Corvus Insurance recently did a study and found that threat actors are switching tactics to compromise their victims with ransomware, with more attacks now exploiting vulnerabilities rather than using phishing emails.  The insurer analyzed claims data from this year to better understand threat actor activity.  The insurer claimed that vulnerability exploitation rose as an initial access method from nearly 0% of ransomware claims in H2 2022 to almost a third in the first half of 2023.

According to new Sophos X-Ops research, ransomware gangs use media coverage of attacks to increase pressure on victims to meet their demands. An analysis conducted by Sophos X-Ops emphasized that ransomware groups and the media now have a closer relationship, suggesting that while hackers have traditionally been secretive, some now see the potential in using their publicity to strengthen extortion techniques.

The Department of Energy's (DOE) Pacific Northwest National Laboratory (PNNL) has established the Center for AI @ PNNL to coordinate the pioneering research of hundreds of scientists working on various projects focusing on science, security, and energy resilience. With the availability of generative Artificial Intelligence (AI), which allows almost anyone to produce sophisticated text and images with just a small amount of data, AI use has surged.

The Gaza Cyber Gang, a pro-Hamas threat actor, is targeting Palestinian entities with an updated version of the Pierogi backdoor. SentinelOne named the malware Pierogi++ because it is written in the C++ programming language, unlike its Delphi- and Pascal-based predecessor. According to security researcher Aleksandar Milenkoski, recent Gaza Cyber Gang activities show constant targeting of Palestinian entities, with no significant changes in dynamics since the start of the Israel-Hamas war.

Dell is urging customers of its PowerProtect products to review a newly released security advisory and patch a series of potentially serious vulnerabilities.  Dell noted that the vulnerabilities impact PowerProtect Data Domain (DD) series appliances, which are designed to help organizations protect, manage, and recover data at scale.  APEX Protect Storage, PowerProtect DD Management Center, PowerProtect DP series appliances, and PowerProtect Data Manager appliances are also affected.

In response to a rise in supply chain cyberattacks over the past five years, the National Security Agency (NSA) has released a Cybersecurity Information Sheet (CSI) titled "Recommendations for Software Bill of Materials (SBOM) Management." This CSI offers guidance to network owners and operators on integrating SBOM use to help protect the cybersecurity supply chain, with some additional guidance for National Security Systems (NSS).

In collaboration with researchers from three other organizations, MITRE has released a draft of a new threat-modeling framework for those who make embedded devices used in critical infrastructure environments. The new EMB3D Threat Model aims to provide device makers with a common understanding of the vulnerabilities in their technologies that are being targeted by attacks, as well as the security mechanisms for addressing those vulnerabilities.

Group-IB warns that a hacking group dubbed GambleForce has been targeting businesses and government agencies in attacks involving exploiting SQL injection flaws. In September, the company discovered and gained access to a command-and-control (C2) server used by the group, which regularly targets gambling companies and other types of organizations.

Microsoft has disrupted Storm-1152, an alleged threat actor group that built Cybercrime-as-a-Service (CaaS) businesses. CaaS is a business model in which adversaries with superior skills create attack tools, such as automated bots, to sell to other fraudsters who may not be technically savvy, thus increasing cybercrime and fraud opportunities. The CaaS model encourages and enables more people to commit fraud at a rate and volume that can overwhelm even the most experienced internal Security Operation Center (SOC) teams.