A new QakBot phishing campaign has emerged months after the takedown of the QakBot botnet in the international law enforcement operation dubbed "Operation Duck Hunt." QakBot, also known as QBot, QuackBot, and Pinkslipbot, was one of the most widely used malware loaders in 2023 until an FBI-led takedown in August brought the operation to a halt and freed 700,000 compromised machines from the botnet. Microsoft's Threat Intelligence team discovered a new QakBot phishing campaign that began on December 11, was low in volume, and targeted the hospitality industry.

MongoDB, the database management company, has been breached, with attackers gaining access to some of its corporate systems as well as customer data and metadata. On Wednesday, December 13, 2023, the company detected suspicious activity and immediately activated its incident response process. According to the company, this unauthorized access had been going on for some time before it was discovered. The attackers gained access to corporate systems that contained customer names, phone numbers, email addresses, and other customer account metadata, along with system logs for one customer.

The National Institute of Standards and Technology (NIST) recently released new draft guidance to clarify how organizations can use differential privacy as part of their security infrastructure. Differential privacy is a mathematical algorithm used to quantify how much privacy risk is posed to individuals from a given dataset. According to NIST's guidance, differential privacy can be applied to evaluate an organization's digital privacy posture using a framework that identifies existing factors to potential data security breaches.

On Monday, nearly 70% of Iran’s gas stations went out of service because of a possible cyberattack.  An Iranian news report claimed that a “software problem” caused the irregularity in the gas stations.  It urged people not to rush to the stations that were still operational.  Israeli media, including the Times of Israel, blamed the problem on a cyberattack by a hacker group dubbed “Gonjeshke Darande,” or predatory sparrow.  The Oil Ministry in Iran said more than 30% of gas stations remain in service.  The country has some 33,000 gas stations.

According to the team from Quantum Defen5e (QD5), the secrets of the US and other countries could someday be exposed due to quantum computers. Tilo Kunz, executive vice president of QD5, told Defense Information Systems Agency (DISA) officials that the world could reach "Q-day" as early as 2025, when quantum computers render current encryption methods useless. Machines far more powerful than today's fastest supercomputers would be capable of cracking codes protecting nearly all modern communication.

Dental insurance giant Delta Dental of California is informing more than 6.9 million individuals that their personal information was compromised as a result of the MOVEit hacking incident.  The company noted that the adversaries stole names, addresses, Social Security numbers, passport numbers, state identification numbers (such as driver’s license numbers), financial account details, tax identification numbers, and health insurance and health information.  Cl0p ransomware gang was behind the MOEit hacking incident.

A team of Brigham Young University (BYU) professors have developed a technology that uses hidden JavaScript to detect online identity fraud by measuring the speed and manner with which someone types. The detection system was refined over four observational studies with more than 1,000 participants. It was demonstrated to be 95.5 percent accurate at determining "fraudulent activity" in experimental settings where subjects entered personal information (e.g., names and email addresses) and information belonging to other people on online forms.

Resecurity has discovered a meaningful link between the three major ransomware groups known as BianLian, White Rabbit, and Mario. The groups were found working together in a joint extortion campaign targeting publicly traded financial services companies. Resecurity shared a list of IP addresses associated with the joint attack. Multiple Residential IP Proxies in the APAC region were used in the attack.

Cybersecurity costs could hit 10.5 trillion by the end of the year. Advanced phishing will employ generative AI to make scamming easier and more convincing to potential victims. Scams powered by AI will spawn other scams like automated customer support scams and spreading fake news and deepfake images and videos. The 2024 election will see a big increase in these types of scams. Supply chain attacks will increase with any link in the chain causing wide spread problems to operations and availability of products and service to customers.

According to the software maker Ledger, hackers compromised the code behind a cryptocurrency protocol used by multiple Web3 applications and services. Ledger, a company that makes a popular cryptocurrency hardware and software wallet and other products, announced that a "malicious version" of its Ledger Connect Kit had been distributed. Ledger Connect Kit is a library used by decentralized apps (dApps) made by other companies and projects to connect to the Ledger wallet service. This article continues to discuss details regarding the supply chain attack.