Cyber News

Russian Spies Brute Force Senior Microsoft Staff Accounts and More in This Week's Cyber News

With cyber threats constantly on the rise, staying informed about the latest news and developments in the field is essential for maintaining digital safety. Because of this, cybersecurity remains a critical concern for organisations, governments, and individuals. In this blog post, we will explore the top cybersecurity news stories from this week, shedding light on significant events, and noteworthy security incidents.

This week’s top stories include news of a ‘mega breach’, cyberattacks on Wall Street firms and UK critical infrastructure, and news that the UK government is urging organisations to bolster their security measures.

Reports Suggest That 26bn Compromised Records Have Been Release, But Is It All That It Seems?

Earlier this week, CyberNews reported that a ‘supermassive leak’ had led to the compromise of 12 terabytes of information spanning over 26 billion records. This, of course, seems huge. However, it’s not quite all it seems.

This data is actually a ‘greatest hits’ of previously published information, containing data from numerous previous breaches. These records have been compiled and reindexed, but they’re not ‘new’. 

North Korea’s ScarCruft APT group targets infosec pros

New analysis confirms what we’ve long suspected: Cybersecurity pros are prime targets for hackers. This week, it has been reported that a North Korea-affiliated APT group, ScarCruft, has been trying to gather information about the cybersecurity community by targeting researchers and threat analysts.

Russian Spies Brute Force Senior Microsoft Staff Accounts

Russian state hackers managed to compromise the email accounts of some of Microsoft’s senior leadership team, using basic brute-force techniques, the tech giant has admitted.

Microsoft revealed on Friday that the “Midnight Blizzard” group (aka Nobelium, APT29, Cozy Bear) was detected on its systems on January 12.

Southern Water confirms cyberattack after Black Basta claims

Southern Water, a utility company serving customers in East Sussex, Hampshire, the Isle of Wight, Kent, and West Sussex in the UK, has officially announced an investigation into a significant cyber incident.

This follows a claim by the Black Basta ransomware syndicate stating that they have gained access to the company's systems. On January 22, the Black Basta crew provided minimal information about their alleged intrusion on their Tor leak site. According to Computer Weekly, the syndicate has set a deadline of January 29 for the victim to respond.

Business leaders urged to toughen up cyberattack protections

This week the UK government released a preliminary Code of Practice on cybersecurity governance, which is currently looking for insights from business leaders. This initiative targets executive and non-executive directors, emphasising cybersecurity alongside financial and legal concerns.

The Code recommends directors define clear roles, fortify customer protection and ensure secure operations. Developed with industry directors, cyber experts, and the National Cyber Security Centre (NCSC), the Code focuses on detailed incident response plans, the importance of regularly testing for robustness, and the necessity of a formal incident reporting system. Companies are urged to enhance employees' cyber skills for confident engagement with new technologies.

Wall Street firm hit by cyberattack that has knocked systems offline

EquiLend, a prominent Wall Street firm responsible for processing trillions of dollars in securities transactions monthly, has been targeted by hackers in a significant cyberattack, causing disruptions to some of its systems. Owned by major Wall Street players such as Goldman Sachs and JPMorgan, the financial technology firm conveyed to CNN that it may require "several days" to fully restore its services.

The incident underscores the pervasive threat of cyberattacks even within the robust financial sector, emphasising the potential impact on critical operations and the subsequent efforts required to mitigate and recover from such disruptions. Attack surface management is key to understanding and protecting the different attack vectors in complex fields, like finance.

GCHQ's NCSC warns of 'realistic possibility' AI will help state-backed malware evade detection

According to a report released this week by the UK National Cyber Security Centre (NCSC), there is a substantial likelihood that by 2025, advancements in AI models, fuelled by data detailing successful cyberattacks, will significantly enhance the capabilities of cybercriminals.

The report, administered by the GCHQ-operated NCSC, highlights the potential of AI to create malware capable of evading detection by current security filters. However, this capability hinges on the quality of the exploit data used for training. The NCSC asserts that there exists a credible prospect that well-equipped states possess extensive repositories of malware, sufficient to effectively train AI models for this specific purpose.

Saying well-informed about the latest advancements in the industry remains incredibly important in the fight against cybercrime. By staying up to date with relevant news, leaders can make informed decisions, proactively implement security measures, and effectively shield their organisations from cyberattacks. Maintaining a vigilant mindset, embracing best practices, and leveraging cutting-edge technologies are all crucial components in building a secure digital future. Let's embrace these principles to safeguard our digital assets and pave the way for a safer tomorrow.