Welcome reader to your CybersecurityHQ report.

Headlines

The LockBit ransomware gang claims they have a trove of sensitive data stolen from leading aerospace and defense contractor Boeing. The group claimed responsibility for the attack on their dark web leak site, stating they possess a substantial amount of sensitive data from Boeing, threatening to release it unless the company initiates contact before a November 2nd deadline. Boeing stated they are currently assessing the claim. LockBit did not disclose the amount of data stolen but claimed that “A tremendous amount of sensitive data was exfiltrated and [is] ready to be published…”

Lockbit has been active since late 2019 and is recognized as a significant player in the ransomware landscape, with over 1,400 attacks executed globally. The US Department of Justice considers their latest ransomware variant, LockBit 3.0, to be highly evasive. Boeing has yet to issue a comprehensive response, and the situation is ongoing.

The cybersecurity mesh market is projected to exceed USD 5 billion by 2032, according to a study by Global Market Insights Inc. This growth is attributed to the evolving IT landscape — an area characterized by interconnected on-premises systems, cloud services, mobile, and IoT devices, which makes traditional security insufficient. The industry is turning to cybersecurity mesh for adaptable security solutions.

The Small and Medium Enterprises (SMEs) sector is expected to significantly contribute to this growth due to its increasing reliance on cloud technologies, which come with new security risks. Meanwhile, the government sector continues to invest heavily in cybersecurity mesh in response to constant threats to their sensitive data. The study also suggests Europe's cybersecurity mesh market will experience major growth, driven by digital transformation and stringent data protection regulations like GDPR. Leading companies in this space include Cisco Systems Inc., BAE Systems Inc., Fortinet, Inc., and Zscaler Inc., among others.

Researcher ValdikSS recently posted a report detailing a six-month covert operation targeting the XMPP-based instant messaging service jabber[.]ru, raising concerns about lawful interception. ValdikSS discovered the man-in-the-middle (MiTM) attack, where traffic was rerouted via servers hosted on Hetzner and Linode in Germany, exploiting TLS certificates from Let's Encrypt to hijack encrypted STARTTLS connections. Evidence points to configurations on the hosting provider's network being responsible, dismissing the likelihood of a server breach or spoofing attack.

The operation is believed to have run for six months, but it was confirmed active from at least July 21 to October 19. Suspicion arose on October 16, leading to an investigation beginning two days later — which seemingly prompted the attackers to cease their activities. While the identity of the perpetrators remains unclear, signs indicate a possible lawful interception case based on a German police request. However, an intrusion into Hetzner and Linode's internal networks has not been ruled out. Users are advised to consider their communications over the last 90 days compromised, scrutinize their accounts for unauthorized activities, and update their passwords.

Interesting Read

TrendMicro runs through the scams of the week, showing just how vulnerable large brands are to phishing impersonation. From Costco to USPS, the more trusted a brand is, the more likely it becomes that scammers will abuse that trust to gain access to sensitive information.

New developments in cybersecurity can happen anywhere. A team of Australian researchers from Charles Sturt University and the University of South Australia recently unveiled an algorithm designed to protect unmanned military robots from cyberattacks. Employing deep learning neural networks, this algorithm demonstrates a jaw-dropping 99% success rate in thwarting man-in-the-middle attacks, with a false positive rate of less than 2%.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team