ChatGPT Less Convincing Than Human Social Engineers in Phishing Attacks
Tech companies large and small are all jumping on the AI chatbot bandwagon—Google just opened up access to its Bard offering and ChatGPT is already on version 4—and, not surprisingly, threat actors will likely press AI into action to carry out nefarious actions. For now, though, human social engineers still ... Read More
Success of National Cybersecurity Strategy Rests on Swift Action
Just a week after the White House unveiled its long-anticipated National Cybersecurity Strategy, a pair of incidents—a breach at DC Health Link that may have exposed the personal data of members of Congress and a warning that hackers were exploiting old vulnerabilities in VMware—underscored the importance of shoring up cybersecurity ... Read More
Known Vulnerabilities Drove Most Cyberattacks in 2022
New research revealed an all-too-familiar theme: Known vulnerabilities for which patches have been issued were the main way threat actors executed cyberattacks in 2022. “The data highlights that long-known vulnerabilities frequently cause more destruction than the shiny new ones,” Bob Huber, CSO and head of research, Tenable, said in a ... Read More
LastPass Devs Were Phished for Credentials
LastPass has followed news of last month’s breach with details on a second attack in which developers were phished for their credentials. In the January incident, the password manager’s parent, GoTo, said that in addition to stealing encrypted backups containing customer data, hackers nicked an encryption key last November. “An ... Read More
NIST Shores Up CSF 2.0 With Supply Chain, Governance Reforms
The U.S. Dept. of Commerce National Institute of Standards and Technology (NIST) will open a comment period for stakeholders on proposed significant reform to its Cybersecurity Framework (CSF). In advance of the public comment period, the standards organization wrapped up the last stakeholder workshops last week. It is the first ... Read More
Ransomware Attack Brings Dole Operations to a Temporary Halt
At a time when companies are plagued by supply chain issues, inflation is skyrocketing and cyberattacks proliferate, Dole PLC recently found itself the victim of a ransomware attack that temporarily shuttered some of its North American operations. “The Dole ransom attack highlights how the just-in-time nature of food supply chains makes them ... Read More
Weak Creds, Unpatched Flaws, Reliance on Tools Plagued Orgs in 2022
Organizations often either have weak credential policies or don’t enforce them, making it easy for attackers to use legitimate credentials to log in—or live off the land—rather than using topflight tools to hack their way into systems. That’s just one of three major themes that emerged in 2022, according to ... Read More
‘Sophisticated’ Threat Actor Stole GoDaddy Code
Threat actors lingered in GoDaddy’s systems, installing malware and stealing source code in a security incident that lasted years. After receiving complaints from a few customers in December that their websites were being “intermittently redirected,” the web hosting service said it “found that the intermittent redirects were happening on seemingly ... Read More
Royal Mail Hung Tough in LockBit Ransom Negotiations
Negotiators for the Royal Mail apparently played hardball with LockBit over a ransom demand that the mail service said was too high, prompting the attackers to lower their ask and reset the ransom deadline. Insights into how ransoms are negotiated are few and far between, but the leaked transcript of ... Read More
US, UK Join Forces to Sanction Trickbot Leaders
In a first for the UK—and de rigueur for the U.S.—the U.S. Department of the Treasury’s Office of Foreign Assets Control and the U.K.’s Foreign, Commonwealth and Development Office, National Crime Agency and His Majesty’s Treasury sanctioned leadership of the notorious Russian cybergang Trickbot. The mutual action took aim at ... Read More
