Earth Lusca, a threat actor with ties to China, has been observed targeting government organizations with a new Linux backdoor called SprySOCKS. Trend Micro first documented Earth Lusca in January 2022, detailing the adversary's attacks against public and private sector entities in Asia, Australia, Europe, and North America. Since 2021, the group has used spear-phishing and watering hole attacks to execute its cyber espionage schemes. Some of the group's activities overlap with another threat cluster tracked by Recorded Future as RedHotel.

According to the Information Services Group (ISG), companies are actively pursuing practical applications of generative Artificial Intelligence (AI) technology while staying mindful of its risks. Eighty-five percent of companies surveyed by ISG believe investments in generative AI within the next two years are either important or critical. Rather than adopting a "blank slate" strategy, companies are requesting that their service providers apply generative AI to existing services, such as call center operations.

Two Middle Eastern telecommunications organizations were recently compromised by a potentially novel threat actor using two backdoors with new methods for covertly loading malicious shellcode onto a target system. Cisco Talos dubbed the intrusion set "ShroudedSnooper" because it could not link the activity to previously identified groups. ShroudedSnooper uses two backdoors, "HTTPSnoop" and "PipeSnoop," with advanced anti-detection mechanisms, such as masquerading as popular software products and infecting low-level Windows server components.

There is a new approach to combating phishing attacks to improve online security, reduce cybercrime against individuals and businesses, and prevent attacks against governments. Computer security systems are continuously challenged by the emergence of increasingly sophisticated phishing attacks, which may also use social engineering and malware. T.

The UK's Online Safety Bill (OSB) will introduce several new digital regulations and offenses, but uncertainties persist regarding the future of online safety. The government and the technology industry are debating over how to create privacy-by-design (PBD) technologies that protect the privacy of Internet users without compromising public safety or national security.

The Federal Communications Commission (FCC) has proposed a cybersecurity labeling program to protect smart device users. The new initiative encompasses Internet of Things (IoT) devices such as Wi-Fi routers, digital personal assistants, home security cameras, GPS trackers, medical devices, and other Internet-connected appliances. Although the underlying problem is real and devices are often found to lack adequate cybersecurity, many, including one of the FCC's commissioners, consider the proposed solution lightweight. This article continues to discuss the effort to boost IoT security.

Bruno Kahl, the head of Germany's foreign intelligence service, warned that state-sponsored hackers could target the country's Liquefied Natural Gas (LNG) terminals. Due to the Russian invasion of Ukraine in 2022, estimated to have reduced Germany's GDP by 2.5 percent because of its reliance on gas pipelined from Russia, the country chartered three new LNG terminals, with plans for future expansion. However, according to the spy chief, these new LNG landing facilities should be viewed as potential targets for future cyberattacks.

The Microsoft-owned healthcare technology company Nuance has disclosed that the Clop extortion gang stole personal data on major North Carolina hospitals as part of the Progress MOVEit Transfer campaign. Companies use MOVEit Transfer to securely transmit files via SFTP, SCP, and HTTP-based uploads. Microsoft credits the Clop ransomware group, also known as Lace Tempest, with exploiting a zero-day vulnerability in the MOVEit Transfer platform, tracked as CVE-2023-34362.

Social media manipulation is used to spread false narratives, influence democratic processes, and more. However, not everyone with whom you disagree on social media is a bot. Misinformation strategies have continued to evolve. Their detection has been a reactive process, with malicious actors always one step ahead. Alexander Nwala, an assistant professor of data science at William & Mary, seeks to proactively combat these forms of exploitation.

A novel cloud-native cryptojacking operation has targeted Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to mine cryptocurrency. Sysdig has given the malicious cyber activity the codename AMBERSQUID. The AMBERSQUID operation exploited cloud services without triggering the AWS requirement for approval of additional resources, as would have been the case if they had only spammed EC2 instances, according to Alessandro Brucato, a security researcher at Sysdig.