thecyber.report Open in urlscan Pro
208.97.187.171  Public Scan

Form analysis
0 forms found in the DOM

Text Content

THECYBER.REPORT - DAILY CYBERSECURITY NEWS & ANALYSIS


 * BlackHat 2023 Highlights
 * Cybersecurity Industry Is Healthy: Thoughts on BlackHat 2023





BLUE TEAM

 * Ukrainian cyberspace intelligence helps thwart Russian war efforts
 * 
   Sysdig Threat Research Team – SCARLETEEL more sophisticated than your average
   Cryptojacking threat actor – Analysis and IOCs
 * 
   Patch urgency rises – Proof of Concept code for Fortinet's FortiNAC published
   – Fortinet patches out "keyUpload.jsp"
 * 
   New OT PCAP Analysis Tool from SynSaber
 * 
   Inside look – Walmart's Cybersecurity Operations – Bentonville, AR
 * 
   BianLian Decrypted! Avast releases malware analysis and decryption tool
 * DHS and CISA team up to build AI-powered cybersecurity sandbox


CYBER LAW

 * Accountability for DeFi Ponzi and pyramid scheme that "raised" approximately
   $340 million from victim-investors?
 * Cyber attacks “uninsurable”? – Major insurance chief says they are trending
   that way
 * Swatting spree ends in arrests!
 * T-Mobile scammer gets decade in slammer
 * Not updating AV can cost you your freedom - in Albania
 * Breaking the cycle of addiction… to ransomware payments
 * EU court rejects WhatsApp’s arguments, €225 million fine stands.


PHISHING

 * ChatGPT Makes It Easier to Boost Phishing Scams


RED TEAM

 * 
   ESET researchers tease apart MQsTTang – new backdoor used by Mustang Panda –
   uses MQTT protocol
 * 
   ESET – BlackLotus UEFI bootkit: First UEFI Bootkit Malware to Bypass Secure
   Boot on Windows 11
 * 
   Old things become new again – Pass the Ticket and Silver Ticket work on Azure
   AD Kerberos
 * 
   InfoSec community interest in FlipperZero weaponized by malicious actors
 * Red-Team Tool: Invoke-DNSteal – A simple & customizable DNS data exfiltrator
 * Tool Update: Faraday tracks and reports information gathered by Red- and
   Blue-Team tools
 * TOOL: LSASS-Shtinkering – Abuse the Windows Error Reporting service to dump
   LSASS


EMERGING CAPABILITIES

 * Google Adds Quantum-Resistant Encryption, ups TLS Security in Chrome 116
 * NIST plots biggest ever reform of Cybersecurity Framework – CSF 2.0 up for
   public review
 * Paper outlining the new method of encryption
 * Japanese researchers identify method for making encryption more secure and
   less computationally expensive
 * Zero Trust, Defense-in-Depth, Cyber Security Mesh Architecture – Can they
   work together?
 * Cloudflare, Fortinet, & Juniper execs headline ‘23 Zero-Trust predictions
 * Era of digital trust over? Constant vigilance necessary in age of insider
   threats


BREACHES

 * Multiple California Cities Victims of Ransomware
 * Ernst & Young (EY): 30,000+ BofA customers were exposed
 * Kaspersky: Almost Half of Industrial Sector Computers Affected By Malware!!!
 * Despite leak of internal data, Atlassian maintains that their internal
   systems were not breached – third-party app Envoy identified as source of
   data
 * 
   Valentine's Day Gift – Bumbling threat actor pwns self – uploads screenshot
   for world to see
 * SEC Filling from New T-Mobile Breach
 * New year, same story – T-Mobile breached again


BUSINESS NEWS

 * 20 Hottest New Cybersecurity Tools At Black Hat 2023
 * 10 Cybersecurity Startups To Watch From Black Hat 2023
 * News Corp. Breach Exposes Employee Personally Identifiable Information (PII)
   from '20 to '22 – Fail to disclose to impacted parties until '23
 * Samsung introduces "Message Guard" – protecting users against zero-click
   image-based attacks
 * 
   Per VC firms – these are the hottest Cybersecurity startups for 2023
 * Viral TikTok "Challenge" leads Hyundai and Kia to release urgent software fix
   for USB vulnerability – Thousands of cars cannot be patched
 * SC Magazine year in review – Cyberattacks raged… but security teams made
   progress


THREAT INTEL

 * Dell Credentials Bug Opens VMware Environments to Takeover
 * Foreign Embassies in Belarus Victims of Years-Long Cyber Espionage
 * 
   Mitiga Security Advisory – Research into cloud exfiltration reveals
   insufficient forensic visibility in GCP storage
 * 
   Jamf Threat Labs – "Evasive cryptojacking malware targeting macOS found
   lurking in pirated applications"
 * Original Fortinet FortiNAC research – Horizon3.ai
 * North Korean Attacker Research, Attribution, and IOC's – from CISA
 * North Korean cyber operations target healthcare industry


 * Blue Team
 * Cyber Law
 * Phishing
 * Red Team
 * Emerging Capabilities
 * Breaches
 * Threat Intel
 * Business News
 * Privacy Policy



© 2023

To Top
An Arbitr Subsidiary