CyberWatch Weekly: Top 3 Cybersecurity News from April 4th Week

Cybercriminals are finding new ways to exploit users, as Microsoft warns about AI-powered scams targeting its Quick Assist app. In South Korea, election officials successfully fended off a cyberattack just weeks ahead of the presidential election. Meanwhile, British retail giant Marks & Spencer faced service disruptions following a suspected ransomware incident. Each case highlights the growing need for vigilance, secure systems, and more informed digital habits in an increasingly interconnected world. Let’s dive into this week’s top cybersecurity stories.

Microsoft Issues Urgent Warning About AI Scams Targeting Quick Assist

Microsoft has warned users about growing AI-driven scams exploiting its Quick Assist app, which allows remote access. While Quick Assist itself is secure, cybercriminals are using it to gain unauthorized access to devices by posing as legitimate tech support. Once they establish trust through social engineering, attackers can steal sensitive information. The rise of generative AI has made these scams increasingly sophisticated, with hackers creating realistic scenarios to trick victims. The FBI has also issued warnings about unsolicited tech support calls being linked to scams. Microsoft assured users that it will never initiate unsolicited contact regarding tech support and advised against using remote access tools from untrusted sources. Users should reach out to support through established channels and verify the legitimacy of contacts.

Experts stress the importance of robust security practices, such as multi-factor authentication, to prevent falling victim to these evolving scams. 

Source: Ghacks

Hackers Target Korea’s Election Commission in Failed Breach Attempt

A cyberattack targeting South Korea’s National Election Commission (NEC) was detected and thwarted on Tuesday afternoon. The breach attempt, which lasted approximately three hours, involved repeated efforts to access the election statistics system, potentially aiming to overload the server and disrupt services. Thanks to the NEC’s swift response, the attack was identified in real time through integrated monitoring and cybersecurity systems. The commission blocked the malicious IP addresses, preventing any damage. With South Korea’s 21st presidential election just 40 days away, the NEC emphasized its commitment to safeguarding the election system. It has since strengthened its monitoring efforts to ensure continued security.

To prevent similar attacks, experts recommend implementing more robust server load-balancing mechanisms, enhancing real-time monitoring systems, and conducting regular cybersecurity drills to improve overall security. Additionally, promoting collaboration with cybersecurity firms and government agencies can help strengthen defenses against future cyber threats.

Source: Korea JoongAng Daily

British Retail Giant Marks & Spencer Targeted in Cyber Incident

British retailer giant Marks & Spencer (M&S) is working to restore operations following a cybersecurity incident that disrupted certain store services over the Easter holiday. While the company’s online services remained functional, in-store operations, including click-and-collect and gift card payments, faced significant delays, frustrating customers. M&S acknowledged the breach in a London Stock Exchange filing, stating that temporary changes were made to safeguard customers and the business. The company confirmed it has engaged cybersecurity experts and notified the relevant authorities. While details about the nature of the incident remain scarce, reports suggest that ransomware may be involved, given the widespread disruption, including issues with contactless payments. M&S reassured customers that normal service is resuming but advised those with click-and-collect orders to wait for email notifications before visiting stores.

 To mitigate the impact of similar incidents in the future, organizations can enhance their cybersecurity by implementing regular system updates, using strong encryption methods, and employing multi-factor authentication. Ongoing staff training and threat intelligence sharing are also key to preventing and responding to cyberattacks effectively.

Source: SecurityWeek

Conclusion

As cybercriminals continue to refine their tactics, from AI-driven scams to targeted attacks on critical systems, both individuals and organizations must stay vigilant. The evolving nature of these threats underscores the importance of proactive security measures, timely response, and heightened awareness. Whether it’s safeguarding personal data or protecting national infrastructure, the fight against cybercrime is constant. Stay informed, stay secure, and always prioritize trusted sources for online interactions.

Stay vigilant and informed, tune in next week for more updates in InfosecTrain’s CyberWatch Weekly!