Welcome reader to your CybersecurityHQ report.

Headlines

Europol has successfully dismantled the infrastructure of Ragnar Locker ransomware, leading to the arrest of one of its key developers in France. The operation occurred from October 16 to 20, spanning operations in Czechia, Spain, and Latvia. Officers interrogated accomplices and seized vital equipment in the Netherlands, Germany, and Sweden. The Ragnar Locker group, notorious for targeting critical infrastructure worldwide, has attacked 168 international companies since 2020 using double extortion tactics.

This Europol operation adds to the global momentum against cybercrime, exemplified by recent crackdowns in Ukraine and India, as well as the extradition of a Moldovan national from the UK to the US for cybercrime-related charges.

Anthropic, an AI firm with financial ties to tech giants Google, Amazon, and the ex-crypto magnate Sam Bankman-Fried, now faces copyright infringement allegations for using protected lyrics. The $75 million lawsuit was filed by music publishers Universal Music, ABKCO, and Concord Publishing in a Tennessee federal court. They accuse Anthropic of unlawfully incorporating copyrighted song lyrics to enhance its chatbot, Claude. The publishers highlight infringement in at least 500 songs, spanning genres and eras, including hits from the Beach Boys, Rolling Stones, Mark Ronson with Bruno Mars, and Beyonce.

The lawsuit focuses on Anthropic's alleged unauthorized replication of lyrics in its extensive internet-scraped text database, utilized to train Claude in generating human-like responses. The chatbot will give users lyrics when directly requested and in a broader array of prompts that do not explicitly call for lyrics. An instance cited includes Claude providing lyrics from "American Pie" when tasked with creating a song about the late Buddy Holly.

Cisco has alerted users about an actively exploited zero-day vulnerability in IOS XE, tracked as CVE-2023-20273, which allows threat actors to deploy malicious Lua-based implants on affected devices. This privilege escalation flaw, with a CVSS score of 7.2, is part of an exploit chain with another vulnerability, CVE-2023-20198, which has a critical CVSS score of 10.0. Attackers first exploit CVE-2023-20198 to gain initial access, create a local user, and elevate privileges to root, before using CVE-2023-20273 to write the implant to the file system.

Cisco plans to release a fix for both vulnerabilities on October 22, and recommends disabling the HTTP server feature before then. The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that successful exploitation could give attackers full control over affected devices, enabling them to monitor and manipulate network traffic. As of October 19, an estimated 36,541 Cisco devices were compromised, with smaller entities and individuals being the primary targets.

Interesting Read

New developments in cybersecurity can happen anywhere. A team of Australian researchers from Charles Sturt University and the University of South Australia recently unveiled an algorithm designed to protect unmanned military robots from cyberattacks. Employing deep learning neural networks, this algorithm demonstrates a jaw-dropping 99% success rate in thwarting man-in-the-middle attacks, with a false positive rate of less than 2%.

Tested on a replica of a US Army combat ground vehicle, the results are groundbreaking. Check out the full details in this write-up by Aamir Sheikh in Cryptopolitan.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team