Cybersecurity News
A Cybersecurity briefing on noteworthy Cyber Attacks, Vulnerabilities, and InfoSec news.
Noteworthy Cyber Attacks Reported
Kansas-based Captify Health is notifying approximately 244,300 patients that their payment card and other personal information may have been compromised in a data security incident that started as far as back as 2019 involving its colonoscopy prep kit online retail business. According to the breach report, the incident wasn't discovered until 10/13/22 and consumers weren't notified until 12/16/22. This is another example of a major data breach that spanned several years without being discovered or reported. It's scary to think that consumers' sensitive personal data may have been compromised for years or months without any notice at all. Incident discovery and reporting has to be improved and we will continue to see a trend of regulators enforcing more strict requirements and penalties around this. https://www.bankinfosecurity.com/colonoscopy-prep-retail-website-breach-festered-for-years-a-20892
The Housing Authority of the City of Los Angeles (HACLA) has fallen victim to a ransomware attack by LockBit, a well-known ransomware group. This is the second major attack against a LA agency, following a similar incident at the Los Angeles United School District in September last year. The group claimed responsibility for the attack and has taken more than 15TB of the agency's files and has given a ransom deadline of January 12 without disclosing the amount. https://www.malwarebytes.com/blog/news/2023/01/la-housing-authority-is-latest-lockbit-ransomware-victim
Noteworthy Vulnerabilities / Threats Discovered
The South African threat actors known as "Automated Libra" have been improving their techniques to exploit cloud platform resources for cryptocurrency mining by using a new Captcha-solving system and a more aggressive use of CPU resources for mining, which is known as freejacking. They have also used the technique of "Play and Run" which is process of using free cloud resources to perform crypto-mining operations, but as per the experts, this tactic can have serious downstream consequences if it starts to target paid enterprises who rely on cloud infrastructure for operations, data storage, and more. https://www.infosecurity-magazine.com/news/purpleurchin-bypasses-captchas
The ChatGPT AI chatbot has created plenty of excitement in the short time it has been available and now it seems it has been enlisted by some in attempts to help generate malicious code. Analysis of chatter on dark web forums shows that efforts are already under way to use OpenAI's chatbot to help script malware. Artificial Intelligence will continue to be a hot topic of conversation in the Cybersecurity community. It will help improve security tools including Penetration Testing and Security Monitoring. But for all the potential good it offers, there will be negative impacts, such as faster development of malware, that we will need to keep an eye on. https://www.zdnet.com/article/people-are-already-trying-to-get-chatgpt-to-write-malware
A Russian hacking team known as Cold River targeted three nuclear research laboratories in the United States this past summer, according to internet records reviewed by Reuters and five cyber security experts. https://www.reuters.com/world/europe/russian-hackers-targeted-us-nuclear-scientists-2023-01-06/
Noteworthy InfoSec News
Hack The Box Raises $55 Million From One of the Mega-Funds in the World It's great to see money being invested in Cybersecurity training/educational platforms that continue to improve and grow the information security community! As a member and supporter of the service, I am excited to see the continued improvements and growth of the platform! If you are interested in increasing your security knowledge, whether you are a penetration tester or not, I would highly recommend using this service. And for all the certification holders out there, you can earn CPEs. https://therecursive.com/hack-the-box-raises-55-million-by-one-of-the-mega-funds-in-the-world/
ISACA discusses some of the biggest breaches of 2022 that were caused by sophisticated cyber attacks carried out by unexpected third parties and the lessons learned. The causes of these breaches varied, from human error to sophisticated hacking techniques, but all of them resulted in significant data loss and financial consequences for the companies involved. https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2022/top-cyberattacks-of-2022-lessons-learned
In 2023, hiring and retaining skilled cyber talent will continue to be a major challenge for the public sector, as the cybersecurity skills gap is not closing anytime soon. Research shows that 80% of organizations have suffered a data breach due to a lack of cybersecurity talent or awareness, with the public sector particularly at risk with over 700,000 unfilled cybersecurity positions. Organizations will turn to technology to help address staffing shortages, including data sharing, automation and digital technologies such as chatbots, machine learning and natural language processing to free up staff for other tasks. https://www.scmagazine.com/feature/careers/2023-workforce-predictions-lack-of-talent-will-haunt-firms-as-leadership-comes-under-scrutiny
Triple Data Encryption Algorithm is used widely across many industries and in many popular network protocols to encrypt data at rest and data in motion. NIST deprecated the algorithm in 2018, however, and Triple DES use will be disallowed after 2023. https://www.techtarget.com/searchsecurity/tip/Expert-advice-Encryption-101-Triple-DES-explained
Check our Twitter and Discord Server for more information:
https://twitter.com/CyberOutlook
https://discord.com/invite/ZRMUz3Q9Uy
If you missed the last rundown, check it out here:
https://www.cyberoutlook.org/post/cyber-outlook-rundown-1-5-23
Additional resources:
HackTheBox Cybersecurity Training Platform https://www.hackthebox.com/
Learn more about OpenAI's ChatGPT https://openai.com/blog/chatgpt/
Cyware - provides threat intelligence, security orchestration and other cybersecurity resources https://cyware.com/
