Tevora Cybersecurity News

Curated by Anir Desai and Hai-Trang Nguyen

?? NIST Releases Principal Set of Post-Quantum Encryption Standards

The US National Institute of Standards and Technology (NIST) has finalized three post-quantum cryptographic algorithms designed to protect data from future quantum computing threats. The standardized algorithms include FIPS 203 (CRYSTALS-Kyber) for key establishment, and FIPS 204 and FIPS 205 (CRYSTALS-Dilithium and SPHINCS+) for digital signatures. These new standards will help organizations transition to quantum-resistant encryption by providing the algorithms' computer codes, implementation guidelines, and intended uses.

More information regarding NIST's principal set of post-quantum encryption standards can be found here.

?? DISA Confirms Data Breach Impacting 3.3 Million

Texas-based employee screening company DISA Global Solutions has confirmed a data breach impacting the personal information of approximately 3.3 million individuals. The breach resulted from an intrusion into a limited portion of the organization's network, granting threat actors access from February 9th, 2024, to April 22nd, 2024. Impacted individuals are being offered free credit monitoring and identity restoration services for one year.

More information regarding DISA's data breach can be found here.

?? Suspected Desorden Hacker Arrested

Authorities in Thailand have arrested an individual named Chia, linked to the Desorden hacking group, known for breaching corporate and government entities worldwide. The suspect allegedly stole over 13TB of sensitive data and engaged in extortion tactics from 2020 to the present. Thai police raided the suspect's premises, resulting in the confiscation of laptops and luxury goods believed to have been purchased with extortion money. Chia now faces multiple charges related to unauthorized access to protected systems and data, attempted extortion, and illegal residence.

More information regarding the Desorden hacker arrest can be found here.

?? PolarEdge Botnet Exploits Cisco and MikroTik Vulnerabilities

Researchers have uncovered the PolarEdge botnet, which is actively exploiting vulnerabilities in Cisco and MikroTik devices to launch DDoS attacks and enable persistent access to edge devices. The malware leverages misconfigured or outdated firmware to infiltrate networks and enters an infinite loop to establish a TLS session and spawn a child process. Affected organizations are urged to update firmware, disable unnecessary remote access, and monitor network traffic for anomalies to prevent infections.

More information regarding the PolarEdge botnet can be found here.

Stay vigilant, stay alert, and please reach out if you have any questions!