By now, the facts of the recent MOVEit breach are well known (although the victim total keeps climbing), but it never hurts to be reminded that these attacks do not take place in a vacuum and threat actors are more than happy to repeatedly use the same tactics if their targets remain vulnerable. Trustwave SpiderLabs, has tracked and documented these events explaining how threat actors were found to be exploiting three vulnerabilities, including a zero-day, (CVE-2023-34362, CVE-2023-35036.

One of my "pastimes," if you will, is to check out the features of various security tools. I had been curious about Microsoft's Defender for IoT's just-released Firmware Analysis feature. Essentially, I wanted to test its capabilities because, as we all know, adversaries are continuously upping their game making tools like this increasingly important when it comes to maintaining an organization's security.

The UK Government is "committed to helpingreduce vulnerability to attacks and ensure that the UK is the safest place todo business" . One strand of the strategy was an executivebriefing on cyber security to UK businesses – which included a top 10 focusareas for businesses to concentrate on. Within that briefing document, Ian Lovain(The Diretor of GCHQ) put it most frankly, "Value,Revenue and Credibility are at stake. Don't let cyber security become theagenda – put it on the agenda" .

Municipalities are no strangers to cyberattacks, but the introduction and ready availability of malware through ransomware-as-a-service providers has led to an increasing number of attacks against cities and counties. One small sample taken from the past six months revealed that Lowell, Mass., Spartanburg County, S.C. and Suffolk Country, N.Y. were victimized, knocking services offline and causing millions of dollars in recovery costs.

Recently, we’ve seen a noticeable surge in malware cases linked to a malicious payload delivery system known as Gootloader. The group behind this malware is believed to operate a malware-as-a-service operation, exclusively providing a malware delivery service for other threat actors.

Cyberattacks have not only become more frequent, sophisticated, and costly, but they are not about to stop. This means unprepared organizations right now are scrambling to protect their sensitive data and systems and part of this scramble is finding people to staff their open cybersecurity positions. This scenario will become a bit more desperate as forthcoming Australian federal cybersecurity strategy is set to make Australia the most cyber-secure nation in the world by 2030.

The role humans play in cybersecurity generally focuses on how people can be the weakest link in an organization’s defense structure. However, when it comes to securing the healthcare industry, people are still paramount, but for quite different reasons.

As technology continues to evolve, there is a growing concern about the potential for large language models (LLMs), like ChatGPT, to be used for criminal purposes. In this blog we will discuss two such LLM engines that were made available recently on underground forums, WormGPT and FraudGPT. If criminals were to possess their own ChatGPT-like tool, the implications for cybersecurity, social engineering, and overall digital safety could be significant.

ChatGPT continues to lead the news cycle and increase in popularity, with new applications and uses seemingly uncovered each day for this innovative platform. However, as interesting as this solution is, and as many efficiencies as it is already providing to modern businesses, it’s not without its risks.

The role of the CISO is expanding alongside the growing adoption of digital technologies, which has resulted in a faster and more interconnected workforce. The dynamic and evolving nature of cyber threats is posing challenges for security teams in terms of visibility and expertise required to defend against them.