Security News > 2022

When it comes to 2023 threat predictions, Trellix anticipates spikes in geopolitically motivated attacks across Asia and Europe, hacktivism fueled by tensions from opposing political parties, and vulnerabilities in core software supply chains. "Analyzing current trends is necessary but being predictive in cybersecurity is vital. While organizations focus on near-term threats, we advise all to look beyond the horizon to ensure a proactive posture," said John Fokker, Head of Threat Intelligence, Trellix.

Intruders copied source code belonging to Okta after breaching the identity management company's GitHub repositories. Okta was alerted by Microsoft-owned GitHub earlier this month of "Suspicious access" to its code repositories and determined that miscreants copied code associated with the company's Workforce Identity Cloud, an enterprise-facing access and identity management tool to enable workers and partners to work from anywhere.

Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed number of customers. "BetMGM's online operations were not compromised. BetMGM is coordinating with law enforcement and taking steps to further enhance its security."

LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident. Toubba added in a new update to the original statement that Lastpass' cloud storage was accessed using "Cloud storage access key and dual storage container decryption keys" stolen from its developer environment.

US regulators want to fine the operators of a claimed massive robocall operation almost $300 million that made more than 5 billion pre-recorded calls over three months early last year. Those five billion calls went to more than 500 million phone numbers between January and March 2021 in what the Federal Communications Commission called the largest robocall operation it has ever investigated.

DuckDuckGo apps and extensions are now blocking Google Sign-in pop-ups on all its apps and browser extensions, removing what it perceives as an annoyance and a privacy risk for its users. A standalone web browser is also in the works, currently in beta and only available for macOS. The company announced today that all its Chrome, Firefox, Brave, and Microsoft Edge apps and browser extensions will now actively block Google sign-in prompts displayed on sites.

DUCK. OK, so application control is Sophos's name for the ability to detect, and optionally to block, software that is not malware, but that a well-informed administrator might not want to support in their environment? DUCK. Now, my understanding is most so-called "Fileless malware" does involve files, probably quite a lot of files in its operation.

Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. Similar to Gmail, Xfinity allows customers to configure a secondary email address to be used for account notifications and password resets in the event they lose access to their Xfinity account.

The Zerobot botnet, first detected earlier this month, is expanding the types of Internet of Things devices it can compromise by going after Apache systems. The latest upgrade is going after Apache and Apache Spark systems.

Microsoft Office files, particularly Excel and Word files, have been targeted by some cybercriminals for a long time. As exposed in new research from Cisco Talos, threat actors might leverage event handling functions in Excel files in order to automatically launch.