SAN MATEO, CA, November 4, 2024 — Cybersecurity news weekly roundup. Stories, news, politics, and events that impacted the network security industry last week. Sponsored by NetworkTigers.
Russian hackers sow election misinformation
CISA Chief Jen Easterly has officially named Russian hackers as the source behind a fake video of ballots being ripped up in Pennsylvania that has gone viral online. Another fake video of Haitian immigrants voting in Georgia has undergone forensic analysis by CISA and has been sourced back to Russian hackers. CISA warns that these videos are socially engineered to go viral and spread disinformation to undermine American trust in election cybersecurity. Read more.
Amazon, Facebook, Netflix, and PayPal users targeted
The password manager application LastPass has warned about a hacking effort flagged on the Chrome web store as of October 30, 2024. Customers who use the LastPass Chrome extension are targeted by bulk reviews on the application that direct them to a fake support center, where they are asked to enter their information. LastPass warns that the hacking effort specifically targets customers who have stored information on Amazon, Facebook, Netflix, and PayPal. Read more.
CISA publishes first-ever international cybersecurity plan
The US Cybersecurity and Infrastructure Agency (CISA) has announced its first-ever international strategic plan, designed to boost cooperation between national actors in response to cyber threats. The new plan outlines three main goals to strengthen international integrated cyber defense and specific strategies to report shared threats and systemic risks online. Read more.
AI may make some technical skills obsolete
Cybersecurity membership organization ISC2 has reported that 49% of its members predict generative AI will make specific technical skills obsolete. These include aptitude in cloud computing security and risk assessment. By contrast, soft skills like problem-solving, teamwork, and clear communication are expected to gain value in the coming years. Hiring managers are predicted to prioritize candidates with interpersonal ability over technical skills should AI retain its momentum in the cybersecurity field. Read more.
AHA warns healthcare sector about spear-phishing campaign
The American Hospital Association warns that healthcare organizations should be on the lookout for a massive spear phishing email campaign with malicious remote desktop protocol files attached. If the RDP attachments are opened, the malware may be able to connect and access files stored on the overall network and deploy code to ensure continual access. The threat has been linked to foreign actors. Healthcare providers are encouraged to disable outbound RDP connections and enable MFA for all remote access. Read more.
Department of Homeland Security examines telecom hack
The DHS Cyber Safety Review Board has announced they will investigate the hacking group known as “Salt Typhoon.” The group has allegedly targeted US political leaders and has attempted to infiltrate wiretapping systems used by federal law enforcement agents. The telecommunications hacks by the group have been linked to Chinese cybercrime. Read more.
California court system taken offline by cyberattack
The San Joaquin County Superior Court in California reports that almost all of its digital services have been disabled due to a cybersecurity incident. There is no estimate yet for when systems will be back online. Juror reporting systems, e-filing, credit card processing for court fees, and more were all taken offline due to the hack. No hacking group has taken credit for the intrusion yet, but it bears striking similarities to the ransomware attack that crippled the Los Angeles County Superior Court system just weeks ago. Read more.
Trucking industry grapples with cybersecurity concerns
The National Motor Freight Traffic Association, as part of the Digital Solutions Conference, discusses some of the biggest cybersecurity concerns that the industry faces today. According to panelists, unclear regulations, concentrated risks, and ransomware are among the most pressing concerns in trucking. Fleets also face the risk of “derates,” where a large-scale hack can affect the engine’s operating conditions. Read more.
LightSpy spyware targets iPhones for surveillance
A new and more dangerous version of LightSpy, the modular implant that targets Apple iOS, has been discovered and is believed to be distributed via watering hole attacks. Newly added plugins have been revealed in the spyware that can delete media files, text messages, contacts, browser history, and change WiFi network configuration profiles. The latest form of LightSpy can also send fake push notifications containing poisoned URLs, freeze a device, and prevent it from starting up again. Read more.
Chinese hackers number one cybersecurity threat in Canada
The Canadian Security Intelligence Service has named Chinese hacking efforts to undermine the country’s elections the nation’s top cybersecurity threat today. Hackers allegedly sponsored by the PRC government have been accused of espionage efforts, intellectual property theft, transnational repression, and spreading misinformation throughout Canada, leading to poor relations between the two countries. Read more.
More cybersecurity news
- Last week’s news
- More cybersecurity news
- All articles sponsored by NetworkTigers
