The threat actors behind ShellBot, also known as PerlBot, are using IP addresses transformed into its hexadecimal notation in order to compromise inadequately managed Linux SSH servers and launch the Distributed Denial-of-Service (DDoS) malware. According to the AhnLab Security Emergency Response Center (ASEC), the download URL used by the threat actor to install ShellBot has changed from a standard IP address to a hexadecimal value.

According to the Identity Theft Resource Center (ITRC), there were 2116 reported US data breaches and leaks in the first nine months of 2023, making it the worst year on record with a whole quarter left to go.  The non-profit, which tracks publicly reported breaches in the US, said there were 733 “data compromises” in Q3 2023, a 22% decline from the previous quarter.  However, despite the relative slump, this was enough to drag the total for the year past the previous all-time high of 1862 set in 2021.

Chinese Advanced Persistent Threats (APTs) have been known to be sophisticated, but the ToddyCat group is defying this trend by compromising telecommunications organizations in Central and Southeast Asia with a constantly evolving arsenal of custom but basic backdoors and loaders. ToddyCat was discovered in 2022, but has been active since at least 2020. According to Check Point, it has been involved in Chinese espionage operations. Check Point's researchers say the group stays active by quickly deploying and discarding inexpensive malware used to deliver its payloads.

According to Entelgy, there is potential for human bodies to be hacked because anyone can implant a chip under their skin, and these devices do not typically use secure technologies. Even though biohacking has been discussed for more than a decade, implantable technologies are still considered primitive. Therefore, a potential cyberattack against them should not have significant effects. However, this is not the case with implantable medical devices, where a breach can cause severe harm to a patient's health.

The U.S. Space Force has recently paused using web-based generative artificial intelligence tools like ChatGPT for its workforce over data security concerns.  A recent memo dated September 29 said that the Space Force prohibits personnel from using such AI tools, including large-language models, on government computers until they receive formal approval from the force's Chief Technology and Innovation Office.

A recently announced study will focus on the future challenges associated with autonomous vehicles (AVs) regarding cybersecurity and more. The ASIS Foundation awarded funding to the University of Portsmouth and the University of West London to study AV security and regulations. The project seeks to answer important questions about the effectiveness of existing regulatory frameworks and standards governing the secure and safe expansion of AV use. In addition, it will analyze how these regulations address threats, risks, and opportunities in the security sector.

The Food and Agriculture Risk Modeling (FARM) project, led by Mary Lancaster, a Pacific Northwest National Laboratory (PNNL) epidemiologist and data scientist, and PNNL researchers, is the first exploration of the cybersecurity vulnerabilities of an increasingly smart food and agriculture sector for the Department of Homeland Security (DHS). Advanced technology is the future of agriculture, and there are already numerous examples of technologies controlled by smart devices and computer systems.

Prasad Calyam, cybersecurity professor and director of the Mizzou Center for Cyber Education, Research, and Infrastructure, is leading the project to establish a new cybersecurity approach that better protects classified information and battlefield communications. His team is exploring the design and implementation of zero trust security in relation to military operations.

Microsoft has recently fixed three zero-day vulnerabilities in its latest security update round this month, all of which are being actively exploited in the wild.  October’s Patch Tuesday fixed 104 vulnerabilities, only 12 of which were labeled “Critical.” The first zero-day bug, CVE-2023-41763, is an elevation of privilege vulnerability in Skype, which allows an attacker to send a specially crafted network call to a target Skype for Business server.  The second zero-day is CVE-2023-36563, an information disclosure vulnerability in WordPad that allows disclosure of NTLM hashes.

Threat actors continue to exploit a critical vulnerability in unpatched NetScaler Gateways, inserting malicious scripts into the HTML content of the authentication web page in order to steal user credentials. The vulnerability, tracked as CVE-2023-3519, was reported in July when the Cybersecurity and Infrastructure Security Agency (CISA) added the flaw to its catalog of Known Exploited Vulnerabilities (KEV).