MITRE has announced a new Artificial Intelligence (AI)-incident-sharing project that allows organizations to share intelligence regarding real-world AI-related incidents. The new initiative, developed together with over 15 companies, aims to raise community awareness and understanding of AI-enabled system threats and defenses. The project, launched as part of MITRE's Adversarial Threat Landscape for AI Systems (ATLAS) framework, enables trusted contributors to receive and share protected and anonymized data on incidents involving operational AI-enabled systems.

Due to a cyberattack, American Water, the largest publicly traded US water and wastewater utility company, had to shut down some systems. The company stated that the attack forced it to shut down MyWater, its online customer portal, and pause billing. American Water has more than 6,500 employees, providing water and wastewater services to over 14 million people in 14 states and on 18 military installations. This article continues to discuss the cyberattack faced by American Water and other recent cyberattacks that have targeted the water sector.

Permiso researchers reported that attackers conducted Large Language Model (LLM) hijacking of cloud infrastructure for generative Artificial Intelligence (AI) to run rogue chatbot services. Permiso detailed attacks targeting Amazon Bedrock environments, which support access to foundational LLMs such as Anthropic's Claude. The company set up a honeypot that showed how hijackers used stolen resources to run jailbroken chatbots. Threat actors use Amazon Web Services (AWS) access keys leaked on platforms like GitHub to communicate with Application Programming Interface (API) endpoints.

Assistant Professor and Associate PUR-1 Director Stylianos Chatzidakis and a team of researchers from Purdue University's School of Nuclear Engineering conducted a project titled "Characterizing Nuclear Cybersecurity States Using Artificial Intelligence/Machine Learning." Their final report, now an official US Nuclear Regulatory Commission (NRC) Technical Letter Report, delves into the feasibility of AI/ML technologies in characterizing cyber events within nuclear systems.

The Science and Technology Directorate (S&T), the research and development arm of the Department of Homeland Security (DHS), launches Cybersecurity Awareness Month by highlighting its research, development, testing, and evaluation efforts and partnerships. For example, S&T recently launched the "Multi-cloud Analytic Prototyping and Lab Environment" system for the Cybersecurity and Infrastructure Security Agency (CISA). This testbed offers a secure environment where users can access multiple tools through a single login.

Recently K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September.  Highline Public Schools has over 2,000 staff members and offers programs ranging from early childhood education to college preparation.  Highline's central office remained open, and staff were instructed to report for work.  The district also started investigating the attack's impact and working to restore systems with help from third-party, state, and federal partners.

Universal Music Group (UMG), one of the world’s largest music corporations, has recently disclosed a data breach that occurred in mid-July 2024. According to the company, the breach may have exposed the personal information of 680 US residents. In the filing, UMG said it detected unauthorized activity in one of its internal applications on July 15, prompting an immediate investigation involving third-party cybersecurity experts.

Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have recently announced that they were breached by a Chinese hacking group called Salt Typhoon.  According to researchers, the purpose of the attack is for intelligence collection, as the hackers might have had access to systems used by the U.S. federal government for court-authorized network wiretapping requests.  According to researchers, "for months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S.