Microsoft has attributed the exploitation of a critical vulnerability in Atlassian Confluence Data Center and Server to the nation-state actor Storm-0062, also known as DarkShadow or Oro0lxy. Since September 14, 2023, the company's threat intelligence team has observed the vulnerability being exploited in the wild. According to Microsoft, any device with a network connection to a vulnerable application can exploit the vulnerability, tracked as CVE-2023-22515, to create a Confluence administrator account within the application.

According to a recent survey conducted by Integrity360, IT security decision makers are concerned about the use of AI by cybercriminals, particularly surrounding deepfakes, and many believe AI is increasing the number of cybersecurity attacks.  The results found that 68% of respondents expressed concerns about cybercriminals using deepfakes to target their organizations.  The company noted that a significant majority (58%) of participants agreed that AI is increasing the number of cyberattacks.

According to WatchGuard, endpoint malware detections decreased by 8 percent in the second quarter of 2023 compared to the previous quarter. However, the volume of endpoint malware detections caught by 10 to 50 systems or 100 or more systems increased by 22 percent and 21 percent, respectively. The rise in detections among more machines suggests widespread malware campaigns grew from the first quarter of 2023 to the second quarter. Double-extortion attacks launched by ransomware groups increased by 72 percent quarter over quarter, with 13 new extortion groups.

In a new report, security researchers at Critical Start claimed that the education sector is a prime target for threat actors, with 29% of attacks originating from vulnerability exploitation and 30% from phishing campaigns on K-12 schools in 2023.  Another key finding by the researchers is the increasing use of Quick Response (QR) codes in phishing attacks.  The researchers noted that in these attacks, cybercriminals disguise themselves as Microsoft security notifications and embed QR codes within PNG images or PDF attachments to deceive victims.

Researchers have discovered a security flaw in a library within the GNU Object Model Environment (GNOME) for Linux systems. If embedded in a malicious link, the vulnerability could allow instantaneous machine takeover by attackers. GNOME is an open-source desktop environment used by popular Linux distributions such as Ubuntu and Fedora. According to GitHub Security Lab, one of the default GNOME applications contains a dependency with an out-of-bounds array access vulnerability rated "High" (8.8 out of 10) in severity.

Satellite hacking could result in massive disruptions to communications, transportation, and weather forecasts, as well as the loss of sensitive data. Last February, Russia-linked hackers launched destructive malware against the American satellite provider Viasat an hour before the invasion of Ukraine. SpaceX's Starlink satellite also encountered interference from signal jamming, thus limiting bandwidth. As demonstrated at last year's Black Hat conference, a researcher created a tool to hack into Starlink for only $25.

Researchers from the Systems, Networking, and Energy Efficiency (Synergy) Lab at Carnegie Mellon University (CMU) are presenting several multi-year studies on their work regarding ubiquitous sensing at the ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp). The Synergy Lab, led by School of Computer Science Associate Professor Yuvraj Agarwal, focuses on developing more energy-efficient computing in buildings, improving the security and privacy of Internet of Things (IoT) devices, and advancing mobile systems.

Spanish airline Air Europa, the country's third-largest airline and a member of the SkyTeam alliance, recently warned customers to cancel their credit cards after attackers accessed their card information in a recent data breach.  The credit card details exposed in the breach include card numbers, expiration dates, and the 3-digit CVV (Card Verification Value) code on the back of the payment cards.

The National Security Agency (NSA) and US federal partners have released cybersecurity guidance to promote understanding Open-Source Software (OSS) implementation and to provide best practices for securing Operational Technology (OT) and Industrial Control Systems (ICS) environments.