Cyware Monthly Threat Intelligence

Monthly Threat Briefing • October 2, 2023
Monthly Threat Briefing • October 2, 2023
To ensure a secure open-source software landscape, the CISA is charting a collaborative course to bring together all the stakeholders, while the DHS unveiled its IT Strategic Plan for 2024-2028 to modernize and fortify national cybersecurity. The DHS’ plan also encourages investment in a talented workforce to prepare them for future challenges. Down under, Australia is fortifying its cyber defenses with a comprehensive strategy encompassing education, safer technology standards, real-time threat sharing, critical infrastructure protection, nurturing cybersecurity talent, and fostering global collaboration.
Significant data breaches were reported exposing sensitive information and raising concerns about data security across verticals. Several healthcare organizations, including the Canadian Nurses Association, Better Outcomes Registry & Network, and Just Kids Dental disclosed incidents exposing the sensitive records of millions of patients. The crypto industry also witnessed intrusions resulting in the loss of hundreds of millions of dollars. Mixin Network and CoinEx were among the top victims. Meanwhile, a threat actor deployed a multi-step strategy to compromise hotel systems via a fake Booking[.]com payment page.
Many new malicious operations were uncovered in the last month. For instance, Chinese actors demonstrated increased sophistication and adaptability in a new operation targeting Chinese-speaking individuals, featuring emerging threats like ValleyRAT and Sainbox RAT. In other news, Xenomorph resurfaced after months of inactivity to launch a campaign aimed at over 30 U.S. and Portuguese banks. Additionally, a new ransomware variant called 3AM was spotted in an attack when a LockBit affiliate used it after failing to deploy the LockBit strain on the target network.