Week in Review: LastPass Breach Disaster, Online Tracking via UID Smuggling, Ransomware in 2023

Review of cybersecurity week

Here’s a look at some of the most interesting news, articles, interviews and videos from the past week:

LastPass says attackers got user info and Password Vault data
The information couldn’t have come at the worst possible time, because companies are ceasing their activities and employees and users are immersed in last-minute preparations for the end-of-year celebrations.

New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)
Ransomware attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities (CVE-2022-41082) to execute code remotely on Microsoft Exchange servers.

Make sure your business is ready for the holiday hacking season
We are coming to that time of year when employees are excited about the holidays and taking time out to be with their loved ones. But while the employees prepare to rest and relax, the pirates prepare for their busy season.

5 cybersecurity trends that are accelerating in 2023
Netwrix has released the top cybersecurity trends that will affect organizations of all sizes in 2023.

What happens once the scammers receive funds from their victims?
In this Help Net Security video, Ronnie Tokazowski, Senior Threat Advisor at Cofense, provides insight into the world’s most lucrative cybercrime: Business Email Compromise (BEC).

APIs put your business at risk
The recent push to focus on API security comes at a critical time when more and more enterprises are relying on enterprise mobility, which means a growing reliance on mobile app connectivity.

UID Smuggling: A New Technique to Track Users Online
Advertisers and web trackers have been able to aggregate user information across all the websites they visit for decades, primarily by placing third-party cookies in users’ browsers.

Ransomware predictions for 2023
In this Help Net Security video, Dave Trader, Field CISO at Presidio, talks about the evolution of ransomware attacks and outlines what we can expect in 2023.

Amplified Security Trends to Watch in 2023
In 2023 and beyond, businesses can expect to continue to face many of the same threats they face today, but with one key difference: expecting criminals to take advantage of advances in technology to optimize the effectiveness of their attacks.

85% of attacks now use encrypted channels
Malware continues to pose the greatest threat to individuals and businesses across nine key industries, with manufacturing, education and healthcare being the most commonly targeted, according to Zscaler.

The Benefit of Adopting a Hacker Mindset to Develop Security Strategies
As Vice President of Research at Pentera, Alex Spivakovsky leads a team of former feather testers, red teams, and incident response experts whose job it is to circumvent existing security controls.

Open source vulnerabilities add to security debt
The number of open source vulnerabilities Mend identified and added to its vulnerability database in the first nine months of 2022 was 33% higher than in the first nine months of 2021, reflecting both growth in the number of released open source packages and vulnerability acceleration.

Contradictory risk in the age of ransomware
Éireann Leverett, technology and risk entrepreneur, gets the public to think about ransomware risk from many angles, and that includes the perspective of threat actors. This video was recorded at IRISSCON 2022, an annual conference organized by IRISSCERT.

CISO roles continue to expand beyond technical expertise
Marlin Hawk tracked and analyzed the profiles of 470 CISOs year over year to understand the changing dynamics of this critical leadership position.

Connected homes are growing, so is attack volume
78% of Americans report dangerous online behaviors that put them at risk from cyber threats, like reusing or sharing passwords, skipping software updates and more – a 14% increase from a year ago only two years, according to Comcast.

Businesses overwhelmed by available technology solutions
According to GlobalDots, 92% of executives reported difficulty acquiring new technology solutions, highlighting the complexities that go into the decision-making process.

Leave a Reply