This Week’s Top 5 Cybersecurity News Stories September 2024 | 03

Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small, as we look at threats from espionage to security flaws in every day devices:

1. Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials

Law enforcement dismantled an international criminal network using the iServer phishing platform to unlock stolen mobile phones. The operation led to 17 arrests, 921 items seized, and the recovery of 1.2 million phones. The takedown coincided with other global actions, including the shutdown of encrypted networks and cryptocurrency exchanges used by cybercriminals, reinforcing law enforcement’s ongoing efforts to combat digital crime.

For more about this story click here

 

2. Healthcare’s Diagnosis is Critical: The Cure is Cybersecurity Hygiene

Cybersecurity in healthcare is critical as the sector faces a rising wave of cyberattacks, often targeting sensitive patient data and life-saving systems. Poor cybersecurity hygiene, such as unpatched software and insecure networks, leaves healthcare vulnerable to ransomware attacks, causing significant harm. Strengthening security measures through continuous monitoring, third-party risk management, and regular patching is essential to protect patient safety and operational integrity.

For more about this story click here

 

3. How to Investigate ChatGPT activity in Google Workspace

OpenAI’s May 2024 update introduced file integration with Google Drive and OneDrive in ChatGPT, enhancing productivity but raising cybersecurity concerns. Organizations must monitor permissions granted to shared drives, as these integrations can pose security risks. Tools like Nudge Security can help identify genAI app usage, track OAuth grants, and enforce security measures to manage risks while balancing productivity and data protection.

For more about this story click here

 

4. Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military

A Chinese national, Song Wu, has been indicted in the U.S. for a multi-year spear-phishing campaign targeting NASA, universities, and private companies. Wu allegedly aimed to steal proprietary aerospace software, potentially usable for military applications. Charged with 14 counts each of wire fraud and identity theft, Wu faces up to 20 years for each wire fraud count and additional penalties for identity theft.

For more about this story click here

 

5. Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector

Microsoft has identified a financially motivated threat actor, Vanilla Tempest (formerly DEV-0832), using the INC ransomware to target the U.S. healthcare sector. The group, active since July 2022, deploys ransomware following infections from GootLoader. Using tools like AnyDesk and MEGA, Vanilla Tempest moves laterally through networks to deliver the INC payload, previously linked to ransomware strains like BlackCat and Quantum Locker.

For more about this story click here

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information please contact us now!