The State Service of Special Communications and Information Protection of Ukraine (SSSCIP) published its "Russian Cyber Operations (H1 2024)" analysis, which revealed that Russian hackers are using messaging apps to steal personal data from Ukrainian servicemen. The research noted that hackers' capabilities are growing, and cyberspace is indeed a battlefield. Since corporate services are often secure, hackers are utilizing messaging apps such as Signal to steal data. This article continues to discuss key findings from the analysis of Russian cyber operations.

Recent attacks on walkie-talkies and pagers in Lebanon bring further attention to security vulnerabilities in everyday technology. These incidents emphasize the need for people to understand device risks and take precautions in a digital world. Research findings indicate a rise in cyber threats and privacy breaches. The recent attacks in Lebanon have raised new concerns about technology security in an era where Artificial Intelligence (AI) presents significant challenges. This article continues to discuss the Lebanon device attacks and how to avoid such attacks.

Government agencies from the Five Eyes countries released guidance on detecting Active Directory (AD) intrusions. According to the agencies, Microsoft AD, a popular enterprise authentication and authorization solution, is a valuable target for malicious actors. This article continues to discuss the joint guidance for identifying AD compromises.

A National Cybersecurity Alliance (NCA) and CybSafe survey found that over a third of employees who use Artificial Intelligence (AI) for work tasks send sensitive data to AI applications without their employer's knowledge. The "Oh, Behave! 4th Annual Cybersecurity Attitudes and Behaviors Report" included insights from more than 7,000 participants. The report delved into the personal and workplace use of AI, attitudes toward AI usage and AI-generated content, and AI security training. This article continues to discuss key findings from the report regarding AI use and security.

Researcher Simone Margaritelli has detailed an unpatched vulnerability that was expected to pose a significant threat to Linux systems but turned out to be less severe. The unauthenticated Remote Code Execution (RCE) vulnerability said to affect all GNU/Linux systems had been assigned a CVSS score of 9.9, leading the cybersecurity industry to believe it would be a high-impact issue. Margaritelli found zero-day Common UNIX Printing System (CUPS) vulnerabilities that enable remote, unauthenticated attackers to execute code on vulnerable Linux and Unix-like systems.

According to Microsoft, the threat actor "Storm-0501" now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. In 2021, the threat actor became a "Sabbath" ransomware affiliate. They later used "Hive," "BlackCat," "LockBit," and "Hunters International" file-encrypting malware. They recently used "Embargo" ransomware in attacks against US health, government, manufacturing, transportation, and law enforcement organizations. This article continues to discuss Storm-0501's shift in tactics.

The Irish Data Protection Commission fined the US tech company Meta $101.6 million after an investigation that revealed a password security lapse. The watchdog began investigating in 2019 after Meta notified it that some passwords had been inadvertently stored internally in plain text. The passwords were not encrypted, and employees could search for them. This article continues to discuss Meta getting fined over a security lapse involving Facebook passwords.

The US government and global partners want to improve undersea cable infrastructure security and resiliency to protect global communications and data. This includes using cybersecurity best practices to design undersea cable infrastructure in order to reduce hacking risk. The US, UK, Canada, France, the EU, and many other nations endorsed the joint statement, which warned of the national security risks of growing reliance on communication technologies, particularly undersea cables that transmit massive amounts of data.

Business Email Compromise (BEC) attacks have targeted a few North American transportation and logistics companies. An unknown threat actor has weaponized at least 15 company email accounts since May. Proofpoint researchers could not reveal how the threat actor accessed these accounts. The attacker is using the accounts to bury initial access malware in email chains, anticipating that recipients will be distracted by ongoing work conversations. This article continues to discuss the phishing campaign targeting transportation and logistics companies in North America.

A new HTML smuggling campaign targets Russian-speaking users to spread "DCRat" malware, also known as the "DarkCrystal RAT." According to researchers, this is the first time the malware has been deployed this way, instead of through compromised or fake websites or phishing emails with PDF attachments or macro-laced Microsoft Excel documents. This article continues to discuss findings regarding the new HTML smuggling campaign.