The City of Philadelphia has recently issued a notice, reporting a recent security breach that could affect the personal data of individuals.  The breach was first detected on May 24, 2023, when suspicious activities were identified within the City’s email system.  To investigate the matter, the City engaged third-party cybersecurity experts, who determined that unauthorized access to certain email accounts occurred between May 26 and July 28, 2023.  On August 22, 2023, the City also discovered these breached email accounts contained protected health information (PHI).

The US Cybersecurity and Infrastructure Security Agency (CISA) awarded $6.8 million through the Cybersecurity Education and Training Assistance Program (CETAP) to CYBER.ORG, a nonprofit cybersecurity workforce development organization. With this funding, CYBER.ORG will continue supporting the educational growth of elementary and secondary-level students. The organization encourages cybersecurity literacy, instruction, and career exploration opportunities to help address the nation's cybersecurity workforce shortage of more than 660,000 professionals.

The Spanish police have arrested 34 alleged cybercriminals accused of various online scams. In the provinces of Madrid, Málaga, Huelva, Alicante, and Murcia, police conducted 16 investigations as part of the operation against the group. It is believed that the alleged cybercriminals performed scams via email, phone, and text. They allegedly perpetrated "son in distress" scams, the manipulation of delivery notes from technology companies, and vishing campaigns pretending to be electrical supply company employees. They are estimated to have gained around $3.2 million from their scams.

The University of Michigan recently confirmed that personal information was accessed in a data breach discovered in August 2023.  The incident involved unauthorized access to the academic institution’s campus computer network and resulted in system disruption and internet outages.  The university’s investigation into the data breach has revealed that the attackers had access to certain systems between August 23 and 27.

The backdoor implanted on Cisco devices by exploiting a couple of zero-day vulnerabilities in the IOS XE software has been modified to evade detection through previous fingerprinting techniques. According to NCC Group's Fox-IT team, network traffic to a compromised device has shown that the threat actor has changed the implant to perform an additional header check. Therefore, the implant remains active for many devices but now only responds if the proper Authorization HTTP header is set.

According to Tines, growing workloads, shrinking budgets, and a worsening skills shortage are the main factors holding security professionals back from pursuing high-impact work. Nine out of 10 security teams automate at least a portion of their work, and 93 percent of respondents believe that more automation would improve their work-life balance. Sixty-three percent of surveyed security decision-makers and practitioners are experiencing burnout due to constant cyberattacks, internal pressures, and a lack of resources.

Ransomware activity reached unprecedented levels in September, following a relative pause in August that was still well above summer norms. In September, ransomware groups launched 514 attacks, according to data from NCC Group. This exceeds March 2023's total of 459 attacks, which was significantly skewed by Clop's MOVEit Transfer data theft attacks. During the month, Clop exhibited almost no activity, which may indicate that the sophisticated ransomware group is preparing for its next major attack.

The District of Columbia Board of Elections (DCBOE) recently announced that its full voter roll might have been accessed in a recent data breach at a third-party services provider.  The incident was initially disclosed on October 6, when the agency said that a threat actor accessed 600,000 lines of US voter data after breaching DataNet, which provides website hosting services to DCBOE.  In a recent update, DCBOE revealed that the attackers might have accessed the information of all registered voters.