The UK signed the first binding international treaty regarding Artificial Intelligence (AI) ethics. Lord Chancellor Shabana Mahmood signed the "Council of Europe AI Convention" on September 5, 2024. It is an international agreement to promote implementing AI safeguards against impacts on human rights, democracy, and the rule of law. The "Council of Europe Framework Convention on Artificial Intelligence and Human Rights, Democracy, and the Rule of Law" was adopted by all 46 Council of Europe member states in May.

The US Department of Justice (DoJ) has announced the seizure of 32 Internet domains used in a pro-Russian propaganda operation named "Doppelganger." Doppelganger used various methods to drive viewership to the cybersquatted media domains, including the deployment of "influencers," paid social media ads, the creation of social media profiles posing as US or other non-Russian citizens, and posting comments on social media platforms with links to the domains in order to redirect viewers. This article continues to discuss the seizure of pro-Russian propaganda domains by the US.

Two Nigerian nationals were recently sentenced to prison in the US for operating a business email compromise (BEC) scheme.  According to the Department of Justice (DoJ), one of the individuals, Ebuka Raphael Umeti, 35, was sentenced on August 27 to 10 years in prison.  His co-defendant, Franklin Ifeanyichukwu Okwonna, 34, was sentenced on September 3 to five years and three months in prison.  Each defendant was ordered to pay roughly $5 million in restitution.

Multiple threat groups have targeted organizations worldwide through the exploitation of two old vulnerabilities in a DrayTek product. Tenable researchers discovered two flaws in DrayTek VigorConnect, a management software for DrayTek network equipment, in 2021, which the US Cybersecurity and Infrastructure Security Agency (CISA) has now added to its Known Exploited Vulnerabilities (KEV) catalog. The exploited flaws are path traversal issues that enable an unauthenticated attacker to download arbitrary files with root privileges from the underlying operating system.

Security researchers discovered a new distribution mechanism for the "Lumma Stealer" infostealer malware. The mechanism is a "checker" tool used by hackers to validate stolen credentials. According to Veriti, the checker software was distributed by a user named "Bilalkhanicom" on a popular hacking forum, targeting other cybercriminals. Verity says the checker tool promoted by Bilalkhanicom promised to let fellow cybercriminals validate OnlyFans logins, check account balances, verify if payment methods were attached, and determine if accounts had creator privileges.

Semiconductor supplier Microchip Technology recently confirmed that personal information and other types of data were stolen from its systems during a recent ransomware attack.  The company disclosed the incident on August 20.  Roughly a week later, the Play ransomware gang claimed responsibility for the assault, adding Microchip to its Tor-based website.  The cybercriminals said they were able to siphon personal information, employee IDs, and various business and financial documents.

Cisco recently announced patches for multiple vulnerabilities, including two critical-severity flaws in Smart Licensing Utility and a medium-severity Identity Services Engine flaw for which proof-of-concept (PoC) code exists.  According to Cisco, the Smart Licensing Utility bugs, tracked as CVE-2024-20439 and CVE-2024-20440 (CVSS score of 9.8), could allow remote, unauthenticated attackers to access sensitive information or log in as administrators.

A new supply chain attack technique named "Revival Hijack" by the software supply chain security company JFrog has been used in the wild to infiltrate downstream organizations. The method could be used to hijack 22,000 existing Python Package Index (PyPI) packages, potentially resulting in "hundreds of thousands" of malicious downloads. It involves hijacking PyPI software packages by manipulating the option to re-register them once the original owner has removed them from the repository. This article continues to discuss the new Revival Hijack supply chain attack technique.