10 Significant Cybersecurity News of September 2024

• Russian Military Cyber Attacks on Critical Infrastructure:

The Russian GRU Unit 29155 launched attacks on critical infrastructure in the U.S. and worldwide, particularly targeting healthcare, energy, and transportation sectors using WhisperGate malware. These operations emphasized Russia’s ongoing offensive in cyberspace.

• Iranian Threat Actors Exploiting VPN and Security Gateways:

Iranian-based cyber groups focused on exploiting vulnerabilities in widely used networking devices, such as Citrix Netscaler, F5 BIG-IP, and Palo Alto Networks systems. These actors carried out credential harvesting and persistent backdoor attacks, posing significant threats to global organizations by compromising network defenses.

• Chinese Cyber Espionage Targeting Supply Chains:

Chinese actors have intensified their espionage operations, particularly focusing on supply chains and critical industries like telecommunications. These operations are part of long-term intelligence-gathering efforts to steal intellectual property from global defense and technology companies.

• North Korean Lazarus Group and Cryptocurrency Theft:

The infamous North Korean Lazarus Group targeted several cryptocurrency exchanges, stealing millions of…