Welcome to the 4th edition Cyber Weekly Digest of 2024.
New and noteworthy this week: Following on from news of our exciting new partnership with CultureAI, they've just dropped a brand-new Generative AI solution! The founder & CEO and Head of Product will be running a live demo of the solution on 7th Feb. You can sign up HERE . Also, for those looking to strengthen their API security, check out this new BLOG from Cequence, providing a recap of 2023 and what's new.
Now, let's take a look at our Cyber Weekly Digest, highlighting our top cyber security news picks of the week.
This week we heard about a global fintech firm taken offline following a cyber attack, a water services giant detecting ransomware and was served a great article from The Bleeping Computer sharing a warning from the NCSC about the increasing ransomware threat from AI tools!
Keep reading to stay up to date on the latest cyber security news.
The United Kingdom's National Cyber Security Centre (NCSC) warns that artificial intelligence (AI) tools will have an adverse near-term impact on cybersecurity, helping escalate the threat of ransomware. The agency says cybercriminals already use AI for various purposes, and the phenomenon is expected to worsen over the next two years, helping increase the volume and severity of cyberattacks.
Malicious activity targeting a critical severity flaw in the ‘Better Search Replace’ WordPress plugin has been detected, with researchers observing thousands of attempts in the past 24 hours. Better Search Replace is a WordPress plugin with more than one million installations that helps with search and replace operations in databases when moving websites to new domains or servers.
Security researchers hacked the Tesla infotainment system and demoed 24 more zero-days on the second day of the Pwn2Own Automotive 2024 hacking competition. Synacktiv Team (@Synacktiv) took home $100,000 after chaining two zero-day bugs for a sandbox escape to hack the Tesla Infotainment System. They also used a three-chain zero-day exploit to hack the Automotive Grade Linux operating system for an additional $35,000.
New York-based global financial technology firm EquiLend says its operations have been disrupted after some systems were taken offline in a Monday cyber attack.
Following the incident, the technology, data and analytics company also detected unauthorised access to it's network and is now working to restore all affected services.
Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems. After detecting the attack, Veolia has implemented defensive measures, temporarily taking some systems offline to contain the breach. Veolia is now working with law enforcement and third-party forensics experts to assess the extent of the attack's impact on its operations and systems.