Cyber News Of The Week

Welcome to this week's Infosec K2K Weekly News Update! As technology continues to advance, so do the risks associated with it. Every week, we gather the latest news and insights on cyber threats, data breaches, and other essential topics in the world of cyber security.

In The News This Week

The UK's @National Cyber Security Centre (NCSC) has highlighted the escalating threat of AI-supported #CyberAttacks on #CriticalNationalInfrastructure (CNI). Their annual review warns of state-aligned actors targeting sectors such as healthcare and energy using tactics like #Ransomware and #DDoS attacks. Generative AI tools could pose an additional risk, potentially amplifying existing threats and increasing the speed and scale of attacks.

Find out more on @ITPro: https://www.itpro.com/security/ncsc-ai-will-increase-speed-and-scale-of-critical-infrastructure-attacks?

@Industrial and Commercial Bank of China (ICBC) Financial Services LLC, China’s largest bank and the world's largest lender, experienced a ransomware attack last week, which is suspected to be the work of the ransomware gang #LockBit. The incident impacted the bank's US division, and ICBC contained the attack. This #CyberAttack on a major bank underscores the persistent threat to financial institutions, and shows why heightened awareness and security investments are needed across the industry.

Find out more on @Tech Monitor: https://techmonitor.ai/technology/cybersecurity/icbc-ransomware-lockbit-cyberattack?

Denmark faced its largest cyber attack on record as #Hackers (potentially linked to Russia's military intelligence) targeted energy infrastructure in a coordinated attack, according to @SektorCERT, a non-profit Danish cyber security centre. Attackers exploited #ZeroDayVulnerabilities in firewalls, affecting 22 energy companies, and over 100,000 people could have lost power or heating. SektorCERT’s report suggests state involvement, as Russia's GRU Unit 74455 (Sandworm) is known for attacking critical infrastructure.

Find out more on @CyberNews: https://cybernews.com/news/denmark-cyberattack-energy-infrastructure-sandworm/?

More and more #CyberCriminals are exploiting vulnerabilities in the global online gaming community, using @Discord messages and fake download sites to distribute malware, according to a report by @Sekoia.io. Gamers are unknowingly exposing themselves to deceptive tactics, such as enticing offers and fake cheat codes, and downloading information-stealing software. Sekoia urged users to only download software from official sources.

Find out more on @Infosecurity Magazine: https://www.infosecurity-magazine.com/news/infostealing-malware-escalates-in/?

The Stats This Week

$275 million

The #Ransomware group known as #Royal, which has been active since September 2022, has targeted over 350 global victims, and demanded around $275 million in ransom payments, according to a report from the US @Cybersecurity and Infrastructure Security Agency (CISA). The sectors most affected include healthcare, manufacturing, and education, and their ransom demands have ranged from $1 million to $11 million in bitcoin.

Find out more on @Infosecurity Magazine: https://www.infosecurity-magazine.com/news/royal-ransomware-gang-275m-in-a/?

600,000

A popular @WordPress plugin, WP Fastest Cache, is vulnerable to an #SQLInjection attack. It’s used by more than a million websites to enhance site speed, and around 600,000 sites are still using the vulnerable version. These websites are vulnerable to attacks - an SQL injection vulnerability could enable attackers to access, modify, or even delete entire WordPress databases. Users are being urged to update the plugin to mitigate the risk of attacks.

Find out more on @Techzine.eu: https://www.techzine.eu/news/security/113304/bug-in-wordpress-plugin-exposes-600000-vulnerable-websites/?

23,000?

The @U.S. Department of Justice has dismantled the #IPStorm botnet, a proxy service allowing #CyberCriminals to anonymously route malicious traffic through compromised devices. A Russian-Moldovan national, Sergei Makinin, has pleaded guilty to computer fraud charges, and now faces a maximum of 10 years in prison. Makinin made over $550,000 from the #botnet, which operated over 23,000 proxies around the world.

Find out more on @BleepingComputer: https://www.bleepingcomputer.com/news/security/ipstorm-botnet-with-23-000-proxies-for-malicious-traffic-dismantled/?

Thoughts from Infosec K2K

It was revealed this week that a critical vulnerability was discovered in the widely-used WordPress plugin, WP Fastest Cache, exposing more than 600,000 websites to potential SQL injection attacks. The plugin is popular with businesses and website owners because it can help them improve their search engine rankings. However, it’s alarming that around 44.9% of users are still running the version of the plugin with a cyber security vulnerability. This underlines how critical it is to regularly update software and patch these vulnerabilities.

During an internal investigation, the @WPScan security team found the SQL injection vulnerability. By exploiting this flaw, attackers could access the WordPress database, which would let them read and delete information, as well as expose private data. This incident serves as a stark reminder of the importance of keeping software up to date and conducting regular cyber security assessments to identify these vulnerabilities promptly.

Patching software vulnerabilities isn’t just a recommendation, but a fundamental aspect of maintaining robust cyber security defences. WordPress has already released an updated version addressing this bug, and website administrators should be ensuring that plugins and software are always updated to the latest version. Cyber threats are constantly evolving, and regular assessments of cyber defences can be crucial in maintaining the security of your most sensitive data.

Read more about the vulnerability on @WPScan’s blog:

https://wpscan.com/blog/unauthenticated-sql-injection-vulnerability-addressed-in-wp-fastest-cache-1-2-2/?

—

Got questions about this week’s news? We’re here to help! Learn how best to bolster your cyber security defences by getting in touch with our expert team at Infosec K2K.?

Stay updated on all things #CyberSecurityNews when you subscribe to our weekly newsletter by clicking 'Subscribe' at the top of this page!