InfoSecBulletin Cybersecurity for mankind
Cybersecurity threats have surged to extraordinary heights, as Microsoft’s latest Digital Defense Report reveals that its customers are confronted with over 600 million cyberattacks every day.
The report highlights that cyber operations play a crucial role in geopolitical conflicts, used for espionage, influence, and destruction. The cooperation between nation-states and cybercriminal gangs contributes to this trend, as they exchange tools and techniques. The report highlights that “nation-state affiliated threat actors demonstrated that cyber operations—whether for espionage, destruction, or influence—play a persistent supporting role in broader geopolitical conflicts.”
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
In the past year, Microsoft has noticed that nation-state actors are increasingly teaming up with cybercriminals for financial gain and intelligence gathering. For example, Russian actors have outsourced some cyberespionage tasks to criminal groups, particularly targeting Ukraine. In June 2024, one group used basic malware to compromise at least 50 Ukrainian military devices.
Other nation-state actors, such as those from Iran and North Korea, have also ramped up their activity. Iran is using ransomware as part of its influence tactics, while North Korea has launched a new ransomware variant called FakePenny, aimed at aerospace and defense sectors.
The report highlights worrying trends in how nation-state actors and cybercriminals are using generative AI for phishing, influence operations, and malware development. They are leveraging AI to more effectively target victims. However, there is a positive aspect: AI also helps cybersecurity professionals respond more quickly to threats.
The report emphasizes the necessity for better cooperation between public and private sectors to combat rising attacks. Microsoft suggests a two-pronged strategy: improving cybersecurity to prevent intrusions and enforcing consequences for harmful actions. This combination of defense and deterrence is crucial for changing the current trend.
“With more than 600 million attacks per day targeting Microsoft customers alone, there must be countervailing pressure to reduce the overall number of attacks online“.
