Southern Water Customers Hit by Cyber Attack and More in This Week's Cyber News

With cyber threats constantly on the rise, staying informed about the latest news and developments in the field is essential for maintaining digital safety. Because of this, cybersecurity remains a critical concern for organisations, governments, and individuals. In this blog post, we will explore the top cybersecurity news stories from this week, shedding light on significant events, and noteworthy security incidents.

This week’s top stories include news of a breach at Bank of America following a supply chain cyberattack, research that warns nation-state affiliated threat actors are using AI in criminal cyber campaigns, and news of a significant KeyTrap DNS vulnerability.

Bank Of America Warns Customers of Data Leak Following 2023 Hack

In November 2023, a security breach occurred at Infosys McCamish Systems, an IT consulting and service provider. Subsequent investigations have officially confirmed that this breach resulted in a compromise of data, affecting customers of Bank of America.

Supply chain attacks in the news are becoming increasingly more common. Last year’s MOVEit attack, for example, continues to affect businesses. To be secure, an organisation needs every link in their supply chain to maintain a strong cyber security posture. The stronger the supply chain cyber security, the less likely you are to fall victim to malicious activity.

Southern Water Customers Hit by Cyber Attack

This week, Southern Water issued a cautionary notice, revealing that data belonging to certain customers and staff members has been pilfered in a cyberattack that occurred earlier this year. In an email distributed to customers on Tuesday, the company conveyed that personal information and financial data might have been compromised and could potentially be offered for sale on the dark web.

Operating in Kent, Sussex, Hampshire, and the Isle of Wight, Southern Water expressed apologies for the incident and assured that it had notified regulators while actively collaborating with cybersecurity experts to address the situation.

In January, the Black Basta ransomware group appeared to leak customer data held by the firm.

Microsoft, OpenAI Warn of Nation-State Hackers Weaponising AI for Cyber Attacks

According to a new research report published by Microsoft in collaboration with OpenAI, nation-state actors are experimenting with artificial intelligence (AI) and large language models (LLMs), adding to their arsenal of existing attack methods. Nation state actors associated with Russia, North Korea, Iran, and China are thought to be using AI to complement their ongoing cyberattack operations.

Both Microsoft and OpenAI have said that they disrupted efforts made by five state-affiliated actors that used its AI services to perform malicious cyber activities by terminating their assets and accounts.

A new Microsoft Azure hacking campaign is targeting high-end executives

According to recent research, hackers are targeting high-ranking professionals, including senior executives, through specialised phishing and cloud account takeover attacks. A report from Proofpoint has highlighted a new campaign aimed at compromising Microsoft Azure environments and cloud accounts, beginning in late November 2023.

The unidentified threat actors have been observed distributing personalised phishing lures within shared documents. Researchers reveal that certain documents contain embedded links labelled "View document," which, when clicked, redirect victims to a malicious phishing page designed to steal login credentials.

KeyTrap DNS Attack Could Disable Large Parts of Internet

A group of researchers has unveiled a new vulnerability related to the Domain Name System (DNS), which reportedly has the potential to disable substantial portions of the internet. This vulnerability, named KeyTrap and officially identified as CVE-2023-50387, is characterised as a critical flaw in the design of Domain Name System Security Extensions (DNSSEC). DNSSEC is a feature of DNS that aims to authenticate responses to domain name lookups.

While DNSSEC is intended to safeguard against manipulations or poisoning of responses to DNS requests, researchers from the Germany-based ATHENE National Research Centre for Applied Cybersecurity have discovered a design flaw. This flaw could be exploited by malicious actors to induce significant internet disruption through the use of a single specially crafted DNS packet, leading to CPU resource exhaustion.

Our experts advise using attack surface management tools to discover, identity and monitor an organisation’s attack surface to mitigate risk from emerging vulnerabilities.

Saying well-informed about the latest advancements in the industry remains incredibly important in the fight against cybercrime. By staying up to date with relevant news, leaders can make informed decisions, proactively implement security measures, and effectively shield their organisations from cyberattacks. Maintaining a vigilant mindset, embracing best practices, and leveraging cutting-edge technologies are all crucial components in building a secure digital future.