The Science and Technology Directorate (S&T), the research and development arm of the Department of Homeland Security (DHS), launches Cybersecurity Awareness Month by highlighting its research, development, testing, and evaluation efforts and partnerships. For example, S&T recently launched the "Multi-cloud Analytic Prototyping and Lab Environment" system for the Cybersecurity and Infrastructure Security Agency (CISA). This testbed offers a secure environment where users can access multiple tools through a single login.

Recently K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September.  Highline Public Schools has over 2,000 staff members and offers programs ranging from early childhood education to college preparation.  Highline's central office remained open, and staff were instructed to report for work.  The district also started investigating the attack's impact and working to restore systems with help from third-party, state, and federal partners.

Universal Music Group (UMG), one of the world’s largest music corporations, has recently disclosed a data breach that occurred in mid-July 2024. According to the company, the breach may have exposed the personal information of 680 US residents. In the filing, UMG said it detected unauthorized activity in one of its internal applications on July 15, prompting an immediate investigation involving third-party cybersecurity experts.

Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have recently announced that they were breached by a Chinese hacking group called Salt Typhoon.  According to researchers, the purpose of the attack is for intelligence collection, as the hackers might have had access to systems used by the U.S. federal government for court-authorized network wiretapping requests.  According to researchers, "for months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S.

Intel 471 researchers say most cybercriminals may stay with Telegram despite the app becoming less friendly for them. According to Intel 471, several hacker seemed have had plans to switch platforms after Telegram founder Pavel Durov's arrest and pledge to fight illegal activity on the app. Due to its convenience and reach, the researchers believe most cybercriminals who use the app will stay on it.

The Counter Ransomware Initiative (CRI) has released new guidance to encourage organizations to consider other options before giving in to cybercriminals' ransomware demands. The new guidance aims to minimize the impact of a ransomware incident as well as reduce the number and size of ransoms paid by victims. The guidance discourages businesses from paying but acknowledges that there are situations where victims may be pressured to pay. However, the UK government does not condone ransom payments.

Tens of thousands of DrayTek routers, including models used by many businesses and government agencies, are at risk of attack due to 14 newly discovered firmware vulnerabilities. Several flaws could lead to Denial-of-Service (DoS) and Remote Code Execution (RCE) attacks. The other vulnerabilities enable threat actors to carry out data theft, session hijacking, and other malicious activities. This article continues to discuss the vulnerabilities impacting thousands of DrayTek routers.