Google is disputing a recent report by a security vendor about a design flaw in Google Workspace that exposes users to data theft and other potential security issues. According to Hunters Security, a flaw in Google Workspace's domain-wide delegation feature allows attackers to steal email from Gmail, exfiltrate data from Google Drive, and perform other unauthorized actions within Google Workspace Application Programming Interfaces (APIs) on all identities in a targeted domain.

On Monday, Ardent Health Services announced that its clinical and financial operations had been disrupted by a ransomware attack discovered on Thanksgiving morning.  The company noted that the incident forced it to take systems offline and suspend user access to IT applications, including corporate servers and internet and clinical programs.  The company stated that while this incident temporarily disrupts certain aspects of Ardent’s clinical and financial operations, patient care continues to be delivered safely and effectively in its hospitals, emergency rooms, and clinics.

According to new data from Truecaller, US consumers were deluged with an estimated two billion spam and scam calls last month.  The company noted that although the October 2023 figures are down from a high of over 2.6 billion spam calls in November 2022, they still represent nearly six nuisance or malicious calls per person per month.  In 2023 to date, the company estimates that Americans have wasted around 195 million hours answering these calls.

A collaboration between the tech startup Tide Foundation and RMIT University is turning groundbreaking research into a cybersecurity capability. Critical infrastructure in Australia, including ports, energy grids, and water supplies, reported 143 cyberattacks in the past year, up from 95 incidents the previous year. Clare O'Neil, Federal Minister for Cybersecurity, recently announced that 168 of the country's critical infrastructure assets would require improved cybersecurity, nearly doubling the 87 assets previously considered systems of national significance.

University of Bristol cyber-physical security researchers warn that smart farming devices can introduce digital security risks unless they are protected with encryption and other often overlooked security methods. One key takeaway from their paper "The Internet of Insecure Cows - A Security Analysis of Wireless Smart Devices Used for Dairy Farming" is that farmers have no way of knowing which agriculture technology products are secure by design or how effective their security controls may be.

A cyberattack affecting multiple conveyancing firms has disrupted House sales and purchases across the UK.  CTS, a legal sector specialist infrastructure service provider, recently confirmed in a statement that it has experienced a service outage caused by a cyberattack.  The firm said the cyberattack has impacted a portion of the services it delivers to some of its clients.  The firm noted that the outage is believed to have affected up to 200 law firms that use CTS’ services.

Ukraine's defense intelligence directorate claims to have conducted a successful cyber operation against the Russian government's civil aviation agency, Rosaviatsia. Rosaviatsia is in charge of overseeing and ensuring the safety of Russia's civil aviation industry. As a result of the hack, the agency obtained "a large volume of confidential documents," including a list of daily reports from Rosaviatsia. This appears to be the first time the Ukrainian government has accepted responsibility for a cyber operation against a Russian target.

The Municipal Water Authority of Aliquippa (MWAA) was targeted by the Iranian hacker group called Cyber Av3ngers, who took control of one of its booster stations. The attack did not affect the facility's operations, water supply, or drinking water. It is a public utility that provides water service to Aliquippa, Pennsylvania residents and businesses. In order to make sure that its customers have access to clean, safe, and reliable water, the MWAA runs and maintains a network of water mains, pipes, and treatment facilities.

Threat actors are building a Mirai-based Distributed Denial-of-Service (DDoS) botnet called InfectedSlurs by exploiting previously unknown vulnerabilities in certain routers and Network Video Recorder (NVR) devices. If the device manufacturers' default admin credentials have not been changed, the zero-day Remote Code Execution (RCE) vulnerabilities can be exploited. Akamai's Security Intelligence Response Team (SIRT) researchers said they discovered the botnet through their global honeypots. It was found targeting NVR devices from a specific manufacturer.

More discoveries have been made about Telekopye, a malicious Telegram bot used by threat actors to carry out large-scale phishing scams. According to ESET security researcher Radek Jizba, Telekopye can create phishing websites, emails, SMS messages, and more. The threat actors, codenamed "Neanderthals," run the criminal enterprise as a legitimate company. Its hierarchical structure includes members who take on different roles.