2023 - Cyber Security Informer

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Schneier on Security

NOVEMBER 18, 2024

Zero-day vulnerabilities are more commonly used , according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.

Cybersecurity

macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published

Penetration Testing

NOVEMBER 26, 2024

The flaw, designated CVE-2023-32428... The post macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published appeared first on Cybersecurity News.

Cybersecurity

TP-Link Router Botnet

Schneier on Security

MARCH 14, 2025

This high severity security flaw (tracked as CVE-2023-1389 ) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks.

Manufacturing

Manufacturing Healthcare Malware Internet

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. Amazon was compromised in May, 2023 via a MoveIT 0day exploit.

Data breaches

Data breaches Hacking Ransomware Technology

The Power of Storytelling in Risk Management

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

July 13th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST

Risk

Microsoft Patch Tuesday, November 2023 Edition

Krebs on Security

NOVEMBER 14, 2023

The zero-day threats targeting Microsoft this month include CVE-2023-36025 , a weakness that allows malicious content to bypass the Windows SmartScreen Security feature. Microsoft says it is relatively straightforward for attackers to exploit CVE-2023-36036 as a way to elevate their privileges on a compromised PC.

Social Engineering

Social Engineering Internet Internet Phishing

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials. From the executive summary: The Board finds that this intrusion was preventable and should never have occurred.

Hacking

Hacking Government Accountability Technology

Atlassian Confluence Vulnerability CVE-2023-22527 Exploited for Cryptomining

Penetration Testing

OCTOBER 30, 2024

In a recently disclosed report by Trend Micro, attackers were observed exploiting a vulnerability in Atlassian’s Confluence servers (CVE-2023-22527) to hijack victim resources and harvest rewards from the Titan Network—a... The post Atlassian Confluence Vulnerability CVE-2023-22527 Exploited for Cryptomining appeared first on Cybersecurity (..)

Cybersecurity

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Security Affairs

DECEMBER 8, 2024

On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. In 2023, upon discovering the cyber attack, the Anna Jaques Hospital took the impacted systems down and launched an investigation into the security breach. The hospital revealed that the security breach exposed sensitive health data for over 316,000 patients.

Data breaches

Data breaches Insurance Healthcare Ransomware

Exploring the Overlap: Cost Optimization and Digital Transformation

Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM

April 19th, 2023 at 9:30 am PDT, 12:30 pm EDT, 4:30 pm GMT

Digital transformation

Google Pays $10M in Bug Bounties in 2023

Schneier on Security

MARCH 22, 2024

The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program’s launch in 2010 has reached $59 million. BleepingComputer has the details. It’s $2M less than in 2022, but it’s still a lot. million.

Mobile

Mobile Software

CVE-2023-32197 (CVSS 9.1): Critical RKE2 Flaw Exposes Windows Nodes to Privilege Escalation

Penetration Testing

OCTOBER 28, 2024

A significant security vulnerability, CVE-2023-32197, has been identified in RKE2, Rancher’s Kubernetes distribution geared toward high-security environments, including the U.S. Federal Government.

Government

Government Cybersecurity

Mauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604)

Penetration Testing

DECEMBER 8, 2024

The AhnLab Security Intelligence Response Center (ASEC) has revealed that threat actors exploiting a critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, have begun deploying Mauri ransomware in their attacks....

Ransomware

Ransomware Security Intelligence Cybersecurity Malware

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

Penetration Testing

OCTOBER 13, 2024

This vulnerability, tracked... The post Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581) appeared first on Cybersecurity News.

Cybersecurity

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

March 22nd, 2023 at 9:30 am PDT, 12:30 pm EDT, 4:30 pm GMT Treasury’s Financial Crimes Enforcement Network (FinCEN) pursuant to the AMLA so far Anticipated impacts of the AMLA to financial institutions required to have AML programs and other entities Save your seat and register today!

Banking

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware. SecureWorks said these attacks had been going on since at least March 2023. million phishing attempts in 2023.” A scan of social media networks showed this is not an uncommon scam.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

JANUARY 16, 2025

According to the FBI , at least 45,000 IP addresses in the US had back-and-forths with the command-and-control server since September 2023. .” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group.

Malware

Malware Hacking Software

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Rumors of a cracked version of Acunetix being used by attackers surfaced in June 2023 on Twitter/X , when researchers first posited a connection between observed scanning activity and Araneida. According to an August 2023 report (PDF) from the U.S. co — first came online in February 2023. 2023 on the forum Cracked.

Hacking

Hacking Cybercrime Advertising Data breaches

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. According to several SIM-swapping channels on Telegram where Tylerb was known to frequent, rival SIM-swappers hired thugs to invade his home in February 2023. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

July 20th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST This exclusive webinar with William Hord, Senior VP of Risk & Professional Services, will explore the answers to these questions and other foundational elements you need to start or validate your ERM program. Register today!

Banking

Experts found multiple flaws in Mercedes-Benz infotainment system

Security Affairs

JANUARY 21, 2025

.” Below is the list of flaws discovered by the researchers: CVE-2024-37602 CVE-2024-37600 CVE-2024-37603 CVE-2024-37601 CVE-2023-34406 CVE-2023-34397 CVE-2023-34398 CVE-2023-34399 CVE-2023-34400 CVE-2023-34401 CVE-2023-34402 CVE-2023-34403 CVE-2023-34404 The details for each of the above flaws will be published here: [link].

Software

Software Architecture Media Engineering

Perfectl Malware

Schneier on Security

OCTOBER 14, 2024

It can also exploit CVE-2023-33246, a vulnerability with a severity rating of 10 out of 10 that was patched last year in Apache RocketMQ, a messaging and streaming platform that’s found on many Linux machines.

Malware

Malware Cryptocurrency Internet Internet

Lessons from a Ransomware Attack against the British Library

Schneier on Security

MARCH 29, 2024

You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but.

Ransomware

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

In 2023, Loretto Hospital experienced another data security incident. On January 19, 2023, a former employee misappropriated security camera footage of a limited number of patients and posted it on Facebook. The footage was removed after the incident was discovered. The footage was removed after the incident was discovered.

Hacking

Hacking Healthcare Backups Ransomware

Cybersecurity Predictions for 2024

We’ve recently looked back at what happened within cybersecurity in 2023. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

New iPhone Exploit Uses Four Zero-Days

Schneier on Security

JANUARY 4, 2024

This attachment exploits the remote code execution vulnerability CVE-2023-41990 in the undocumented, Apple-only ADJUST TrueType font instruction. This was mitigated as CVE-2023-38606. The Safari exploit uses CVE-2023-32435 to execute a shellcode. It uses the same vulnerabilities: CVE-2023-32434 and CVE-2023-38606.

Spyware

Spyware Authentication

Zero-Click Exploit in iPhones

Schneier on Security

SEPTEMBER 13, 2023

The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061 , allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachments containing malicious images. “We refer to the exploit chain as BLASTPASS.

Spyware

Spyware Accountability

Cisco warns of a ClamAV bug with PoC exploit

Security Affairs

JANUARY 25, 2025

In February 2023, Cisco fixed a critical flaw, tracked as CVE-2023-20032(CVSS score: 9.8), in ClamAV product. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser. Google OSS-Fuzz reported this vulnerability.

Antivirus

Antivirus Software Engineering Malware

Finnish Customs dismantled the dark web drugs market Sipulitie

Security Affairs

OCTOBER 16, 2024

. “Finnish customs has closed the web servers of the Sipulitie marketplace, which has been operating on the Tor network since 2023, in cooperation with the Swedish police, and confiscated their contents. The darknet market has been active since February 2023, it was used by criminals to sell narcotics anonymously.

Marketing

Marketing Cybercrime Scams Hacking

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

August 23, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST Bales, Esq. is here to teach you: How to break compliance and security down into discrete components Tips and strategies to establish a functional compliance and security protocol for your organization Why compliance and security are moving targets - your job is never “done” And more!

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

DECEMBER 3, 2024

A study on phishing data released by Interisle Consulting finds that new gTLDs introduced in the last few years command just 11 percent of the market for new domains, but accounted for roughly 37 percent of cybercrime domains reported between September 2023 and August 2024.

Cybercrime

Cybercrime Phishing Accountability Internet

The State of Ransomware

Schneier on Security

AUGUST 19, 2024

So far, in 2024, comparing the first half of 2023 to the first half of 2024, we see an even further increase of 4.3%. The higher level of activity observed in 2023 was no fluke. In February, we reported a 49% increase year-over-year in alleged victims posted on ransomware leak sites.

Ransomware

Ransomware Accountability

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile.

Retail

Retail Advertising Cryptocurrency Marketing

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Security Affairs

DECEMBER 19, 2024

Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and sensitive information disclosure. The researcher also noticed that the vulnerability CVE-2023-34990 can be chained with CVE-2023-48782 (CVSS score of 8.8) through 8.6.5

Wireless

Wireless Authentication Healthcare Education

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). In this eBook, we will look at the 2023 report and explore the most important cybersecurity stats and how to prevent them.

Identity Theft

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

In 2023, the carrier disclosed two data breaches , one in January and another in May. In May 2023, T-Mobile threat actors had access to the personal information of hundreds of customers starting in late February 2023. The bad news is that this isn’t the first incident suffered by T-Mobile.

Mobile

Mobile Telecommunications Data breaches Hacking

U.S. CISA adds Microsoft Partner Center and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 26, 2025

The two vulnerabilities are: CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability The first vulnerability, CVE-2023-34192 (CVSS score: 9.0), is a cross-site scripting (XSS) issue in Synacor ZCS.

Authentication

Authentication Hacking Cybersecurity Risk

FBI Seizes BreachForums Website

Schneier on Security

MAY 17, 2024

“From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. .” co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. ”

Hacking

Hacking Accountability Ransomware Internet

Signal Will Leave the UK Rather Than Add a Backdoor

Schneier on Security

SEPTEMBER 26, 2023

Totally expected, but still good to hear : Onstage at TechCrunch Disrupt 2023, Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. “We would leave the U.K. “And that’s never not true.” ”

Encryption

Everything You Need to Know About Crypto

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

May 18th, 2023 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm BST

Cryptocurrency

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Krebs on Security

MARCH 7, 2025

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing…

Password Management

Password Management Hacking Passwords

Protecting Critical Infrastructure with Zero-Trust and Microsegmentation

Security Boulevard

NOVEMBER 21, 2024

In 2023 alone, over 40% of attacks hit these sectors, according to the FBI. Ransomware attacks are increasingly targeting critical infrastructure — essential systems like energy, water, transportation and finance.

Ransomware

Ransomware Security Awareness Cybersecurity

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Microsoft discovered that the subgroup exploited at least eight known vulnerabilities on network perimeters of small office/home office (SOHO) and enterprise networks: JBOSS (exact CVE is unknown) Microsoft Exchange ( CVE-2021-34473 ) Zimbra Collaboration ( CVE-2022-41352 ) OpenFire ( CVE-2023-32315 ) JetBrains TeamCity ( CVE-2023-42793 ) Microsoft (..)

Telecommunications

Telecommunications DNS Passwords Hacking

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. and European entities, exploiting VPNs and RDPs, including a California-based organization’s servers.

Cybersecurity

Cybersecurity IoT Hacking Technology

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

November 14th, 2023 at 9:30am PST, 12:30pm EST, 5:30pm GMT In this exclusive webinar with industry visionaries, you'll learn: The value of Software Composition Analysis Regulations impacting both software producers and buyers What a Software Bill of Materials is and why you need one Software supply chain security best practices.and more!

Cybersecurity

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published

Trending Sources

TP-Link Router Botnet

Amazon discloses employee data breach after May 2023 MOVEit attacks

The Power of Storytelling in Risk Management

Microsoft Patch Tuesday, November 2023 Edition

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Atlassian Confluence Vulnerability CVE-2023-22527 Exploited for Cryptomining

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Exploring the Overlap: Cost Optimization and Digital Transformation

Google Pays $10M in Bug Bounties in 2023

CVE-2023-32197 (CVSS 9.1): Critical RKE2 Flaw Exposes Windows Nodes to Privilege Escalation

Mauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604)

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Booking.com Phishers May Leave You With Reservations

FBI Deletes PlugX Malware from Thousands of Computers

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Feds Charge Five Men in ‘Scattered Spider’ Roundup

ERM Program Fundamentals for Success in the Banking Industry

Experts found multiple flaws in Mercedes-Benz infotainment system

Perfectl Malware

Lessons from a Ransomware Attack against the British Library

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Cybersecurity Predictions for 2024

New iPhone Exploit Uses Four Zero-Days

Zero-Click Exploit in iPhones

Cisco warns of a ClamAV bug with PoC exploit

Finnish Customs dismantled the dark web drugs market Sipulitie

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Why Phishers Love New TLDs Like.shop,top and.xyz

The State of Ransomware

An Interview With the Target & Home Depot Hacker

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

5 Key Findings From the 2023 FBI Internet Crime Report

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

U.S. CISA adds Microsoft Partner Center and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

FBI Seizes BreachForums Website

Signal Will Leave the UK Rather Than Add a Backdoor

Everything You Need to Know About Crypto

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Protecting Critical Infrastructure with Zero-Trust and Microsegmentation

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Software Composition Analysis: The New Armor for Your Cybersecurity

Stay Connected