Cybersecurity Digest #66: 02/01/2023 – 23/01/2023

Cybersecurity news

Cybersecurity Blog Posts

  • Riley Ryan, Senior Director of IT Security at Shure, offered his own version of security forecasts for 2023. The tactics of attackers will evolve, defense strategies will evolve with them, and organizations will strive for comprehensive security. In the new year, the author expects more attacks on software supply chains, development of umbrella services, simplification of feedback and reporting.
  • What the new year will bring to the information security community was also told by Diana-Lynn Contesti (CISSP-ISSAP, ISSMP, CSSLP, SSCP). In her opinion, a shortage of information security personnel is expected, an increase in the number of attacks, a surge in deepfake phishing and cleaner programs. New data privacy rules and laws will be adopted around the world to protect consumer information.
  • Help Net Security has published an article by Jackson Shaw, CSO at Clear Skye, dedicated to 4 trends of 2023 in the field of identity security. Among them, the issues of the growth of the use of cloud technologies and identity-based attacks, consolidation of identity management solution providers and others were considered.
  • Zeljka Zorz, Editor-in-Chief at Help Net Security, spoke about the identification of security flaws using the modern fuzzing method. The article describes how researchers found two recently patched vulnerabilities in the MatrixSSL and wolfSSL cryptographic libraries, open source TLS/SSL libraries for embedded environments.

Research and analytics

  • The report Web hackers versus the Auto Industry found wide ranging security failings in systems relied on by 16 separate car makers and powering millions of vehicles. The faults include vulnerable single sign on systems and web application flaws that allowed the researchers to control remote vehicle locking and unlocking, start and stop engines and locate vehicles using GPS.
  • Conflict and geo-economic tensions have triggered a series of deeply interconnected global threats, according to the latest The Global Risks Report 2023, produced in partnership with Marsh McLennan and Zurich Insurance Group. Cyberattacks against essential technology-enabled resources and services, including agriculture and water, financial institutions, public security, transportation, energy, domestic, space-based, and undersea communication infrastructure, are projected to increase along with an increase in cybercrime.
  • Veracode revealed data that could save organizations time and money by helping developers minimize the introduction and accumulation of security flaws in their software. Their report State of Software Security (SoSS) found that flaw build-up over time is such that 32% of applications are found to have flaws at the first scan and by the time they have been in production for five years, 70% contain at least one security flaw.
  • CISA has published its year-in-review report for fiscal year 2022. The report primarily deals with the agency’s work on national cybersecurity defense and agency task unification efforts.
  • Threat intelligence company KELA has published its yearly report on cybercrime for the past year. Some of the company’s main findings are below. According to report, almost 2,800 victims of ransomware and extortion attacks, victims were listed on 60 different leak sites, and 52% of these new platforms emerged in 2022.
  • K7 Security Labs researchers have discovered a campaign by an unknown actor, presumably based in China, who uses Windows Problem Reporting (WerFault.exe) to launch remote administration tools. Hackers abuse WerFault.exe for Windows to load malware into compromised system memory using the DLL side loading method.
  • Fortinet has published a report on new families of ransomware programs discovered over the past few weeks. This latest edition of the Ransomware Roundup covers Monti, BlackHunt, and Putin ransomware.
  • ThreatFabric researchers have recorded a spike in the detection of the Android Trojan SpyNote (SpyMax) in the last quarter of 2022. This family is a unique spyware designed to secretly monitor user actions on an Android device. The malicious program SpyNote can monitor, manage and modify the resources and functions of the device, as well as remote access capabilities.
  • According to the results of the Adastra survey, 77% of IT decision makers in the United States and Canada believe that their companies may face data leakage over the next three years. Since returning to the office creates additional problems with data security, analysts gave 10 tips for minimizing risks.

Major Cyber Incidents