Cyware Weekly Threat Intelligence - January 02–06

Weekly Threat Briefing • January 6, 2023
Weekly Threat Briefing • January 6, 2023
Welcoming you all to the first weekly threat briefing for 2023, and with that allow us to give you a peek into the new developments in cyberspace. The NIST finalized the cybersecurity framework for the ground-based operations of the space industry with an aim to manage cyber risks against satellites and other critical infrastructures. In another vein, victims hit by MegaCortex ransomware can now decrypt their files without giving in to ransom demands. Thanks to a free decryption tool released in collaboration between cybersecurity researchers and law enforcement agencies.
As holidays are over and kids are heading back to school, a new data leak affecting around 14 U.K schools has come to light. The Vice Society ransomware group is believed to be behind this incident. Meanwhile, the ProxyNotShell flaw remains a big threat to organizations as a new report suggests that over 70,000 Microsoft Exchange servers remain unpatched. Furthermore, the notoriety of the LockBit ransomware group continues to terrify organizations as a US-based locomotive firm confirms an attack.
There has been a buzz around the recently launched ChatGPT and, just like everything else, it also grabbed the attention of cybercriminals who are exploring ways to take advantage of the AI chatbot for malicious purposes. In other threat updates, the notorious BitRAT malware and Raspberry Robin worm were found targeting different financial firms to steal sensitive data.