University of Bristol cyber-physical security researchers warn that smart farming devices can introduce digital security risks unless they are protected with encryption and other often overlooked security methods. One key takeaway from their paper "The Internet of Insecure Cows - A Security Analysis of Wireless Smart Devices Used for Dairy Farming" is that farmers have no way of knowing which agriculture technology products are secure by design or how effective their security controls may be.

A cyberattack affecting multiple conveyancing firms has disrupted House sales and purchases across the UK.  CTS, a legal sector specialist infrastructure service provider, recently confirmed in a statement that it has experienced a service outage caused by a cyberattack.  The firm said the cyberattack has impacted a portion of the services it delivers to some of its clients.  The firm noted that the outage is believed to have affected up to 200 law firms that use CTS’ services.

Ukraine's defense intelligence directorate claims to have conducted a successful cyber operation against the Russian government's civil aviation agency, Rosaviatsia. Rosaviatsia is in charge of overseeing and ensuring the safety of Russia's civil aviation industry. As a result of the hack, the agency obtained "a large volume of confidential documents," including a list of daily reports from Rosaviatsia. This appears to be the first time the Ukrainian government has accepted responsibility for a cyber operation against a Russian target.

The Municipal Water Authority of Aliquippa (MWAA) was targeted by the Iranian hacker group called Cyber Av3ngers, who took control of one of its booster stations. The attack did not affect the facility's operations, water supply, or drinking water. It is a public utility that provides water service to Aliquippa, Pennsylvania residents and businesses. In order to make sure that its customers have access to clean, safe, and reliable water, the MWAA runs and maintains a network of water mains, pipes, and treatment facilities.

Threat actors are building a Mirai-based Distributed Denial-of-Service (DDoS) botnet called InfectedSlurs by exploiting previously unknown vulnerabilities in certain routers and Network Video Recorder (NVR) devices. If the device manufacturers' default admin credentials have not been changed, the zero-day Remote Code Execution (RCE) vulnerabilities can be exploited. Akamai's Security Intelligence Response Team (SIRT) researchers said they discovered the botnet through their global honeypots. It was found targeting NVR devices from a specific manufacturer.

More discoveries have been made about Telekopye, a malicious Telegram bot used by threat actors to carry out large-scale phishing scams. According to ESET security researcher Radek Jizba, Telekopye can create phishing websites, emails, SMS messages, and more. The threat actors, codenamed "Neanderthals," run the criminal enterprise as a legitimate company. Its hierarchical structure includes members who take on different roles.

A new version of the multi-platform malware called SysJoker has been discovered, complete with a code rewrite in the Rust programming language. SysJoker is a stealthy Windows, Linux, and macOS malware that was first documented and analyzed by Intezer in early 2022. The company found and examined C++ versions at the time. The backdoor had in-memory payload loading, many persistence mechanisms, Living off the land (LOTL) commands, and a complete lack of detection on VirusTotal for all of its OS variants. This article continues to discuss the new version of the SysJoker malware.  

Title insurance giant Fidelity National Financial (FNF) is experiencing service disruptions after it has taken down multiple systems to contain a cyberattack.  The incident was first detected right before Thanksgiving and has impacted “title insurance, escrow and other title-related services, mortgage transaction services, and technology to the real estate and mortgage industries.”  According to the company, its F&G Annuities & Life subsidiary, which provides insurance solutions, was unaffected.

Researchers have discovered a way to compromise three of the most commonly used fingerprint readers in today's PCs. With Microsoft's support, Blackwing Intelligence analysts attempted to circumvent the biometric security provided by a Dell Inspiron 15, a Lenovo ThinkPad T14, and the Microsoft Surface Pro 8/X.

A prolific threat actor was recently spotted on the dark web selling what they claim to be sensitive information stolen from General Electric.  A threat actor, IntelBroker, is selling data stolen from the company on a popular dark web marketplace.  IntelBroker claimed that the data includes a lot of DARPA-related military information, files, SQL files, and documents.  The malicious actor also shared screenshots of some of the data to prove the information was authentic.  IntelBroker has a history of successful high-profile breaches to their name.