Russian Hacking Group Claims Responsibility for Cyberattack on Indiana Wastewater Plant  

A Russian hacking group, called the "People's Cyber Army of Russia," has claimed responsibility for a cyberattack on the Tipton West Wastewater Treatment Plant in Indiana. The group released a video on social media, showcasing the attack, which caused some minor disruptions to the plant's operations. The plant's general manager, Jim Ankrum, confirmed the attack, stating that the plant's operations were maintained throughout the incident and drinking water was never compromised. The attack is the latest in a series of cyberattacks on water facilities in small towns across the US.  Highlighting the vulnerability of critical infrastructure to nation-state cybercriminals. The Biden Administration has issued a warning to state governments and industry leaders, urging them to take action to protect against these threats. The incident is under investigation by the Cybersecurity and Infrastructure Security Agency.

Africa Targeted as a 'Testing Ground' for Nation-State Cyber Warfare

A new report by Performanta, a multinational cybersecurity firm, reveals that Africa is being used as a "testing ground" for nation-state cyber warfare, with developing countries being targeted first before attacks are launched on developed nations. The firm's analysis of the Medusa ransomware-as-a-service found that finance, manufacturing, and energy industries are the most likely targets for state-sponsored cyber warriors. The report notes a significant increase in financial/banking trojans in countries like Kenya and Nigeria, and highlights the need for increased awareness and collaboration between nations to build a strong defense against nation-state cyber threats.

Brokewell Android Trojan: A Powerful Threat to User Data and Device Security

A newly discovered Android trojan, dubbed Brokewell, poses a significant threat to user data and device security. This powerful malware can steal sensitive information, and even allow them to take control of infected devices. Brokewell is distributed through fake app updates and can overlay fake windows to harvest credentials and capture device events. It also packs spyware capabilities, collecting device information, call history, and geolocation. With its ability to bypass Android 13 restrictions, Brokewell is a significant concern for Android users. Google Play Protect offers protection against known versions of this malware, but users must remain vigilant and cautious when downloading apps.

CrushFTP Servers Vulnerable to Actively Exploited Zero-Day

Over 1,400 CrushFTP servers remain vulnerable to a critical zero-day vulnerability (CVE-2024-4040) with a CVSS score of 9.8, according to the Shadowserver Foundation. The server-side template injection flaw allows remote attackers to gain administrative privileges and execute arbitrary code, This vulnerability has been actively exploited in targeted attacks, against US entities. CrushFTP versions 9, 10, and 11 are affected, and users are urged to upgrade to version 10.71 or 11.1.0 to address the issue. The US cybersecurity agency CISA has added the vulnerability to its Known Exploited Vulnerabilities catalog, setting deadlines for federal agencies to patch vulnerable hosts by May 1.