ontario Tech University's Institute for Cybersecurity and Resilient Systems (ICRS), recently received new research funding from Canada's National Cybersecurity Consortium (NCC) to explore a trustworthy Artificial Intelligence (AI)-based framework for self-aware drone-based swarm technologies. According to Dr. El-Khatib, the communication between drones in a swarm and the unpredictability of the swarm behavior pose significant risks and unique security issues.

According to Dr. Natalia Stakhanova, a cybersecurity researcher and expert at the University of Saskatchewan (USask), there are two ways to look at Artificial Intelligence (AI) from a security standpoint. She emphasizes that while AI appears to enable more efficient data exploitation, it also has the potential to be used for defense. When people use a social media account to store data, that data is stored on the company's computer systems, which are usually designed to be secure. However, most of these computer systems are vulnerable to clever hacks that could jeopardize data security.

There are tools that can poison data and cause Artificial Intelligence (AI) models to malfunction, but the question is whether using them is a justified response by artists to copyright infringement or a potential cybersecurity threat. In October 2023, researchers at the University of Chicago unveiled "Nightshade," a data poisoning technique designed to disrupt the training process of AI models. Nightshade and similar disruptive tools could be a defense method that content creators can use to combat web scrapers.