NKAbuse is the first malware to abuse New Kind of Network (NKN) technology for data exchange, which makes it a stealthy threat. According to researchers, NKAbuse is a Go-based multi-platform malware. NKN is a decentralized peer-to-peer (P2P) network protocol that uses blockchain technology to manage resources as well as maintain a secure and transparent model for network operations. This article continues to discuss findings regarding the NKAbuse malware.

Doron Amir, CEO of CyTaka, a cybersecurity awareness and training company, hired a network of offensive cyber hackers worldwide to target disinformation distribution and offensive cyber operations that fund terrorist organizations. While Israeli law prohibits private cyber companies from attacking international cyber systems, Amir says he is using attackers from other countries "operating within legal frameworks." Allowing people to engage in offensive cyber operations, along with proper supervision and accountability, according to Amir, would deter cyberattacks.

ESET researchers analyzed an increasing number of new OilRig downloaders used by the group in multiple campaigns in 2022 to maintain access to targeted Israeli organizations. OilRig is an Advanced Persistent Threat (APT) group believed to be based in Iran. Its operations, including the latest downloaders, are aimed at cyber espionage. Victims have included a healthcare organization, a manufacturing company, and a local government agency. This article continues to discuss the new lightweight downloaders used by the OilRig APT group in attacks against Israeli organizations.

Researchers have discovered 116 malicious packages in the Python Package Index (PyPI) repository. These packages are designed to install a custom backdoor on Windows and Linux systems. According to ESET researchers, in some cases, the final payload is a variant of the W4SP Stealer, or a clipboard monitor that steals cryptocurrency, or both. Since May 2023, the packages have likely been downloaded more than 10,000 times. This article continues to discuss the 116 malicious packages on the PyPI repository designed to infect Windows and Linux systems with a custom backdoor.

Idaho National Laboratory (INL) has recently started notifying 45,000 individuals that their personal information was stolen in a data breach last month.  The incident was identified on November 20 and impacted the Oracle Human Capital Management (HCM) software that INL uses for certain human resources applications.  INL noted that no INL systems nor other "networks or databases used by employees, lab customers or other contractors" were compromised as part of the attack.

A known ransomware group known as Snatch claims to have breached the systems of Kraft Heinz, but the food giant says it's unable to verify the cybercriminals' allegations.  The ransomware group publicly named Kraft Heinz on its website on December 14, but the post appears to have been created on August 16, which indicates that the attack occurred months ago.  Kraft Heinz said it's investigating claims of a cyberattack that occurred several months ago.

A ChatGPT vulnerability, described in a new report by a group of researchers from Google DeepMind, Cornell University, Carnegie Mellon University (CMU), UC Berkeley, ETH Zurich, and the University of Washington, exposes random training data that can be triggered only by telling the chatbot to repeat a specific word forever. According to the researchers, when ChatGPT is made to repeat a word such as "poem" or "part" forever, it will do so for a few hundred repetitions, then it will have a meltdown and begin outputting random text.

A well-known technique for lattice basis reduction has been improved by two researchers, unlocking new avenues for practical cryptography and mathematics experiments. Cryptography is essential for security in our increasingly digital lives. When sending a private message or paying a bill online, algorithms designed to keep this information private are critical. Some people seek to unveil those secrets, so researchers must work to put these systems to the test to ensure they can withstand sophisticated attacks.

The US Senate recently confirmed Harry Coker as the next National Cyber Director serving in the White House’s Office of the National Cyber Director (ONCD).  Coker previously served as executive director of the NSA and held various leadership positions in the CIA.  The role of National Cyber Director was established in 2021 after the massive SolarWinds hack came to light.  The ONCD will advise President Biden on cybersecurity policy and strategy.  

According to Zscaler's ThreatLabz 2023 State of Encrypted Attacks Report, most cyberattacks involve malware being hidden in encrypted web traffic. The spread of cyber threats through encrypted (HTTPS) web traffic is increasing year after year. It increased by 24 percent in 2023 compared to 2022. According to researchers at Zscaler,  this would amount to around 30 billion blocked threats. The report shows that 86 percent of cyberattacks now occur through encrypted channels. Malicious web content, malware payloads, and macro-based malware are all examples of encrypted malware.