CyberSecurity Knuggets

Jan 13, 2024

Today, I heard that the US Federal Communications Commission (FCC) is investigating how connected car apps are being used by domestic abusers to target their victims. This is a concerning issue that needs immediate attention to protect potential victims. In addition, there have been reports of Russian hacking group Sandworm being less connected to recent attacks on Danish critical infrastructure than initially believed, as well as vulnerabilities in AI chatbots used by fast food franchises, and Chinese state-sponsored hacking group Volt Typhoon targeting old vulnerabilities in Cisco routers.

Furthermore, there has been a rise in ransomware activity, with the Akira ransomware targeting companies in Finland and the Kansas state court system recovering from a ransomware attack. These incidents highlight the ongoing threat posed by ransomware attacks and the need for enhanced cybersecurity measures to protect organizations. In addition, the US Securities and Exchange Commission (SEC) has been found to have a spotty record regarding cybersecurity, as it has not fully adhered to federal cybersecurity standards. This issue needs immediate attention to ensure the SEC’s cybersecurity posture is improved.

Moreover, a cryptocurrency campaign targeting weak SSH passwords, a ransomware gang called Akira ramping up its operations, and a Python-based hacking tool named FBot targeting web servers, cloud services, and SaaS platforms have also been reported. These developments underscore the ongoing challenges and threats in the cybersecurity landscape that require immediate attention and proactive measures to mitigate the risks.

Stay Well!