Security News > 2023 > January

Adversaries are banking on the fact that organizations are busy trying to ride this curve and might lose sight of their security protocols. Most organizations find it impossible to balance the threats as well as the economic changes, and threat actors are counting on organizations to reduce costs that might impact their security posture, as well as having a complex environment that is in desperate need of a clean-up.

In this Help Net Security interview, Dimitri van Zantvliet is the Cybersecurity Director/CISO of Dutch Railways, and co-chair to the Dutch and European Rail ISAC, talks about cyber attacks on railway systems, build a practical cybersecurity approach, as well as cyber legislation. This includes regularly assessing and mitigating risks, implementing security protocols and controls, and ensuring compliance with railway sector regulations.

SynSaber recently released its second Industrial Control Systems (ICS) Vulnerabilities & CVEs Report. In this Help Net Security video, Ronnie Fabela, CTO at SynSaber, talks about the key findings:...

In brief Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country's plan to send tanks to Ukraine. Germany announced the transfer of 14 Leopard 2 A6 tanks to Ukraine on Wednesday, jointly with the US saying it would send 31 M1 Abrams tanks to the besieged nation.

Insider threats are a top concern at organizations of all kinds; only 3% of respondents surveyed are not concerned with insider risk, according to Gurucul. With responses from more than 325 cybersecurity professionals, the report explores the latest trends and challenges organizations are facing as they work to adapt to changing insider threats, and how organizations are preparing to better protect critical data and IT infrastructure.

A new category of activity tracking applications has been having massive success recently on Google Play, Android's official app store, having been downloaded on over 20 million devices. Dr. Web says all three apps communicate with the same remote server address, indicating a common operator/developer.

How to tackle the cybersecurity skills shortage in the EUIn this Help Net Security Dritan Saliovski, Director - Nordic Head of Cyber M&A, Transaction Advisory Services at Aon, offers some pointers, as well as advice to organizations on how to attract and retain the best cybersecurity talent. ENISA gives out toolbox for creating security awareness programsThe European Union Agency for Cybersecurity has made available Awareness Raising in a Box, a "Do it yourself" toolbox to help organizations in their quest to create and implement a custom security awareness raising program.

The threat actors associated with the Gootkit malware have made "Notable changes" to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is "Exclusive to this group."

Security researchers with Horizon3's Attack Team will release an exploit targeting a vulnerability chain next week for gaining remote code execution on unpatched VMware vRealize Log Insight appliances. Now known as VMware Aria Operations for Logs, vRealize Log Insight makes it easier for VMware admins to analyze and manage terabytes of infrastructure and application logs.

Security researchers have identified a new data-wiping malware they named SwiftSlicer that aims to overwrite crucial files used by the Windows operating system. While details are scant regarding SwiftSlicer at the moment, security researchers at cybersecurity company ESET say that they found the destructive malware deployed during a cyberattack in Ukraine.