The Ransomed.vc group, which has claimed responsibility for attacks on Sony, a state government website, and a Colonial Pipeline supplier, announced its closure after six of its affiliates were arrested. The ransomware group first appeared in August, pressuring victims with the possibility of European data breach fines if ransoms for stolen data were not paid. However, several companies listed on the group's leak site said they were never hacked. The person behind the gang recently announced their interest in selling the entire operation.

A study conducted by Sharp researchers reveals that many small and medium-sized businesses (SMBs) in the UK are vulnerable to cyberattacks due to unsecured printers. According to an analysis conducted by the company, printer-related security risks are still greatly overlooked by many SMBs, with one-third revealing that they have not implemented security measures to protect them. Nearly one-fifth of companies have experienced a security breach caused by printers.

Google, Microsoft, and Meta have established a steering committee dedicated to improving app security through the newly restructured App Defense Alliance. The tech giants plan to broaden the Alliance's scope in order to promote collaborative implementation of industry standards for app security. Google formed the App Defense Alliance in 2019 to ensure the safety of the Google Play Store and the Android app ecosystem. It was primarily concerned with malware detection and prevention. In 2022, the Alliance widened its scope to include app security standards.

Artificial Intelligence (AI) tools have become widely available to businesses, everyday citizens, and cybercriminals. There is a push for responsible AI development, with major players in this realm on a mission to secure their tools from malicious use. However, threat actors are already using the same technology to improve their skill sets. Companies are increasingly incorporating AI into internal workflows and external offerings, creating a new attack vector for hackers.

According to researchers, around 60 million personal and medical records may have been exposed because of the use of a legacy protocol in medical equipment. Aplite researchers analyzed the Digital Imaging and Communications in Medicine (DICOM) protocol, an internationally recognized standard for medical imaging transfers used in most radiology, cardiology imaging, and radiotherapy settings.

Another method for spammers to infiltrate systems is to abuse the quiz results feature of Google Forms. According to Cisco Talos Intelligence Group researchers, the exploit involves using a series of online forms, starting with the quiz template. The researchers discovered this exploit because of excessive queries of a suspicious domain entry as part of the phishing process. Victims will eventually be directed to an elaborate scam website where the destination cryptocurrency scam will take place, using additional forms, text chats, and other mechanisms.

McLaren Health Care (McLaren) is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information.  McLaren is a non-profit healthcare system with an annual revenue of $6.6 billion.  McLaren has an extensive network across Michigan that includes 14 hospitals with a total bed capacity of 2,624 and is supported by a team of 490 physicians.  According to McLaren, it identified a security breach on August 22, 2023.

France and Britain are calling for greater global regulation of commercial surveillance software due to the recent Pegasus and Predator spyware scandals.  In a joint initiative announced at the Peace Forum in the French capital, Paris and London warned against the unregulated development and use of surveillance technology.  It was noted that while the use of such spyware might be legitimate, it only takes “a few lines of code” to allow it to be used with malicious intent.

In October 2023, an Iran-linked group targeted transportation, logistics, and technology sectors in the Middle East, including Israel, as part of an increase in Iranian cyber activity since the start of the Israel-Hamas war. CrowdStrike has attributed the attacks to a threat actor called Imperial Kitten, also known as Crimson Sandstorm, TA456, Tortoiseshell, and Yellow Liderc.

A threat actor has been using Google Ads to distribute a trojanized version of the CPU-Z tool in order to deliver the Redline information-stealing malware. Malwarebytes analysts discovered the new campaign and believe it is part of the same operation that used Notepad++ malvertising to deliver malicious payloads. According to researchers, the malicious Google advertisement for the trojanized CPU-Z is hosted on a cloned copy of the legitimate Windows news site WindowsReport.