Threat actors have been using fake Facebook job advertisements to trick potential victims into installing a new Windows-based stealer malware called Ov3r_Stealer. According to Trustwave SpiderLabs, this malware steals credentials and cryptocurrency wallets. It then sends them to a Telegram channel monitored by the threat actors. Ov3r_Stealer can gather IP address-based locations, hardware information, passwords, cookies, credit card information, auto-fills, browser extensions, cryptocurrency wallets, Microsoft Office documents, and more.

Cybercriminals have expanded their botnet capabilities with about 3 million malware-infected smart toothbrushes. According to the Swiss newspaper Aargauer Zeitung, remotely controlled toothbrushes were pulled into a Distributed Denial-of-Service (DDoS) attack to access and disrupt a website belonging to a company in Switzerland. The threat actors behind the attack used flaws in the Java programming language to infect the smart toothbrushes. Then they used a single command to direct their requests to the server of interest.

According to the Military Intelligence and Security Service (MIVD) of the Netherlands, a Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices.  It was noted that despite backdooring the hacked systems, the damage from the breach was limited due to network segmentation.  The MIVD stated that the effects of the intrusion were limited because the victim network was segmented from the wider MOD networks.  The victim network had fewer than 50 users.

Microsoft Azure's big-data analytics service, HDInsight, has three high-risk vulnerabilities. Orca Security has released new findings regarding one Denial-of-Service (DoS) vulnerability and two privilege escalation bugs affecting the service. These vulnerabilities invite performance issues, unauthorized administrative access, and all of the associated risks. Attackers could read, write, delete, and conduct any other management operations on an organization's sensitive data.

Commercial Spyware Vendors (CSVs) were behind 80 percent of the zero-day vulnerabilities discovered by Google's Threat Analysis Group (TAG) in 2023 and exploited to spy on devices. Google's TAG has been observing the activities of 40 commercial spyware vendors in order to detect exploitation attempts, protect users of its products, and help protect the larger community by reporting key findings to the proper parties. Google discovered that spyware vendors were behind 35 of the 72 known in-the-wild zero-day exploits affecting its products over the last decade.

Verizon Communications has recently warned that an insider data breach impacts almost half its workforce, exposing sensitive employee information.  A data breach notification shared with the Office of the Maine Attorney General reveals that a Verizon employee gained unauthorized access to a file containing sensitive employee information on September 21, 2023.  Verizon says it discovered the breach on December 12, 2023, nearly three months later, and determined it contained sensitive information of 63,206 employees.

The Linux Foundation has announced the launch of the Post-Quantum Cryptography Alliance (PQCA). This effort brings chip makers, cloud providers, researchers, and developers together to address the cryptographic security challenges raised by quantum computing. The PQCA's founding members include Amazon Web Services (AWS), Cisco, Google, IBM, NVIDIA, QuSecure, the University of Waterloo, and more. The PQCA will participate in different technical projects that support its objectives, including developing software for evaluating, prototyping, and implementing new post-quantum algorithms.

Group-IB researchers have discovered a malicious campaign aimed primarily at job search and retail websites of companies in the Asia-Pacific region. Between November and December 2023, the group called ResumeLooters successfully infected at least 65 websites using SQL injection and XSS attacks. Most victims were in India, Taiwan, Thailand, Vietnam, China, and Australia. The group has stolen several databases containing over 2 million different emails and other sensitive records. ResumeLooters then offered the stolen data for sale on Telegram channels.

Google recently announced a grant of $1 million to the Rust Foundation, meant to help improve the interoperability between Rust and C++ code.  Google joined the Rust Foundation in 2021 for the same reason and has adopted the memory-safe programming language across Android and other Google products due to its benefits for addressing memory safety vulnerabilities.  Based on historical vulnerability density statistics, Google noted that Rust has proactively prevented hundreds of vulnerabilities from impacting the Android ecosystem.

Homeland Justice, an Iran-linked hacking group that has previously targeted Albanian state agencies and businesses, has claimed responsibility for an attack on the country's Institute of Statistics (INSTAT). This institute is responsible for census data and other official statistics. The cyber incident affected INSTAT's official website and email service, forcing the agency to delay official statistics. INSTAT announced that the hackers did not access recent census data because it is stored in other systems dedicated to this purpose.