This Week’s Top 5 News September 2023 | 01

With every passing day there are new cybersecurity events that have the potential to impact you or your company. We have rounded up five top cybersecurity news stories to help keep you up to date with cybersecurity issues around the world. From acts of espionage to simple code errors that could leak your private data. Here are our top five new stories from the past week:

1. Computer scientists develop open-source tool for dramatically speeding up the programming language Python

The University of Massachusetts Amherst’s computer science team, led by Professor Emery Berger, has developed Scalene, an award-winning Python profiler. Python, a popular programming language known for its user-friendliness, is also notoriously inefficient, running up to 60,000 times slower than other languages. Existing profilers only indicate slow code regions, but Scalene precisely identifies inefficiencies and uses AI to suggest improvements. It focuses on CPU, GPU, and memory usage—areas responsible for Python’s slow speed. Since its launch on GitHub, Scalene has been downloaded over 750,000 times, signaling future improvements will stem from efficient programming rather than hardware upgrades. For more about this story click here


2. Earth Estries’ Espionage Campaign Targets Governments and Tech Titans Across Continents

Earth Estries, a hacking group with sophisticated skills and high-level resources, is leading a new cyber espionage campaign targeting government and technology sectors in various countries, including the U.S, Germany, and South Africa. Active since 2020, Earth Estries shares tactics with nation-state group FamousSparrow, known for exploiting ProxyLogon flaws in Microsoft’s Exchange Server. Notably, similarities have been found between FamousSparrow and UNC4841, associated with a zero-day flaw in Barracuda Networks Email Security Gateway. Trend Micro’s research reveals Earth Estries uses Cobalt Strike to exploit compromised environments, quickly deploying additional malware to expand its control. For more about this story click here


3. China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users

Cybersecurity researchers have identified malicious Android apps, Signal Plus Messenger and FlyGram, engineered to deliver the BadBazaar spyware. These apps, attributed to China-linked actor GREF, were distributed via Google Play Store, Samsung Galaxy Store, and dedicated websites. Victims primarily hail from Germany, Poland, and the U.S., among other countries. The spyware harvests a wide range of data, including call logs, SMS messages, and locations. While the rogue apps have been removed from Google’s app storefront, they remain available on the Samsung Galaxy Store. These findings underscore the necessity of robust cybersecurity measures. For more about this story click here


4. Citrix NetScaler Alert: Ransomware Hackers Exploiting Critical Vulnerability August

Unpatched Citrix NetScaler systems are being targeted by unknown actors in suspected ransomware attacks. Cybersecurity company Sophos, tracking the activity under the name STAC4663, reports attackers exploiting a critical code injection vulnerability (CVE-2023-3519) in NetScaler ADC and Gateway servers. The modus operandi aligns closely with a recent attack campaign disclosed by NCC Group Fox-IT. The attacks are likely from a known threat actor specializing in ransomware attacks. Users of Citrix NetScaler ADC and Gateway appliances are strongly advised to apply patches to mitigate threats. This comes amidst escalating ransomware attacks and a surge in personalized ransomware strains. For more about this story click here


5. Cyberattacks Targeting E-commerce Applications

Cyber threats to e-commerce applications are on the rise in 2023, with threat actors exploiting vulnerabilities in increasingly complex API interfaces. A recent attack on Honda’s e-commerce platform highlights this risk. An API flaw allowed for unrestricted admin-level data access, potentially leading to a large-scale data breach. Regular testing and ongoing monitoring are crucial to identify and mitigate such weaknesses promptly. A long-term preventative solution like PTaaS can offer robust protection. The incident underscores the importance of continuous testing (PTaaS) over standard penetration testing in securing e-commerce businesses against evolving cyber threats. For more about this story click here

There are many ways cyber criminals will look to exploit your integral IT systems to access data or create chaos within your business for their own personal gain.
Here at DIESEC, we have experts on hand waiting to help you with all of your cybersecurity needs, from ensuring your system is safe and secure to teaching your employees how not to fall victim to social engineering ploys.

For more information please feel free to contact us!