CERT.EU – Cyber Security Brief 23-07 – June 2023

Executive summary

We analysed 312 open source reports for this Cyber Security Brief. 1
Relating to cyber policy and law enforcement, in the EU, large online platforms risk fines for not marking deepfakes, the EU’s Artificial Intelligence Act bans high-risk AI practices and there
were fines for breaching user data access rights. In the rest of the world, the US put a bounty for information on the Clop ransomware.
On the cyberespionage front, a German political party was attacked, the cybercrime group Asylum Ambuscade engaged in cyberespionage, while France and the UK warned about hackers-for-hire targeting law firms. In the rest of the world, Russia alleged there is a US surveillance campaign involving zero-click iPhone exploits and there were concerns over Chinese-origin chips.
Relating to cybercrime, Siemens Energy had a breach and subsequent data exfiltration. In Europe, for June, the top 5 most active ransomware operations have been Play, Lockbit, Darkrace, BlackBasta, and Snatch; the most targeted sectors have been construction & engineering, manufacturing, technology, and transportation. In the rest of the world, US agencies issued an advisory on the Clop ransomware, a 2023 Nokia report pointed at the threat of IoT botnet DDoS and there was new Android malware.
In Europe there were data exposure and leaks in the UK communications regulator.
On the hacktivism front, pro-Russia hacktivist groups targeted with DDoS attacks European ports and European banking institutions, including the European Investment Bank. In the rest of the world, Microsoft’s Azure was affected by DDoS, there were indications that Anonymous Sudan may have links with the Russian state, and Türk Hack Team stated they would be cooperating with Anonymous Sudan.
In this Cyber Brief we have included several significant vulnerabilities and associated advisories reported in June 2023.