Cyber Insights • March 2024

Dreamlab Technologies presents to you our brand new ‘Cyber Insights’ newsletter – an expert analysis of the latest developments in the cyber domain across the globe. The cyber world is a world full of opportunities, but unfortunately faces new and emerging threats every day. This newsletter contains insights and trends in cybersecurity and emerging technologies that will help you stay informed regarding the threats and challenges in today's rapidly evolving digital world. It also comes with a brief analysis of the cybersecurity events from a geo-political perspective. In the evolving geo-political dynamics today, cyber-security is increasingly being prioritised by countries worldwide. Stronger cyber defence capabilities, higher investments in cybersecurity budgets and facilitating cyber policy dialogues are some of the new trends observed in the global geo-politics. The concise content in this paper provides a glimpse into this global scenario concerning the cyberspace. It is easy to read and can help promote awareness regarding best cybersecurity practices and safeguard our digital lives.

Inside this issue:

  • Major tech companies to combat AI-generated election misinformation
  • UK, US and EU disrupt the world’s most harmful ransomware network
  • NIST releases version 2.0 of its leading Cybersecurity Framework
  • North Korean hacker group exploits Windows zero-day vulnerability
  • AFRIPOL signs MoU with Group-IB to strengthen cybersecurity across Africa

In this edition, we delve into the new accord signed by the major tech companies of the world to combat ‘AI-generated election misinformation’ in the 2024 elections worldwide. According to the Global Risks report 2024, ‘AI-generated misinformation and disinformation’ has been stated as one of the top five risks most likely to present a material crisis on a global scale. Misinformation can have severe impacts from undermining trust in the electoral process and democracy, to deepening of societal divisions, leading to social unrest and causing geopolitical instability across the world. Hence, a pledge to work together to combat this menace could help preserve the sanctity of elections and maintain public trust in the process.

Next, we dive into the successful joint operation by law agencies across 10 countries, led by UK's National Crime Agency (NCA), codenamed ‘Operation Cronos’ that led to the disruption of the world’s most deployed ransomware network LockBit and arrests of several gang members. Notorious Lockbit was in operation in the last 4 years, launching ransomware attacks and demanding ransoms from people all over the world which led to huge economic losses. The success of the operation would further set a deterrent for other cybercriminals from engaging in illegal activities.

In the US, the National Institute of Standards and Technology (NIST) released the updated version of its landmark Cybersecurity Framework (CSF 2.0) after multiyear discussions and public comments on the draft version. We view some of its provisions and how the framework would serve as a major source of voluntary cybersecurity guidance for a wider audience, specifically those seeking to secure their supply chains.

Spanning Asia, we examine how the North Korean hacker group Lazarus exploited a Windows zero-day vulnerability in the AppLocker driver, that allowed them to gain kernel-level access, the highest level of access to targeted systems. In a report published by the cybersecurity firm Avast, it has mentioned how an updated version of Lazarus’ FudModule rootkit, a malware was used to launch the attacks. The vulnerability was later addressed and patched by Microsoft.

And across Africa, we take a look at the Memorandum of Understanding (MoU) that was signed between AFRIPOL and Group-IB, a global cybersecurity company headquartered in Singapore to enhance cybersecurity and combat cybercrime. The MoU is aimed at fostering collaboration between the two sides, Group-IB and AFRIPOL to jointly combat cybercrime across Africa which is a huge step in the direction of cybersecurity.

Discover more and explore the captivating stories, by downloading a copy of ‘Cyber Insights’ below.




Cyber Insights • March 2024

All blog posts