CyberWire Daily: Kimsuky Quishing, Advantech Vulnerability, AI Scams, and Spycraft

Emerging Cyber Threats

• 🚨 The FBI is warning about Kimsuky's quishing attacks, which use malicious QR codes in emails to bypass security and steal credentials, targeting governments and academic institutions.
• ⚠️ Singapore has issued a warning for a critical SQL injection vulnerability in Advantech IoT management platforms, allowing remote code execution.
• 🎯 Russian state-sponsored group APT28 (Fancy Bear) is actively harvesting credentials from organizations involved in energy research, defense, and government communications.

AI and Social Engineering Scams

• 🤖 Researchers have identified a large-scale fraud operation, OPCO Pro, using AI-generated personas and fake online communities to trap mobile users in social engineering scams.
• 📱 The scam involves fake investment promises, leading victims to download fraudulent apps that steal identity documents and selfies for financial theft and account takeovers.
• 🚫 Malaysia and Indonesia have suspended access to X (formerly Twitter) due to concerns over the platform's use in creating non-consensual sexual imagery and deepfakes.

Cybersecurity Incidents and Personnel Changes

• 💥 The BreachForums hacking forum experienced another data breach, leaking a database of over 324,000 user accounts and an administrative PGP key.
• 🇺🇸 The NSA has appointed Tim Kosiba as its new Deputy Director, bringing extensive experience from senior roles within the intelligence community.

Business and Innovation in Cybersecurity

• 💰 The cybersecurity sector saw significant funding rounds, including Vega's $120 million Series B, DS Shield's $54 million, and ACT Security's $40 million Series A.
• 🚀 Multiple acquisitions of Managed Security Service Providers (MSSPs) indicate ongoing market consolidation within the cybersecurity industry.

Personal Hacking and IoT Security

• 🛴 A commuter reverse-engineered his scooter's system after the manufacturer went bankrupt, discovering a shared default Bluetooth authentication key that allowed anyone nearby to unlock any scooter of that brand, highlighting IoT security risks.