In today's rapidly evolving digital landscape, the surge in cyber threats and the adoption of sophisticated techniques by cybercriminals emphasise the critical need to remain well-informed about the latest advancements in the cybersecurity realm.
To address this critical concern, our weekly news round-up aims to provide readers with the most significant cybersecurity news stories of the week, from data breaches to new vulnerability disclosures. Stay informed and stay secure!
The Biden EO on AI: Cybersecurity and Artificial Intelligence
Ahead of ChatGPT’s first birthday and this week’s current OpenAI boardroom revelations, AI seems to be on everyone’s minds. The Biden administration have recently released policy on AI. The executive order (EO) on artificial intelligence (AI) issued by the Biden administration primarily governs policy areas under the direct control of the U.S. government's executive branch. However, its significance extends beyond the immediate scope, influencing industry best practices and shaping future laws and regulations both in the United States and globally.
The rapid advancements in AI, particularly in generative AI, have drawn the focus of policymakers in the past year. The growing concerns, highlighted by prominent figures in the industry, regarding the need for safeguards in the development of artificial general intelligence (AGI) have amplified attention in Washington. In this context, it is crucial to perceive the EO not as the conclusive statement on AI policy but as an early and substantial stride towards addressing the evolving landscape of AI governance.
Hackers Flaunt Stolen British Library Data Threat and Claim They Can Make £600k
The British Library has been targeted by a significant cyberattack. The story has developed over this week, with the perpetrators now threatening to auction off valuable data described as 'exclusive, unique, and impressive.'
The Rhysida ransomware group has claimed responsibility for the attack and has provided glimpses of the stolen data, which is reported to include a collection of passport scans and HMRC employment documents, among other sensitive information.
Australia Enhances Cyber Defences After Major Breaches
Australia is set to implement a security overhaul in response to a series of cyberattacks. As part of these measures, the government will provide cybersecurity assessments for small businesses, boost funding for cyber law enforcement, and mandate the reporting of ransomware attacks. Additionally, tougher cyber reporting rules, similar to those for critical infrastructure, will be applied to telecommunications firms. The government aims to bolster the cybersecurity workforce by recruiting migrants, and it plans to establish limits on inter-agency data sharing to incentivise incident reporting.
In a recent video, our CTO Elliott Wilkes spoke to Christine Maxwell, Director of Cyber Defence and Risk at the Ministry of Defence about forward thinking cyber defence strategy.
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
Various threat actors, including affiliates of the LockBit ransomware group, are currently taking advantage of a recently revealed critical security vulnerability in Citrix NetScaler application delivery control (ADC) and Gateway appliances. This collaborative advisory is issued jointly by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Australian Signals Directorate's Australian Cyber Security Center (ASD's ACSC).
North Korea-backed Hackers Target CyberLink Users in Supply Chain Attack
State-backed hackers from North Korea are distributing a compromised version of a legitimate application created by CyberLink, a Taiwanese software developer, to target downstream customers. On Wednesday, Microsoft's Threat Intelligence team reported that North Korean hackers had successfully compromised CyberLink, using it as a conduit to distribute a modified installer file from the company as part of an extensive supply chain attack.
Tri-City Medical Centre Resumes Nearly Full Operations After Cyberattack
After enduring over a week of significant disruptions caused by a cybersecurity attack, Tri-City Medical Centre in Oceanside is now fully operational. Ambulance traffic resumed on Friday, Nov. 17, and the previously halted elective surgeries and procedures have also recommenced. The cause of the attack has not been disclosed, nor has information about what, if any, sensitive data had been taken.
Hospitals prove popular targets for cyberattacks given how many assets they have connected to networks, many of those assets are unknown. Asset discovery and management tools, like our Attack Surface Management tool, are crucial for all cybersecurity stacks.
Microsoft: Lazarus hackers breach CyberLink in supply chain attack
Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide.
According to Microsoft Threat Intelligence, activity suspected to be linked with the altered CyberLink installer file surfaced as early as October 20, 2023.
This trojanized installer was hosted on legitimate CyberLink update infrastructure owned and has so far been detected on more than 100 devices worldwide, including in Japan, Taiwan, Canada, and the United States.
Staying informed about the latest cybersecurity news is crucial for leaders to make informed decisions about cybersecurity strategy within organisations. Maintaining a constant state of vigilance is essential when it comes to protecting yourself from cyber threats. Cybersecurity is an ongoing process.
In addition to staying informed, adopting best practices, and leveraging cutting-edge technologies, it is vital to establish a multi-layered cybersecurity strategy. A comprehensive approach that encompasses various layers of defence can greatly enhance the overall security posture.