The US Cybersecurity and Infrastructure Security Agency (CISA) has released the latest Secure Tomorrow Series Toolkit, which includes various interactive products designed to teach critical infrastructure stakeholders how to use strategic foresight methods to identify and mitigate emerging risks. After the first iteration of the Secure Tomorrow Series Toolkit was successfully launched in 2022, CISA's National Risk Management Center expanded the Toolkit by adding three new risk topics: Brain-Computer Interfaces (BCIs), synthetic biology, and quantum technologies.

Intel is facing a class-action lawsuit allegedly for the way it handled data-leaking bugs in its CPUs. Five representative plaintiffs allege in a 112-page filing with the San Jose Division of the United States District Court's Northern District of California that the chip giant knew about faulty instructions that enabled issues like the recent "Downfall" bug half a decade before it released any fix. Downfall is a vulnerability, tracked as CVE-2022-40982 with a CVSS score of 6.5, in Intel's sixth to eleventh-generation CPUs.

Hunters International, a new ransomware group, has acquired the source code and infrastructure from the Hive operation. According to Martin Zugec, technical solutions director at Bitdefender, the Hive group's leadership appears to have made the strategic decision to discontinue operations and transfer their remaining assets to this new group. Hive, a once-prolific Ransomware-as-a-Service (RaaS) operation, was shut down in January 2023 as part of a coordinated law enforcement operation.

One of Australia’s biggest port operators is slowly recovering from a “nationally significant” cyber incident that struck late last week, potentially impacting imports and exports for weeks.  DP World Australia was forced to close operations at its Sydney, Melbourne, Brisbane, and Fremantle facilities after the incident struck on Friday.  According to the country’s national cyber security coordinator, Darren Goldie, the port operator has currently begun to restart some operations but cautioned about the longer-term impact.

The BulletProftLink Phishing-as-a-Service (PhaaS) platform, which provided over 300 phishing templates, has been seized, according to the Royal Malaysian Police. The operation started in 2015 but it has been more active since 2018, with thousands of subscribers, some of whom pay for access to batches of credential logs. Through "ready-to-use" kits and templates, page hosting, customization options, credential harvesting, and reverse proxying tools, PhaaS platforms provide cybercriminals with the tools and resources they need to conduct phishing attacks.

The notorious LockBit ransomware group has recently leaked gigabytes of files allegedly stolen from the systems of aerospace giant Boeing.  LockBit recently named Boeing on its leak website, claiming that “a tremendous amount of sensitive data” has been stolen.  However, it later removed the company from its site, saying that negotiations had started.  It has since been readded to the LockBit website, indicating that Boeing might have refused to pay the ransom.  Over 40 gigabytes worth of archive and backup files are available for download.

US mortgage giant Mr. Cooper recently announced that customer data was compromised in an October 31 cyberattack that led to service disruptions.  The company noted that as part of the attack, hackers gained access to certain systems and also prevented them from processing customer payments.  The company has since restored its automated phone systems and website, which enables users to access their accounts but has yet to fully restore its operations.  In a November 12 incident notification update, Mr.

Researchers at the University of Houston are working on improving cybersecurity through Machine Learning (ML). The Department of Defense (DoD) Army Research Office awarded Rakesh Verma and Gopal Pandurangan, computer science professors at the University of Houston College of Natural Sciences and Mathematics, a grant in support of research into ML's ability to thwart cyberattacks. They are exploring deceptive attacks such as phishing performed via emailed job scams. They also plan to use ML techniques to identify areas of code that may contain bugs.

The Ransomed.vc group, which has claimed responsibility for attacks on Sony, a state government website, and a Colonial Pipeline supplier, announced its closure after six of its affiliates were arrested. The ransomware group first appeared in August, pressuring victims with the possibility of European data breach fines if ransoms for stolen data were not paid. However, several companies listed on the group's leak site said they were never hacked. The person behind the gang recently announced their interest in selling the entire operation.

A study conducted by Sharp researchers reveals that many small and medium-sized businesses (SMBs) in the UK are vulnerable to cyberattacks due to unsecured printers. According to an analysis conducted by the company, printer-related security risks are still greatly overlooked by many SMBs, with one-third revealing that they have not implemented security measures to protect them. Nearly one-fifth of companies have experienced a security breach caused by printers.