Top Three Cybersecurity Headlines Keeping Experts Up at Night

1st - 40% of IT Security Professionals are Instructed Not to Report Data Leaks

Over 40% of IT security experts polled have reported being instructed to conceal network breaches, despite regulations and ethical standards requiring disclosure.?

These findings come from Bitdefender's 2023 Cybersecurity Assessment report , which was released earlier this month, highlighting a concerning trend in the cybersecurity landscape. According to the report, 50% of organizations in the United States, the European Union, and the United Kingdom have experienced data breaches in the past year. The United States had the highest incidence rate of these regions, with three-quarters of respondents reporting some form of intrusion. These statistics underscore the need for strong cybersecurity protocols and measures to protect sensitive data from cyber-attacks.

To make matters worse, 40% of the IT security professionals surveyed reported being instructed not to disclose security incidents, with the figure rising to 70.7% in the United States - significantly higher than in any other country. Shockingly, 30% of global respondents claimed they followed through and kept quiet about such breaches even when they knew they should have reported them. This figure was even higher in the United States at 54.7% of total respondents.?

According to the survey, 54.3% of respondents globally expressed concern about potential legal consequences due to the mishandling of a security breach. The figure was even higher among US respondents, with 78.7% expressing concern that their companies could face legal action for poor responses to breaches.?

Despite the concerning statistics, a staggering 94% of respondents reported feeling confident in their organization's ability to handle cybersecurity attacks. This raises the question of whether this confidence is justified or if it represents a potentially dangerous level of complacency. According to Bitdefender, this level of confidence is typical in the cybersecurity industry, which operates under high-stress levels due to the constant threat of cyberattacks.

"The findings in this report depict organizations under tremendous pressure to contend with evolving threats such as ransomware, zero-day vulnerabilities, and espionage while struggling with the complexities of extending security coverage across environments and the ongoing skills shortage," said Andrei Florescu, deputy GM and SVP of product at Bitdefender Business Solutions Group.?

It's important to note that the study was limited to a sample size of only 400 IT professionals, so this should be taken into consideration when interpreting the results.

2nd - Rorschach ransomware resurfaces in the United States.

According to Checkpoint, the Rorschach ransomware strain, which was discovered earlier this year, has resurfaced in the United States.

This particular strain of ransomware is dubbed "Rorschach" because "each person who examined [it] saw something a little bit different," According to Checkpoint, Rorschach is a tricky one not only because of how effectively it disguises itself but also because it uses DLL side-loading to exploit legitimate software produced by Palo Alto Networks, specifically the Cortex XDR Dump Service Tool, to gain access.

According to Checkpoint, Rorschach has some similarities with the Babuk and LockBit ransomware strains, but it looks to be unique, "sharing no overlaps that could easily attribute it to any known ransomware strain."?

With its ability to quickly encrypt data and its adaptability, Rorschach is considered by Checkpoint to be one of the fastest-encrypting ransomware samples it has ever seen. Group-IB, a global cybersecurity company, has also reported on Rorschach, stating that it was previously known as BabLock in Europe, where it operated covertly without a dedicated website demanding minor ransoms.

Palo Alto Networks stated that it is working on a version of the Cortex XDR Dump Service Tool that will not be vulnerable to malware exploitation.

3rd - Two intriguing cases between Russia and Ukraine emerged over the weekend.

According to a recent report, InformNapalm, a Ukrainian volunteer organization, has published documents that they allege were stolen from the compromised email account of Lieutenant Colonel Sergey Alexandrovich Morgachev, a GRU officer of Ukrainian origin. You may recognize Morgachev from the FBI's most wanted list, where he is wanted on suspicion of meddling in the 2016 US elections, conspiracy to commit computer crimes, and money laundering.

The contents of the email dump are quite alarming, as it includes several mentions of Cobalt Strike-based attacks, along with a mention of low compensation. According to reports, the FBI and other interested parties have received all of the stolen emails.

In addition to stealing sensitive information, the gang allegedly ordered adult toys using Morgachev's credit card, a tactic they previously used against pro-Russian war blogger Mikhail Luchin, who was soliciting funds for drones to aid Putin's invasion of Ukraine.

"So, instead of drones, Mikhail will now send to the invaders' trucks of adult toys and other things useful to every Russian that we ordered and paid for with his card on AliExpress," boasted the Cyber Resistance team.

Luchin claimed he had not received reimbursement and planned to take advantage of the hack.

"I'm going to open an adult shop here, make a 300 percent profit, and buy three times as many drones," he claimed. "Having a Kalibr missile would be beneficial."