TheCyber.Report - Daily Cybersecurity News & Analysis

• Kaspersky: Almost Half of Industrial Sector Computers Affected By Malware!!!

BLUE TEAM

• 

  Sysdig Threat Research Team – SCARLETEEL more sophisticated than your average Cryptojacking threat actor – Analysis and IOCs
• 

  Patch urgency rises – Proof of Concept code for Fortinet's FortiNAC published – Fortinet patches out "keyUpload.jsp"
• 

  New OT PCAP Analysis Tool from SynSaber
• 

  Inside look – Walmart's Cybersecurity Operations – Bentonville, AR
• 

  BianLian Decrypted! Avast releases malware analysis and decryption tool
• DHS and CISA team up to build AI-powered cybersecurity sandbox
• 

  Beta Tool Alert – @Cyb3rOps’ new “yaraQA” rule analyzer 0.1

CYBER LAW

• Accountability for DeFi Ponzi and pyramid scheme that "raised" approximately $340 million from victim-investors?
• Cyber attacks “uninsurable”? – Major insurance chief says they are trending that way
• Swatting spree ends in arrests!
• T-Mobile scammer gets decade in slammer
• Not updating AV can cost you your freedom - in Albania
• Breaking the cycle of addiction… to ransomware payments
• EU court rejects WhatsApp’s arguments, €225 million fine stands.

PHISHING

• ChatGPT Makes It Easier to Boost Phishing Scams

RED TEAM

• 

  ESET researchers tease apart MQsTTang – new backdoor used by Mustang Panda – uses MQTT protocol
• 

  ESET – BlackLotus UEFI bootkit: First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
• 

  Old things become new again – Pass the Ticket and Silver Ticket work on Azure AD Kerberos
• 

  InfoSec community interest in FlipperZero weaponized by malicious actors
• Red-Team Tool: Invoke-DNSteal – A simple & customizable DNS data exfiltrator
• Tool Update: Faraday tracks and reports information gathered by Red- and Blue-Team tools
• TOOL: LSASS-Shtinkering – Abuse the Windows Error Reporting service to dump LSASS

EMERGING CAPABILITIES

• NIST plots biggest ever reform of Cybersecurity Framework – CSF 2.0 up for public review
• Paper outlining the new method of encryption
• Japanese researchers identify method for making encryption more secure and less computationally expensive
• Zero Trust, Defense-in-Depth, Cyber Security Mesh Architecture – Can they work together?
• Cloudflare, Fortinet, & Juniper execs headline ‘23 Zero-Trust predictions
• Era of digital trust over? Constant vigilance necessary in age of insider threats
• National Security Agency Year in review – a historic year

BREACHES

• Despite leak of internal data, Atlassian maintains that their internal systems were not breached – third-party app Envoy identified as source of data
• 

  Valentine's Day Gift – Bumbling threat actor pwns self – uploads screenshot for world to see
• SEC Filling from New T-Mobile Breach
• New year, same story – T-Mobile breached again
• 

  Shockingly, California's digital license plates were a bad idea – hacked already
• New Year, same problems – Canadian Copper Mining Corp mill shut down after ransomware attack
• “PYtorched” – Machine learning toolkit pwned from Xmas to New Years

BUSINESS NEWS

• News Corp. Breach Exposes Employee Personally Identifiable Information (PII) from '20 to '22 – Fail to disclose to impacted parties until '23
• Samsung introduces "Message Guard" – protecting users against zero-click image-based attacks
• 

  Per VC firms – these are the hottest Cybersecurity startups for 2023
• Viral TikTok "Challenge" leads Hyundai and Kia to release urgent software fix for USB vulnerability – Thousands of cars cannot be patched
• SC Magazine year in review – Cyberattacks raged… but security teams made progress
• It may look like phishing, but it (probably) isn’t – Equifax settlement offers are real – for now
• $34 million of investment drives VMRay into new markets

THREAT INTEL

• 

  Mitiga Security Advisory – Research into cloud exfiltration reveals insufficient forensic visibility in GCP storage
• 

  Jamf Threat Labs – "Evasive cryptojacking malware targeting macOS found lurking in pirated applications"
• Original Fortinet FortiNAC research – Horizon3.ai
• North Korean Attacker Research, Attribution, and IOC's – from CISA
• North Korean cyber operations target healthcare industry
• NewsPenguin – Blackberry research and IoCs
• 

  New APT "NewsPenguin" – Targeting Pakistani Military Industrial Complex – Sophisticated Malware attempts to elude analysis