Keyfactor reports that 97 percent of organizations are having difficulties securing their Internet of Things (IoT) and connected products. A survey conducted by Keyfactor also revealed that 98 percent of organizations faced certificate outages in the past 12 months, which cost more than $2.25 million on average. According to the report, 89 percent of organizations operating and using IoT and connected products were victims of cyberattacks, costing an average of $250,000.

According to a warning from the US Department of Health and Human Services' (HHS) Health Sector Cybersecurity Coordination Center (HC3), NoEscape, a triple-extortion ransomware threat group believed to have stemmed from the now defunct Russian-speaking gang Avaddon, is targeting the Healthcare and Public Health (HPH) sector. Since its discovery in May of this year, NoEscape, a Ransomware-as-a-Service (RaaS) group, has targeted various industries.

A new variant of the RomCom backdoor was used against Women Political Leaders (WPL) Summit participants. The conference is focused on gender equality and women in politics. The campaign involved a fake website mimicking the official WPL portal. A Trend Micro report analyzing the new variant warns that its operators, tacked as Void Rabisu, have been using a stealthier backdoor and a new TLS-enforcement technique in the command-and-control (C2) communications to make discovery more difficult.

According to security researchers at Sophos X-Ops' unpatched WS_FTP servers exposed to the internet have become prime targets for ransomware attacks, with threat actors exploiting a critical vulnerability.  The researchers noted that despite Progress Software releasing a patch for the WS_FTP Server vulnerability (tracked CVE-2023-40044) just last month, not all servers have been updated, leaving them vulnerable to exploitation.  The researchers saw an attempted ransomware attack by the self-proclaimed Reichsadler Cybercrime Group.

SpyNote, an Android banking Trojan, has been examined to expose its diverse information-gathering capabilities. According to F-Secure, attack chains involving the spyware typically spread via SMS phishing campaigns and trick potential victims into installing the app by clicking on the embedded link. In addition to requesting invasive permissions to access call records, camera, SMS messages, and external storage, SpyNote hides its presence from the Android home screen and Recents screen in an effort to make detection difficult.

Using X's (formerly known as Twitter) newly implemented verification system, fraudsters are impersonating brands and stealing personal information. The blue checkmark was designated for verified companies and influencers. However, following the acquisition of the microblogging giant and a period of declining users and revenue, Elon Musk changed the rules, allowing anyone to obtain one for a monthly fee. The site's new, lenient approach to authentication has made it easier for scammers to operate.

In the wake of the Israel-Gaza conflict, researchers at Cloudflare have observed threat actors targeting Israeli rocket alerting applications to spread fear and mobile spyware.  The researchers noted that with thousands of rockets launched since Hamas attacked Israel on October 7, individuals in Israel rely on several mobile applications to receive timely alerts about incoming airstrikes and seek safety.  Pro-Palestinian hacktivist group AnonGhost claimed to have targeted various such applications, succeeding in compromising at least one.

Researchers from the University of South Australia have been successful in preventing Man-in-the-Middle (MitM) attacks on autonomous military robots by teaching the robot to detect MitM attacks using an algorithm. They prevented the MitM attack on an autonomous US Army robot. The intrusion detection algorithm trained the robot to identify and thwart such an attack. The algorithm was effective in 99 percent of cases and the false positive rate was less than 2 percent.

The US Environmental Protection Agency (EPA) recently withdrew cybersecurity rules for public water systems due to lawsuits filed by states and non-profit water associations.  The EPA announced in March that it would require states to report on cybersecurity threats in their public water system audits.  Soon after the new cybersecurity requirements were announced, the attorney generals of Missouri, Arkansas, and Iowa took legal action to challenge the EPA’s memo, arguing that meeting the new requirements would put a significant financial burden on small towns.

The European Telecommunications Standards Institute (ETSI) is considering open-sourcing the proprietary encryption algorithms used to secure emergency radio communications in response to the public backlash caused by the discovery of security vulnerabilities this summer. Claire Boyer, a spokesperson for the European standards body, announced that the ETSI Technical Committee responsible for the Terrestrial Trunked Radio (TETRA) algorithms is discussing whether or not to make them public.