Hello Cybersecuriters! 🍩

Let's dive into this week’s cybersecurity highlights. If you would like to be a sponsor, then do reach out to us on [email protected]

Citrix issued an alert regarding a critical vulnerability, CVE-2023-3519, affecting all NetScaler (Citrix ADC) & Gateway systems. There are no patches available for NetScaler version 12.1 or older due to their End-of-Life status, so users are advised to update to the latest 13.0 or 13.1 version. The flaw allows unauthenticated attackers to perform remote code execution, enabling them to take over machines with root privileges. The threat is escalating, with more attacked systems being reported, and exploits are already available for purchase on the dark web.

Microsoft made headlines as it logged a significant increase in hacking activity originating from China. The tech giant observed a surge in cyberattacks on its cloud services, leading to concerns about state-sponsored cybercrime from China. The situation raised alarm bells and highlighted the ongoing threat posed by nation-states in cyberspace.

The National Crime Agency (NCA) issued a warning about the growing menace of nation-state cybercrime. In a comprehensive report, the NCA highlighted the evolving tactics used by state-sponsored actors and the substantial impact these attacks can have on critical infrastructure, businesses, and governments. The report underscored the need for constant vigilance and strengthened cybersecurity measures.

OpenAI, a prominent artificial intelligence research lab, faced a security breach as thousands of its credentials were stolen and offered for sale on the dark web. The incident brought to light the heightened risks posed by cybercriminals targeting cutting-edge technology companies and the importance of robust cybersecurity practices to safeguard sensitive information.

The Dutch government took a decisive step to protect its officials and sensitive information by banning the use of Chinese apps. Citing security risks, the ban aimed to mitigate potential threats posed by foreign state-sponsored surveillance and data breaches. The move emphasized the growing concerns over privacy and security in the digital age, particularly with regard to apps originating from countries with questionable data practices.

Adding to the week's cyber drama, hackers claiming to be associated with the highly anticipated video game "GTA 6" were accused of targeting several high-profile companies.

💻 Malware and Vulnerabilities

• Dutch government has put a ban on two more Chinese apps, AliExpress and WeChat, on officials’ work phones due to national security and protection of sensitive information

• A new ransomware-as-a-service (RaaS) called SophosEncrypt has appeared, destroying the reputable name of cybersecurity company Sophos.

• Adobe issued another ColdFusion update to fix three new CVEs. One of them, CVE-2023-38205, is the bypass for CVE-2023-29298. The software giant warned in its advisory that CVE-2023-38205 has been exploited in the wild in limited attacks.

📈 Breaches and Incidents

• Tampa General Hospital Says Hackers Exfiltrated the Data of 1.2 Million Patients. A security breach was detected on May 31, 2023, when suspicious activity was identified within its network.

• For the past decade, millions of emails destined for .mil US military addresses were actually directed at .ml addresses, that being the top-level domain for the African nation of Mali, it's claimed.

• Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform

🚨 Threat Intel & Info Sharing

• Microsoft Bows to Pressure to Free Up Cloud Security Logs. Facing intense pressure after Chinese APT hack, Microsoft plans to expand logging defaults for lower-tier M365 customers.

• A Romanian threat group tracked as Diicot has reemerged in the threat landscape. The group appears to have been active since 2020 and is known for conducting cryptojacking campaigns and developing Malware-as-a-Service (MaaS).

📊 Trends, Reports, Analysis ​

• Threat actors are showing an increased interest in generative artificial intelligence tools, with hundreds of thousands of OpenAI credentials for sale on the dark web and access to a malicious alternative for ChatGPT.

⚖️ Laws, Policy, Regulations

• White House unveils consumer labeling program to strengthen IoT security. The voluntary program is designed to protect millions of consumers and remote workers amid increased threat activity against smart home and IoT devices.

😊 Picture of the week

We hope you enjoyed your weekly digest! ☕🥮If you want to sponsor our next edition or advertise on our site, drop us an email [email protected].

If you liked our content, and be a part of our Cybersecurity journey, then you can get updates on our The Cybersecurity Club site, and why not consider joining our Discord Community or our LinkedIn Group.

Thank you for being a part of our newsletter community. Stay informed, stay inspired, and stay connected. Until next time!