2022 - Cyber Security Informer

The Top 22 Security Predictions for 2022

Lohrman on Security

DECEMBER 23, 2021

Here’s your annual roundup of the top security industry forecasts, trends and cybersecurity prediction reports for calendar year 2022. What will the New Year bring in cyber space?

Cybersecurity

Hacktivism and DDOS Attacks Rise Dramatically in 2022

Lohrman on Security

AUGUST 21, 2022

2022 has brought a surge in distributed denial-of-service attacks as well as a dramatic rise in patriotic hacktivism. What’s ahead for these trends as the year continues?

DDOS

Microsoft Patch Tuesday, May 2022 Edition

Krebs on Security

MAY 10, 2022

By all accounts, the most urgent bug Microsoft addressed this month is CVE-2022-26925 , a weakness in a central component of Windows security (the “ Local Security Authority ” process within Windows). CVE-2022-26925 was publicly disclosed prior to today, and Microsoft says it is now actively being exploited in the wild.

Authentication

Authentication Engineering Internet Internet

Microsoft Patch Tuesday, October 2022 Edition

Krebs on Security

OCTOBER 11, 2022

The new zero-day flaw– CVE-2022-41033 — is an “elevation of privilege” bug in the Windows COM+ event service, which provides system notifications when users logon or logoff. Microsoft says the flaw is being actively exploited, and that it was reported by an anonymous individual.

DNS

DNS Internet Internet Cyber threats

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

August 11, 2022 at 11:00 am PDT, 2:00 pm EDT, 7:00 pm GMT In this webinar, you will learn how to: Outline popular change management models and processes. Organize ERM strategy, operations, and data. Determine impact tangents. Practice change management process with ERM data.

Risk

Microsoft Patch Tuesday, August 2022 Edition

Krebs on Security

AUGUST 9, 2022

This latest MSDT bug — CVE-2022-34713 — is a remote code execution flaw that requires convincing a target to open a booby-trapped file, such as an Office document. Microsoft this month also issued a different patch for another MSDT flaw, tagged as CVE-2022-35743.

Authentication

Authentication Internet Internet Cyber threats

Microsoft Patch Tuesday, April 2022 Edition

Krebs on Security

APRIL 13, 2022

Of particular concern this month is CVE-2022-24521 , which is a “privilege escalation” vulnerability in the Windows common log file system driver. Among the scariest critical bugs is CVE-2022-26809, a potentially “wormable” weakness in a core Windows component ( RPC ) that earned a CVSS score of 9.8 (10

DNS

DNS Internet Internet Firewall

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. But by the time we got to claims made in the middle of May 2022, completing the rest of the year’s timeline seemed unnecessary.

Mobile

Mobile Phishing Authentication Advertising

Microsoft Patch Tuesday, June 2022 Edition

Krebs on Security

JUNE 15, 2022

On top of the critical heap this month is CVE-2022-30190 , a vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. Beaumont said other researchers on April 12, 2022 told Microsoft about active exploitation of the MSDT flaw, but Microsoft closed the ticket saying it wasn’t a security issue.

Architecture

Architecture Internet Internet Software

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

March 17, 2022 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm BST DRaaS as the last line of defense. Best practices for choosing a DRaaS solution. Protect yourself and your business. This is an exclusive webinar you won’t want to miss!

Ransomware

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S. On May 12, 2022, KrebsOnSecurity broke the news that hackers had gained access to a DEA portal that taps into 16 different federal law enforcement databases. .” federal government portal without authorization. ” Image: USDOJ.

Hacking

Hacking Government Media Accountability

US Cyber Command Operations During the 2022 Midterm Elections

Schneier on Security

JANUARY 25, 2023

Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. The head of both US Cyber Command and the NSA, Gen. “We understood how foreign adversaries utilize infrastructure throughout the world.

Cybersecurity

Cybersecurity Hacking

Banks Must Report Cyber Incidents Beginning in May 2022

Lohrman on Security

DECEMBER 12, 2021

financial institutions are leaders in global cyber defense. Recently approved rules will mandate the reporting of security incidents next year. We explore the topic with cybersecurity expert Michael McLaughlin.

Banking

Banking Cybersecurity

2022 Cyber Review: The Year the Ukraine War Shocked the World

Lohrman on Security

DECEMBER 18, 2022

This past year will be remembered as another year of ransomware attacks, data breaches impacting critical infrastructure and, most of all, global cybersecurity impacts from the Russian war with Ukraine.

Data breaches

Data breaches Ransomware Cybersecurity

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

billion in 2022. Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3

Cybersecurity

CVE-2022-45157 (CVSS 9.1): Critical Security Flaw in Rancher Exposes vSphere Credentials in Plaintext

Penetration Testing

OCTOBER 27, 2024

The SUSE Rancher Security team has recently issued a high-severity advisory, CVE-2022-45157, warning users of a critical vulnerability affecting Rancher’s handling of vSphere’s Cloud Provider Interface (CPI) and Container Storage... The post CVE-2022-45157 (CVSS 9.1): Critical Security Flaw in Rancher Exposes vSphere Credentials (..)

Cybersecurity

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Schneier on Security

NOVEMBER 18, 2024

Zero-day vulnerabilities are more commonly used , according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.

Cybersecurity

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Hacking

Hacking Phishing Cybercrime Passwords

Holiday Travel Surge Brings Back Vaccine Passports — Or Not

Lohrman on Security

NOVEMBER 21, 2021

But get ready for more as travel returns for the holidays and 2022. As global travel returns, airline rules, checks and tests are hard to track. Here’s the latest.

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

Register now for this exclusive webinar on March 24th, 2022 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm GMT Deliver better insights on user access and app utilization that’s needed for better IT management and cost optimization across all SaaS apps.

Risk

Critical Microsoft Code-Execution Vulnerability

Schneier on Security

DECEMBER 22, 2022

It seems that researchers just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Microsoft fixed CVE-2022-37958 in September during its monthly Patch Tuesday rollout of security fixes.

Authentication

Ransomware Payments Are Down

Schneier on Security

JANUARY 31, 2023

Chainalysis reports that worldwide ransomware payments were down in 2022. million from victims in 2022, down from $765.6 Ransomware attackers extorted at least $456.8 million the year before.

Ransomware

Ransomware Cryptocurrency Cybercrime

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. 9, 2022 and Dec.

Cybercrime

Cybercrime Web Fraud Data breaches

FBI Seizes BreachForums Website

Schneier on Security

MAY 17, 2024

co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. Raidforums (hosted at raidforums.com and run by Omnipotent) was the predecessor hacking forum to both version of BreachForums and ran from early 2015 until February 2022.”

Hacking

Hacking Accountability Ransomware Internet

Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists

Schneier on Security

DECEMBER 21, 2023

This is one of the most significant cyberattacks since Russia invaded in February 2022. They’re linked to the Russian military, so it’s unclear whether the attack was government directed or freelance.

Government

Government Hacking

Russian Cyberattack against Ukrainian Power Grid Prevented

Schneier on Security

APRIL 13, 2022

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used.

Malware

Feds Charge NY Man as BreachForums Boss “Pompompurin”

Krebs on Security

MARCH 17, 2023

The forum’s administrator “ Pompompurin ” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums , a remarkably similar crime forum that the FBI infiltrated and dismantled in 2022. In April 2022, U.S. Image: News 12 Westchester.

Data breaches

Data breaches Cybercrime Insurance Internet

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

FEBRUARY 1, 2024

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. 11-12, 2022. 11-12, 2022. 11, 2022 after they SIM-swapped an AT&T customer by impersonating them at a retail store using a fake ID. 11, 2022 local time, and continuing until the 12th of November.

Cryptocurrency

Cryptocurrency Ransomware Retail Government

Apple Announces Post-Quantum Encryption Algorithms for iMessage

Schneier on Security

FEBRUARY 26, 2024

Apple announced PQ3 , its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST in 2022. There’s a lot of detail in the Apple blog post , and more in Douglas Stabila’s security analysis. I am of two minds about this.

Encryption

Facebook Is Now Encrypting Links to Prevent URL Stripping

Schneier on Security

JULY 18, 2022

Mozilla introduced support for URL stripping in Firefox 102 , which it launched in June 2022. These parameters have no functionality that is relevant to the user, but sites rely on them to track users across pages and properties.

Encryption

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Krebs on Security

OCTOBER 23, 2023

4, 2022 story here about the emergence of “violence-as-a-service” offerings, where random people from the Internet hire themselves out to perform a variety of local, physical attacks, including firebombing a home, “bricking” windows, slashing tires, or performing a drive-by shooting at someone’s residence.

Internet

Internet Internet

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

” From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as “proxies” that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. The prices page for 911 S5, circa July 2022. $28

VPN

VPN Government Cybercrime Internet

Massive AT&T Hack Exposed ‘Nearly All’ Customer Phone Numbers

Tech Republic Security

JULY 12, 2024

Businesses and individuals with AT&T accounts from May 1, 2022 to October 31, 2022 and on January 2, 2023 will be notified if their data was affected.

Hacking

Hacking Accountability Big data Telecommunications

Google Pays $10M in Bug Bounties in 2023

Schneier on Security

MARCH 22, 2024

It’s $2M less than in 2022, but it’s still a lot. BleepingComputer has the details. The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program’s launch in 2010 has reached $59 million. million.

Mobile

Mobile Software

The UK Bans Default Passwords

Schneier on Security

MAY 2, 2024

The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for. Unique passwords installed by default are still permitted.

Passwords

Passwords IoT Manufacturing Telecommunications

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Krebs on Security

MAY 28, 2024

KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. The 911 S5 botnet-powered proxy service, circa July 2022. 911 built its proxy network mainly by offering “free” virtual private networking (VPN) services.

VPN

VPN Banking Cybercrime Internet

Let The New Year And Its Blessings Begin

Joseph Steinberg

JANUARY 2, 2023

2022 was a particularly difficult year for me; in addition to enduring two significant and long cases of COVID-19, I faced various family-related challenges, which, together, lessened the time that I could spend on writing, and forced me to refrain from publishing my previously-weekly newsletter.

Artificial Intelligence

Artificial Intelligence Accountability Cybersecurity

Why Italy Sells So Much Spyware

Schneier on Security

NOVEMBER 19, 2024

According to an Italian Ministry of Justice document , as of December 2022 law enforcement in the country could rent spyware for €150 a day, regardless of which vendor they used, and without the large acquisition costs which would normally be prohibitive.

Spyware

Spyware Marketing Hacking

Experian Privacy Vulnerability

Schneier on Security

JANUARY 12, 2023

But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history.

Identity Theft

Second Interdisciplinary Workshop on Reimagining Democracy

Schneier on Security

JANUARY 8, 2024

As with IWORD 2022 , the goal was to bring together a diverse set of thinkers and practitioners to talk about how democracy might be reimagined for the twenty-first century. I wrote about the philosophy more in this essay about IWORD 2022. You can read a similar summary of IWORD 2022 here.) My thinking is very broad here.

Technology

Linux-Targeted Malware Increased by 35%

Schneier on Security

JANUARY 24, 2022

This programming, and by extension, targeting trend, has already been confirmed in early 2022 cases and is likely to continue unabated. In the first six months of 2020, a steep rise of 500% in Golang malware was recorded, showing that malware authors were looking for ways to make their code run on multiple platforms. Slashdot thread.

Malware

Malware Accountability

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Troy Hunt

AUGUST 30, 2023

Data accumulated by the malicious activity spanned from October 2022 until just last week.

Phishing

Phishing Password Management Passwords Banking

Breaking RSA through Insufficiently Random Primes

Schneier on Security

MARCH 16, 2022

The weak Canon keys are tracked as CVE-2022-26351. Printer users can use the keys to generate a Certificate Signing Request. The creation date for the all the weak keys was 2020 or later. Böck also found four vulnerable PGP keys, typically used to encrypt email, on SKS PGP key servers.

Manufacturing

Manufacturing Encryption

The Top 22 Security Predictions for 2022

Hacktivism and DDOS Attacks Rise Dramatically in 2022

Trending Sources

Microsoft Patch Tuesday, May 2022 Edition

Microsoft Patch Tuesday, October 2022 Edition

Successful Change Management with Enterprise Risk Management

Microsoft Patch Tuesday, August 2022 Edition

Microsoft Patch Tuesday, April 2022 Edition

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Microsoft Patch Tuesday, June 2022 Edition

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Two U.S. Men Charged in 2022 Hacking of DEA Portal

US Cyber Command Operations During the 2022 Midterm Elections

Banks Must Report Cyber Incidents Beginning in May 2022

2022 Cyber Review: The Year the Ukraine War Shocked the World

Software Composition Analysis: The New Armor for Your Cybersecurity

CVE-2022-45157 (CVSS 9.1): Critical Security Flaw in Rancher Exposes vSphere Credentials in Plaintext

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Holiday Travel Surge Brings Back Vaccine Passports — Or Not

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Critical Microsoft Code-Execution Vulnerability

Ransomware Payments Are Down

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Experian Glitch Exposing Credit Files Lasted 47 Days

FBI Seizes BreachForums Website

Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists

Russian Cyberattack against Ukrainian Power Grid Prevented

Feds Charge NY Man as BreachForums Boss “Pompompurin”

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Apple Announces Post-Quantum Encryption Algorithms for iMessage

Facebook Is Now Encrypting Links to Prevent URL Stripping

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Is Your Computer Part of ‘The Largest Botnet Ever?’

Massive AT&T Hack Exposed ‘Nearly All’ Customer Phone Numbers

Google Pays $10M in Bug Bounties in 2023

The UK Bans Default Passwords

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Let The New Year And Its Blessings Begin

Why Italy Sells So Much Spyware

Experian Privacy Vulnerability

Second Interdisciplinary Workshop on Reimagining Democracy

Linux-Targeted Malware Increased by 35%

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Breaking RSA through Insufficiently Random Primes

Stay Connected