TheCyber.Report - Daily Cybersecurity News & Analysis

Archive Red Team

• 

  ESET researchers tease apart MQsTTang – new backdoor used by Mustang Panda – uses MQTT protocol
• 

  ESET – BlackLotus UEFI bootkit: First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
• 

  Old things become new again – Pass the Ticket and Silver Ticket work on Azure AD Kerberos
• 

  InfoSec community interest in FlipperZero weaponized by malicious actors
• Red-Team Tool: Invoke-DNSteal – A simple & customizable DNS data exfiltrator
• Tool Update: Faraday tracks and reports information gathered by Red- and Blue-Team tools
• TOOL: LSASS-Shtinkering – Abuse the Windows Error Reporting service to dump LSASS
• 

  ChatGPT makes a valiant effort of weaponizing a buffer overflow - but is your job really in jeopardy?

Archive Emerging Capabilities

• Google Adds Quantum-Resistant Encryption, ups TLS Security in Chrome 116
• NIST plots biggest ever reform of Cybersecurity Framework – CSF 2.0 up for public review
• Paper outlining the new method of encryption
• Japanese researchers identify method for making encryption more secure and less computationally expensive
• Zero Trust, Defense-in-Depth, Cyber Security Mesh Architecture – Can they work together?
• Cloudflare, Fortinet, & Juniper execs headline ‘23 Zero-Trust predictions
• Era of digital trust over? Constant vigilance necessary in age of insider threats
• National Security Agency Year in review – a historic year
• OPINION: Are 100% security guarantees possible?
• Different Perspective - Zero Trust shouldn’t be the new normal
• COVID-bit infecting air-gapped networks now?
• Battle of the encryption and privacy heavyweights - Protonmail v. Tutanota
• Predicting cybersecurity innovation by analyzing global patents - hospitality and travel industries next?

Archive Breaches

• Multiple California Cities Victims of Ransomware
• Ernst & Young (EY): 30,000+ BofA customers were exposed
• Kaspersky: Almost Half of Industrial Sector Computers Affected By Malware!!!
• Despite leak of internal data, Atlassian maintains that their internal systems were not breached – third-party app Envoy identified as source of data
• 

  Valentine's Day Gift – Bumbling threat actor pwns self – uploads screenshot for world to see
• SEC Filling from New T-Mobile Breach
• New year, same story – T-Mobile breached again
• 

  Shockingly, California's digital license plates were a bad idea – hacked already
• New Year, same problems – Canadian Copper Mining Corp mill shut down after ransomware attack
• “PYtorched” – Machine learning toolkit pwned from Xmas to New Years
• Well this is awkward – leading IAM vendor Okta has source code stolen
• BREACHED - Infraguard, the FBI’s confidential information sharing solution
• Black Friday breach sees international sports retailer’s data posted on ransomware gang’s blog
• Uber Holiday Surprise - breached again