Monthly Roundup of Top Cybersecurity News & Stories

Welcome to the Monthly Roundup of the latest cybersecurity news and stories, where we bring you valuable information about the most significant happenings in the cybersecurity world worldwide. In March 2023, the following major cybersecurity incidents occurred:

Emotet Malware Returns

The Emotet malware has resumed spamming malicious emails after its last reported activity a few months ago. According to experts, the malware is rebuilding its network and affecting a large number of devices globally. Emotet is a dangerous malware distributed via emails using Microsoft Word and Excel attachments and is known to be one of the most widely distributed malware in the past.

Zero-Day Vulnerabilities Targeting Giant Corporations

Researchers reported that 55 zero-day vulnerabilities were actively exploited last year, and giant corporations such as Microsoft, Apple, and Google were targeted the most. Attackers could gain elevated privileges or perform remote code execution on devices with vulnerabilities.

Luxury Car Manufacturer Ferrari Reports Cyber Incident

Italian luxury sports car manufacturer Ferrari reported a cyber incident in which a hacker demanded ransom, claiming to have access to client details. However, the company stated that the breach had no impact on its operations. Ferrari informed concerned authorities and hired a third-party cybersecurity firm to investigate.

HinataBot Botnet

Security experts discovered a new malware botnet known as HinataBot, targeting Realtek SDK, Huawei Routers, and Hadoop YARN servers. The botnet was recruiting devices into DDoS to conduct a massive cyber attack, according to the report by researchers at Akamai.

Trigona: Another Emerging Ransomware

Security researchers found a new strain of ransomware called Trigona in October 2022, which was active in December last year and has been attacking many potential victims. The ransom notes are presented in an HTML application with embedded JavaScript and contain unique computer IDs and victim IDs. The manufacturing, finance, agriculture, technology, and construction sectors are among the most affected.

Cybersecurity Incidents in Different Countries

A massive cyber attack was carried out against the African Union, disrupting its operations and ultimately leading to the suspension of systems. It was reported that 200+ corrupted devices were found, but data in the cloud storage is secure but inaccessible.

A giant engineering company in Canada was the victim of a ransomware attack. The company is involved in military, transportation, and power throughout the country.

Mandiant researchers claimed that a threat actor, APT43, is conducting cybercrimes on behalf of the North Korean regime to fund espionage activities.

Additionally, in the latest incident, the VoIP software provider 3CX suffered a data breach, which affected the customer's data in Europe, Middle East, and Africa. The hacker group, REvil, claimed responsibility and demanded a ransom of $3 million. 3CX informed its customers of the breach and advised them to change their passwords immediately.

What are your thoughts on these latest cybersecurity events that occurred in March 2023? Let us know if we missed anything. We'll be back next month with another edition of the Monthly Roundup of top cybersecurity news. Stay safe!