A cybersecurity program at Boise State University in Idaho called the Cyberdome is extending its services to rural schools and governments. The program aims to help address technology workforce challenges by training the next generation of cyber professionals. It is a partnership with Steller Cyber's Open XDR platform, a threat detection software powered by Artificial Intelligence (AI).

According to a PwC survey, as cybersecurity threats increase, organizations are eager to use Artificial Intelligence (AI) for revenue growth and productivity efforts. However, threat actors are scaling up generative AI-powered attacks. Almost three-quarters of organizations plan to use generative AI for cybersecurity defense within the next year. At the same time, most respondents (52 percent) believe that generative AI will contribute to "catastrophic cyberattacks" within the next 12 months.

BastionZero's OpenPubkey is a new cryptographic protocol designed to strengthen the open-source software (OSS) ecosystem. It is now a Linux Foundation open-source project. Additionally, Docker is integrating OpenPubkey for container signing. This cryptographic technology aims to provide increased security via zero-trust passwordless authentication. OpenPubkey provides this authentication by making a client-side modification to OpenID Connect, which is an OAuth 2.0 framework-based authentication protocol.

The US Department of Homeland Security (DHS) Science and Technology Directorate (S&T) aims to ensure the nation's cybersecurity in several ways, including through collaborative efforts to support and advance the mission of the Cybersecurity and Infrastructure Security Agency (CISA), the development of tools to identify potential vulnerabilities in the nation's critical infrastructure systems and networks, and the implementation of solutions to improve cybersecurity-related risk analysis processes and assessment.

According to Microsoft researchers, human-operated ransomware attacks have increased by more than 200 percent since September 2022, signaling a shift in the cybercrime underground. Unlike automated attacks launched through malicious phishing documents, human-operated attacks typically involve actively exploiting Remote Monitoring and Management (RMM) tools that enable hackers to leave behind less evidence. Microsoft warned that the increase in these types of incidents could indicate a rise in ransomware hackers working for multiple gangs to maximize their profits.

Cl0p, the Russia-linked ransomware group, added another US-based company to its MOVEit Transfer attack victims list. Flagstar Bank notified affected individuals that attackers accessed their data via Fiserv, a company the bank uses for payment processing and mobile banking. The unauthorized activity in the MOVEit Transfer environment occurred between May 27 and May 31, 2023, before the public disclosure of this vulnerability. During this time, unauthorized actors accessed vendor files transferred via MOVEit, which included Flagstar Bank and related institution customer information.

Hackers engaged in cyber espionage have used Taiwan Semiconductor Manufacturing Company (TSMC)-themed lures to infect Chinese-speaking semiconductor companies with Cobalt Strike beacons. With an annual revenue of $73.5 billion and more than 73,000 employees globally, TSMC is the world's largest semiconductor contract manufacturing and design company.

$7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group attributed to the theft of about $900 million between July 2022 and July 2023. According to the blockchain analytics company Elliptic, cryptocurrency crime is shifting to chain- or asset-hopping typologies as mixers continue to face seizures and sanctions scrutiny.

The US cybersecurity agency CISA and the NSA have recently issued new guidance on addressing the most common cybersecurity misconfigurations in large organizations.  CISA and NSA noted that misconfigurations impact many organizations, including those that have achieved a mature security posture.  CISA and NSA argued that these misconfigurations illustrate a trend of systemic weaknesses and underline the importance of adopting secure-by-design principles during the software development process.

In August, Group-IB found GoldDigger, an Android Trojan, targeting over 50 financial organizations in Vietnam. Since June, when Group-IB's intelligence unit discovered more than ten fake websites spoofing Google Play Store pages, the Trojan has been active. GoldDigger aims to steal banking credentials. It uses the Accessibility Service to steal personal information and intercept SMS messages when installed and activated. The malware avoids detection by masquerading as a fake Android app, spoofing a Vietnamese government portal and an energy company in at least two variants.