Department of Defense Cyber Crime Center (DC3) banner graphic

Cyber Threat Roundup - 25 August 2023

Department of Defense Cyber Crime Center (DC3) sent this bulletin at 08/28/2023 10:51 AM EDT

Having trouble viewing this email? View it as a Web page. |

25 Aug 23

Cyber Threat Roundup

A collection of recent open-source items of interest to the Defense Industrial Base

NIST's Cybersecurity Framework 2.0: Shaping the Future of Cyber Resilience

In place for almost a decade, the US National Institute of Standards and Technology (NIST)’s Cybersecurity Framework (CSF) has provided an important basis for securing critical infrastructure organizations. The framework consists of standards, guidelines and best practices to manage cybersecurity risk across systems, data and assets.

https://www.infosecurity-magazine.com/news-features/nist-framework-cyber-resilience/

Artificial Intelligence and USBs Drive 8% Rise in Cyber-Attacks

Check Point Research has released its 2023 Mid-Year Security Report. The research reveals a concerning 8% surge in global weekly cyber-attacks during Q2, marking the most significant increase in two years. The report highlights the fusion of advanced artificial intelligence (AI) technology with traditional tools like USB devices used for disruptive cyber-attacks.

https://www.infosecurity-magazine.com/news/ai-usbs-drive-rise-cyber-attacks/

QR Codes Used to Phish for Microsoft Credentials

Researchers have published details about a phishing campaign that uses QR codes to phish for Microsoft credentials. A QR (Quick Response) code is a kind of two-dimensional barcode that holds encoded data in a graphical black-and-white pattern. The data that a QR code stores can include URLs, email addresses, network details, Wi-Fi passwords, serial numbers, etc. While QR codes are generally safe, they can easily be manipulated by scammers because they all appear similar to the human eye.

https://www.malwarebytes.com/blog/news/2023/08/qr-codes-deployed-in-targeted-phishing-campaigns

China-Based Hackers Target Dozens of Taiwanese Organizations in Espionage Operation, Microsoft Warns

A newly identified espionage operation run by hackers linked to China’s government has targeted dozens of organizations in Taiwan since the middle of 2021. Microsoft on Thursday attributed the campaign to a previously unidentified group it named Flax Typhoon. The goal of the campaign is to not only perform espionage on targeted Taiwanese entities but “maintain access to organizations across a broad range of industries for as long as possible,” the tech giant said.

https://therecord.media/chinese-hackers-target-taiwanese-organizations-cyber-espionage

Researchers Released PoC Exploit for Ivanti Sentry Flaw CVE-2023-38035

Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti Sentry authentication bypass vulnerability CVE-2023-38035 (CVSS score 9.8). This week the software company Ivanti released urgent security patches to address the critical-severity vulnerability CVE-2023-38035 impacting the Ivanti Sentry (formerly MobileIron Sentry) product.

https://securityaffairs.com/149837/breaking-news/poc-exploit-ivanti-sentry-cve-2023-38035.html?web_view=true

Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please visit subscriberhelp.govdelivery.com.

This service is provided to you at no charge by Department of Defense Cyber Crime Center (DC3).