TheCyber.Report - Daily Cybersecurity News & Analysis

• BlackHat 2023 Highlights
• Cybersecurity Industry Is Healthy: Thoughts on BlackHat 2023

BLUE TEAM

• Ukrainian cyberspace intelligence helps thwart Russian war efforts
• 

  Sysdig Threat Research Team – SCARLETEEL more sophisticated than your average Cryptojacking threat actor – Analysis and IOCs
• 

  Patch urgency rises – Proof of Concept code for Fortinet's FortiNAC published – Fortinet patches out "keyUpload.jsp"
• 

  New OT PCAP Analysis Tool from SynSaber
• 

  Inside look – Walmart's Cybersecurity Operations – Bentonville, AR
• 

  BianLian Decrypted! Avast releases malware analysis and decryption tool
• DHS and CISA team up to build AI-powered cybersecurity sandbox

CYBER LAW

• Accountability for DeFi Ponzi and pyramid scheme that "raised" approximately $340 million from victim-investors?
• Cyber attacks “uninsurable”? – Major insurance chief says they are trending that way
• Swatting spree ends in arrests!
• T-Mobile scammer gets decade in slammer
• Not updating AV can cost you your freedom - in Albania
• Breaking the cycle of addiction… to ransomware payments
• EU court rejects WhatsApp’s arguments, €225 million fine stands.

PHISHING

• ChatGPT Makes It Easier to Boost Phishing Scams

RED TEAM

• 

  ESET researchers tease apart MQsTTang – new backdoor used by Mustang Panda – uses MQTT protocol
• 

  ESET – BlackLotus UEFI bootkit: First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
• 

  Old things become new again – Pass the Ticket and Silver Ticket work on Azure AD Kerberos
• 

  InfoSec community interest in FlipperZero weaponized by malicious actors
• Red-Team Tool: Invoke-DNSteal – A simple & customizable DNS data exfiltrator
• Tool Update: Faraday tracks and reports information gathered by Red- and Blue-Team tools
• TOOL: LSASS-Shtinkering – Abuse the Windows Error Reporting service to dump LSASS

EMERGING CAPABILITIES

• Google Adds Quantum-Resistant Encryption, ups TLS Security in Chrome 116
• NIST plots biggest ever reform of Cybersecurity Framework – CSF 2.0 up for public review
• Paper outlining the new method of encryption
• Japanese researchers identify method for making encryption more secure and less computationally expensive
• Zero Trust, Defense-in-Depth, Cyber Security Mesh Architecture – Can they work together?
• Cloudflare, Fortinet, & Juniper execs headline ‘23 Zero-Trust predictions
• Era of digital trust over? Constant vigilance necessary in age of insider threats

BREACHES

• Multiple California Cities Victims of Ransomware
• Ernst & Young (EY): 30,000+ BofA customers were exposed
• Kaspersky: Almost Half of Industrial Sector Computers Affected By Malware!!!
• Despite leak of internal data, Atlassian maintains that their internal systems were not breached – third-party app Envoy identified as source of data
• 

  Valentine's Day Gift – Bumbling threat actor pwns self – uploads screenshot for world to see
• SEC Filling from New T-Mobile Breach
• New year, same story – T-Mobile breached again

BUSINESS NEWS

• 20 Hottest New Cybersecurity Tools At Black Hat 2023
• 10 Cybersecurity Startups To Watch From Black Hat 2023
• News Corp. Breach Exposes Employee Personally Identifiable Information (PII) from '20 to '22 – Fail to disclose to impacted parties until '23
• Samsung introduces "Message Guard" – protecting users against zero-click image-based attacks
• 

  Per VC firms – these are the hottest Cybersecurity startups for 2023
• Viral TikTok "Challenge" leads Hyundai and Kia to release urgent software fix for USB vulnerability – Thousands of cars cannot be patched
• SC Magazine year in review – Cyberattacks raged… but security teams made progress

THREAT INTEL

• Dell Credentials Bug Opens VMware Environments to Takeover
• Foreign Embassies in Belarus Victims of Years-Long Cyber Espionage
• 

  Mitiga Security Advisory – Research into cloud exfiltration reveals insufficient forensic visibility in GCP storage
• 

  Jamf Threat Labs – "Evasive cryptojacking malware targeting macOS found lurking in pirated applications"
• Original Fortinet FortiNAC research – Horizon3.ai
• North Korean Attacker Research, Attribution, and IOC's – from CISA
• North Korean cyber operations target healthcare industry