iNews Vol 174

This week in iNews we see that the recent cybersecurity incidents have highlighted the growing threat landscape. #Microsoft users were warned about potential vulnerabilities, while #StarHealth confirmed a data breach but cleared its #CISO of wrongdoing. The #InternetArchive suffered a breach affecting over 31 #million users, and #OpenAI revealed that malicious actors are using #ChatGPT to create malware. Amidst the #SaltTyphoon hacks, lawmakers are urging agencies and telecoms to provide more information. #Australia has introduced its first national #cyberlegislation, and Iranian government sites and nuclear facilities were targeted in a cyber attack. Fidelity Investments has experienced its second data breach this year, underscoring the ongoing challenges in protecting sensitive information.

Government-issues-high-risk-warning-for-microsoft-windows-users

CERT-In warns Windows 10 and 11 users of security vulnerabilities that could allow attackers to gain elevated privileges. Microsoft has released a security patch to address the issue.

Star Health confirms data breach, clears CISO of wrongdoing amid claims

Star Health Insurance released a statement acknowledging the cyberattack. The company confirmed that it was a victim of a targeted malicious cyberattack, which led to unauthorised access to certain data.

Internet Archive hacked, data breach impacts 31 million users

Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.

OpenAI confirms threat actors use ChatGPT to write malware

OpenAI has disrupted over 20 malicious cyber operations abusing its AI-powered chatbot, ChatGPT, for debugging and developing malware, spreading misinformation, evading detection, and conducting spear-phishing attacks.

Lawmakers press agencies, telecoms for more details on Salt Typhoon hacks

On Thursday, Republican and Democratic leaders on the House Energy and Commerce Committee wrote to the three telecommunication firms asking for more information on their response, calling the incident “extremely alarming for both economic and national security reasons.”

Australia Intros Its First National Cyber Legislation

The bill is broken up into several pieces, including ransomware reporting and securing smart devices, among other objectives.

A cyber attack hit Iranian government sites and nuclear facilities

As Middle East tensions rise, cyberattacks hit Iran’s government branches and nuclear facilities, following Israel’s response to Iran’s October 1 missile barrage.

Fidelity Investments suffered a second data breach this year

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information.