Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have recently announced that they were breached by a Chinese hacking group called Salt Typhoon.  According to researchers, the purpose of the attack is for intelligence collection, as the hackers might have had access to systems used by the U.S. federal government for court-authorized network wiretapping requests.  According to researchers, "for months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S.

Intel 471 researchers say most cybercriminals may stay with Telegram despite the app becoming less friendly for them. According to Intel 471, several hacker seemed have had plans to switch platforms after Telegram founder Pavel Durov's arrest and pledge to fight illegal activity on the app. Due to its convenience and reach, the researchers believe most cybercriminals who use the app will stay on it.

The Counter Ransomware Initiative (CRI) has released new guidance to encourage organizations to consider other options before giving in to cybercriminals' ransomware demands. The new guidance aims to minimize the impact of a ransomware incident as well as reduce the number and size of ransoms paid by victims. The guidance discourages businesses from paying but acknowledges that there are situations where victims may be pressured to pay. However, the UK government does not condone ransom payments.

Tens of thousands of DrayTek routers, including models used by many businesses and government agencies, are at risk of attack due to 14 newly discovered firmware vulnerabilities. Several flaws could lead to Denial-of-Service (DoS) and Remote Code Execution (RCE) attacks. The other vulnerabilities enable threat actors to carry out data theft, session hijacking, and other malicious activities. This article continues to discuss the vulnerabilities impacting thousands of DrayTek routers.

The North Korean state-sponsored threat actor known as "APT37" is spreading a new backdoor named "VeilShell." Most North Korean Advanced Persistent Threats (APTs) target South Korean or Japanese organizations, but APT37's latest campaign appears to target Cambodia, a country Kim Jong-Un has more complicated relations with. According to Securonix, APT37 has been sending malicious emails in the Khmer language about Cambodian affairs to attract victims.

Claroty surveyed 1,100 cybersecurity professionals responsible for securing Cyber-Physical Systems (CPS), including Operational Technology (OT), Internet of Things (IoT), Building Management Systems (BMS), and more. The survey found that 45 percent of organizations suffered losses of $500,000 or more in the past year, and 27 percent faced losses of $1 million or more.

Security vulnerabilities are a major issue in Artificial Intelligence (AI)-powered code generation. Therefore, Khiem Ton, a Ph.D. student, and his colleagues at the New Jersey Institute of Technology (NJIT) developed "SGCode," a system that uses advanced AI and security analysis tools to detect and fix security flaws during code creation. SGCode includes Large Language Models (LLMs) such as GPT-4, a graph-based Generative Adversarial Network (gGAN), and security analysis tools. The flexible system lets users switch between code security optimization methods.