CyberSecurityBoard
Sponsor Register Login

Look up: The new frontier of cyberthreats is in the sky

Attackers replaced Digiwin’s original Update.exe execution file with Winword.exe. Update.exe is part of Digiwin’s auto update workflow, but attackers caused it to launch Microsoft Word 2010 instead, which loaded a backdoor that could carry out malicious actions. Still, concerns over drones remain; so much so that the chief of the North American Aerospace Defense Command (NORAD) told lawmakers in February that the Pentagon needed more resources to deal with drones flying over U.S. military installations. The Taiwan attacks demonstrate that American officials and other global watchdogs worried about unidentified drones have legitimate concerns. As such, it seems likely that this strain of drone attacks is a highly sophisticated, targeted attack with careful planning and execution by the threat actors. Taiwan’s central government opened UAV AI Innovation Application R&D Center in Chiayi County and offered a NT$50 million tender for 3,000 commercial-grade drones to be used for military applications. With command and control capabilities installed as part of the breach, attackers gained access to company PCs within drone manufacturers. There are now about a dozen companies in Taiwan participating in drone manufacturing, and even more when taking into account the island’s global aerospace industry. Taiwan’s allegiance to the U.S. and strong technological background make the island a prime target for adversaries interested in military espionage or supply chain attacks. The military said it wasn’t operating the drones but that they didn’t pose a threat. They brought three files to the system: a legitimate copy of Microsoft Word 2010, a signed wwlib.dll file and a file with a random name and file extension. In January, the German cabinet approved a plan to shoot down drones that flew over their military installations. The extreme growth of the drone industry in the past decade also had an unfortunate side effect: even consumer models are used for military purposes now. Taiwan is home to some of the world’s most advanced drone makers, and drone production on the island has ramped up significantly since 2022. The Acronis Threat Research Unit (TRU) found evidence of multiple components of Digiwin deployed in target environments. The drones were real, and reported by citizens, law enforcement officers and members of the U.S. military. “The primary threat I see for them in the way they’ve been operating is detection and perhaps surveillance of sensitive capabilities on our installations,” NORAD chief Gen. Attackers there used malware to spy on drone manufacturers’ corporate computers and likely exfiltrate data. Some of Digiwin’s components contain known vulnerabilities, and it seems very likely that exploitation or a supply chain attack originated in the ERP software. In August 2022, drone manufacturing in Taiwan got a jumpstart.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 05 Mar 2025 15:30:13 +0000


Cyber News related to Look up: The new frontier of cyberthreats is in the sky

Belgium Commences Mega Drug Trial After Covert Apps Cracked - A significant trial began in a Belgian court on Monday, involving over 120 individuals accused of offenses such as drug and arms trafficking, extortion, torture, and attempted murder. This trial is notable not only for its sheer scale but also ...
1 year ago Cysecurity.news
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
1 year ago Cnn.com
How machine learning helps us hunt threats | Securelist - In this post, we will share our experience hunting for new threats by processing Kaspersky Security Network (KSN) global threat data with ML tools to identify subtle new Indicators of Compromise (IoCs). The model can process and learn from millions ...
5 months ago Securelist.com
Electronic Frontier Alliance Comes Back Strong: 2023 in Review - The Electronic Frontier Alliance is a loose network of local groups fighting for digital rights in the United States, chaired by EFF. Members' efforts have been recovering from the limitations put on local organizing caused by the pandemic. More EFA ...
1 year ago Eff.org
Partnering with Government to Strengthen Cyber Resilience in Poland - We are honored to partner with the Polish Government as part of its Polish Cybersecurity Partnership Program program to help expand the country's national cybersecurity capabilities, enhance its cyber defenses, and increase public awareness of the ...
1 year ago Paloaltonetworks.com
Look up: The new frontier of cyberthreats is in the sky - Attackers replaced Digiwin’s original Update.exe execution file with Winword.exe. Update.exe is part of Digiwin’s auto update workflow, but attackers caused it to launch Microsoft Word 2010 instead, which loaded a backdoor that could ...
12 hours ago Bleepingcomputer.com
New Relic CEO sets observability strategy for the AI age - The executive that replaced Gary Steele as CEO at Proofpoint when Steele left for Splunk has now followed Steele's path from cybersecurity to the helm of an observability company. Ashan Willy was appointed CEO at New Relic in December, a month after ...
8 months ago Techtarget.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
1 year ago Feeds.dzone.com
Cyber Signals: How Microsoft protects AI platforms against cyberthreats - AI is at the forefront of this change, and has the potential to empower organizations to defeat cyberattacks at machine speed, address the cyber talent shortage, and drive innovation and efficiency in cybersecurity. Adversaries can use AI as part of ...
1 year ago Microsoft.com
Neurosurgeons of New Jersey Confirms Cyber Attack Resulting in Recent Data Breach - On December 4, 2023, Neurosurgical Associates of New Jersey filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering. In this notice, Neurosurgeons of New Jersey explains that an ...
1 year ago Jdsupra.com
Is Imitation A Form Of Flattery? Scarlett Johansson Doesn't Think So - It all started when Open AI's CEO Sam Altman unveiled a new ChatGPT version that included a new voice assistant seemingly inspired by the movie Her. Controversy started bubbling over how Scarlett Johansson's AI assistant character influenced ...
9 months ago Blog.avast.com
Securing the Digital Frontier - As we navigate through a world brimming with data, understanding the evolving landscape of data protection is not just a necessity but a responsibility. This intricate dance among technology, societal norms, and regulatory frameworks shapes our ...
1 year ago Feeds.dzone.com
CVE-2023-28431 - Frontier is an Ethereum compatibility layer for Substrate. Frontier's `modexp` precompile uses `num-bigint` crate under the hood. In the implementation prior to pull request 1017, the cases for modulus being even and modulus being odd are treated ...
1 year ago
Cyberattack on telecom giant Frontier claimed by RansomHub - An April cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining steam as a cybercriminal operation. On Saturday, the RansomHub operation posted Frontier Communications to its leak site claiming to have ...
8 months ago Therecord.media Ransomhub
Survey: Election Workers Feel Unprepared for Upcoming Cyberthreats - The issues of outside interference in U.S. elections and the security of the systems behind them have been talked and debate for at least a decade and promise to be at the forefront again as the country gears up for what promises to be a pivotal ...
1 year ago Securityboulevard.com
Year in Malware 2023: Recapping the major cybersecurity stories of the past year - Botnets kept coming back from the dead, ransomware actors found new ways to make money through data theft extortion and threat actors and malware who have been around for more than a decade find ways to stay relevant. After Microsoft blocked macros ...
1 year ago Blog.talosintelligence.com CVE-2023-44487 Lazarus Group Rhysida
OpenAI Launches Security Committee Amid Ongoing Criticism - The new committee comes in the wake of two key members of the Superalignment team - OpenAI co-founder Ilya Sutskever and AI researcher Jan Leike - left the company. The shutting down of the superalignment team and the departure of Sutskever and Leike ...
9 months ago Securityboulevard.com
TISAX: new Catalogue ISA v6 available - ISA 6: The latest version of the ISA catalogue, published in October 2023, with many changes and improvements to address the challenges and needs of the industry. Key changes in ISA 6: New and revised controls to strengthen protection, detection, ...
1 year ago Sorinmustaca.com
Dark Reading Debuts Fresh New Site Design - Here are some adjectives the Dark Reading team used to describe our revamped site that went live today: Elegant. The process almost always winds up injecting new life and fresh purpose into your mission, and that's what we've accomplished with Dark ...
1 year ago Darkreading.com
Appointments of New Chief Information Security Officers in the United States in January 2023 - Corporate security is undergoing a lot of changes as businesses attempt to keep up with the ever-changing threat landscape. To ensure the safety of both employees and customers, many companies are now hiring a Chief Security Officer or Chief ...
2 years ago Csoonline.com
Cybersixgill introduces new features and capabilities to strengthen threat analysis - Cybersixgill announced new features and capabilities that take security teams' threat detection and mitigation efforts to new levels, helping them identify and mitigate vulnerabilities and detect and stop threats more quickly and effectively. ...
1 year ago Helpnetsecurity.com Hunters
Cybersixgill Announces Identity Intelligence Module for Threat Analysis - PRESS RELEASE. Tel Aviv, Israel - December 6, 2023 - Cybersixgill, the global cyber threat intelligence data provider, announced today new features and capabilities that take security teams' threat detection and mitigation efforts to new levels, ...
1 year ago Darkreading.com Hunters
As Meta rolls out end-to-end encryption, police warn keeping children safe 'no longer possible' - The move will ensure that Meta's users are protected from abusive legal requests from non-democratic governments. Globally the company receives hundreds of thousands of government requests for user data annually, according to its transparency center ...
1 year ago Therecord.media
Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines - Starting Dec. 18, publicly traded companies will need to report material cyber threats to the SEC. Deloitte offers business leaders tips on how to prepare for these new SEC rules. The U.S. Securities and Exchange Commission’s new rules around ...
1 year ago Techrepublic.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)