CyberSecurity News
January 3rd 2022
Welcoming in the New Year -
CyberSecurity in 2021, A year in review:
A cybersecurity year in review | Security Magazine
This year’s cybersecurity challenges are reflected in the SolarWinds & Colonial Pipeline compromises.
Lastpass was targeted in a credential stuffing attack, which means that attackers were using leaked credentials to try to gain access to their LastPass accounts. LastPass has mitigation for this, and it seems to have been addressed well:
https://blog.lastpass.com/2021/12/unusual-attempted-login-activity-how-lastpass-protects-you/North Korean hackers are attacking cryptocurrency:
N Korean hackers stole $1.7 billion from cryptocurrency exchanges
Experts believe North Korean hackers are keeping the stolen funds as a long-term investment.
Uber is ignoring a fairly big vulnerability (for now):
https://www.bleepingcomputer.com/news/security/uber-ignores-vulnerability-that-lets-you-send-any-email-from-ubercom/Since companies are in multiple cloud solutions, there is a need for one dashboard view of security on all platforms:
Underinvestment in Multi-Cloud Security a Pressing Concern - Security Boulevard
Although the vast majority of businesses are making multi-cloud a strategic priority in 2022 and keeping security top-of-mind, many feel they lack the
Hacker for Hire firms are too big to fail:
The hacker-for-hire industry is now too big to fail | MIT Technology Review
This is a big moment of turbulence and change for the hacking business. But the demand is here to stay.
Texas ENT Breached:
Healthcare provider Texas ENT alerts 535,000 patients to data breach | The Daily Swig
Unauthorized intruder exfiltrated personal data over a six-day period
Norway’s AMedia (News Publisher) under serious cyberattack:
Cyberattack on one of Norway’s largest media companies shuts down presses
Amedia, the largest local news publisher in Norway, announced on Tuesday that several of its central computer systems were shut down in what it is calling an apparent “serious” cyberattack.
T-Mobile suffers another breach:
[Update: T-Mobile Statement] Exclusive: T-Mobile Has Suffered Yet Another Data Breach
Internal documents from T-Mobile say that there has been yet another data breach affecting a small number of customers.
Microsoft Teams has had another four vulnerabilities discovered:
Multiple vulnerabilities in Microsoft Teams could spoof URLs, leak IP addresses | The Daily Swig
Only one of the issues has so far been patched
A monopoly on browsers means a lack of Alternatives:
Firefox is the Only Alternative - (think)
Supposedly today we have a lot of browsers to choose from - Google Chrome, Safari, Microsoft Edge, Firefox, Brave, Opera, Vivaldi, etc. Having choices is a good thing, right? Nobody wants to relive the time of almost complete Internet Explorer domination again. Unfortunately our choices are significantly fewer than they seem to be at first glance, as Chrome and Safari (thanks to the iPhone) totally dominate the browser landscape in terms of usage and almost all browsers these days are built on t...
Portugal’s largest TV channel hit by Ransomware:
Lapsus$ ransomware gang hits SIC, Portugal's largest TV channel
The Lapsus$ ransomware gang has hacked and is currently extorting Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso, the country\'s largest TV channel and weekly newspaper, respectively.
Great Libraries of Alexander are back, the effort to build the mathematical library of the future:
