Emergence of ‘InfectedSlurs’ Botnet

A new variant of Mirai malware, named ‘InfectedSlurs’, has been identified exploiting undisclosed zero-day vulnerabilities in routers and video recorders. Detected by Akamai in late October 2023, this botnet is capable of launching distributed denial-of-service (DDoS) attacks for profit. The manufacturers of the affected devices have not yet issued patches, raising alarms about the botnet's potential reach.

North Korean Cyber Operations Targeting Developers

North Korean hackers have initiated two cyber campaigns focused on infiltrating organizations globally, particularly in the U.S., by posing as job seekers and recruiters. Palo Alto Networks’ Unit 42 has labeled these campaigns as Contagious Interview and Wagemole. They utilize fake job interviews to spread malware and gain unauthorized access, employing cross-platform threats like BeaverTail and InvisibleFerret.

Biometric System Vulnerabilities in Laptops

Researchers from Blackwing Intelligence have revealed critical flaws in fingerprint sensors from companies such as Goodix, Synaptics, and ELAN. These vulnerabilities can undermine Windows Hello security measures, allowing unauthorized access to devices like the Dell Inspiron 15 and Lenovo ThinkPad T14. Experts suggest that manufacturers implement Secure Device Connection Protocol (SDCP) and conduct comprehensive audits of their sensors.

CyberLink Targeted by North Korean Hackers

Microsoft has reported that the Diamond Sleet group from North Korea has executed a supply chain attack on CyberLink, a Taiwanese software firm. The attackers modified a legitimate software installer with malicious code signed using a valid certificate from CyberLink. This compromised installer has been found on over 100 devices worldwide, with subsequent payloads interacting with previously targeted infrastructure.

CISA Urges Immediate Action on ‘Looney Tunables’ Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has called for U.S. federal agencies to address a critical vulnerability known as “Looney Tunables” (CVE-2023–4911) by December 12. This flaw allows buffer overflow attacks, posing a risk to numerous Linux distributions and threatening cloud systems and containers.

Blender Experiences DDoS Attacks

The well-known 3D design platform Blender is facing ongoing DDoS attacks that began over the weekend, significantly disrupting its services. The attacks have overloaded their servers, complicating legitimate access. As a precaution, the team has migrated their website to CloudFlare, though users are advised to avoid downloading Blender from unofficial sources due to potential malware risks.

Data Breach at Ikea Israel

Cybercriminal group Cyber Toufan has claimed responsibility for a data breach at Ikea Israel, alleging possession of personal data for over 400,000 users. Their announcement on the dark web cites motivations related to the ongoing Israel-Hamas conflict, with claims of stolen names, contact numbers, hashed passwords, and email addresses.

Nassau Bay Ransomware Attack

Nassau Bay, a city in Texas, confirmed it was targeted by a ransomware attack affecting over 8,000 residents. The attack, which occurred on May 23, 2023, led to unauthorized access to sensitive files, though city officials report no evidence of identity theft or financial fraud.

Tri Counties Bank Data Breach

Tri Counties Bank has experienced a data breach affecting personal and financial information of customers and employees. The breach, first reported in February, impacted 74,385 individuals, with details such as names, Social Security numbers, and financial account information compromised.

Ingo Money Ransomware Incident

Ingo Money, a prominent instant payment service, has been impacted by a ransomware attack, with the attackers publicly sharing details on the dark web. Although specific details about the accessed data have not been disclosed, Ingo Money, which serves major corporations like Geico and PayPal, has over one million downloads on Google Play Store.

U.S. Navy Reveals Cybersecurity Strategy

The U.S. Navy has announced its comprehensive cybersecurity strategy, which focuses on enhancing its cyber capabilities and cooperating with allied forces. Navy Secretary Carlos Del Toro outlined seven key initiatives, such as securing critical infrastructure and defending networks, aiming to bolster warfighting excellence in cyberspace.

UK’s Privacy Regulator Issues Warning

The UK Information Commissioner's Office (ICO) has warned website operators about the need to comply with advertising cookie regulations, threatening enforcement actions for non-compliance. The ICO stresses the importance of giving users clear options to accept or reject cookies, emphasizing privacy rights.

Australia Launches $3.857 Billion Cybercrime Initiative

The Australian government has unveiled a $3.857 billion strategy to combat cybercrime, mandating ransomware reporting and bolstering law enforcement capabilities. Critics argue that this initiative is inadequate in light of previous cyber incidents and call for more immediate action.

Europe Prepares for Cybersecure Elections

European authorities are ramping up efforts to secure upcoming parliamentary elections against cyber threats and misinformation. An exercise with electoral and cybersecurity agencies assessed risk management and response strategies, focusing on potential disinformation tactics such as deepfake technology.

MOVEit Hack Affects Thousands

Emsisoft reports that the MOVEit file transfer service hack, attributed to the Clop ransomware group, has impacted 2,620 organizations and 77.2 million individuals since May. The U.S. has been the most affected country, with the education sector suffering the highest number of breaches.