Security News > 2023 > February

Russia's cyber attacks against Ukraine surged by 250% in 2022 when compared to two years ago, Google's Threat Analysis Group and Mandiant disclosed in a new joint report. Mandiant said it observed, "More destructive cyber attacks in Ukraine during the first four months of 2022 than in the previous eight years with attacks peaking around the start of the invasion."

The cyber espionage threat actor tracked as Earth Kitsune has been observed deploying a new backdoor called WhiskerSpy as part of a social engineering campaign. The differentiating factor in the latest attacks is a shift to social engineering to trick users into visiting compromised websites related to North Korea, according to a new report from Trend Micro released last week.

Opinion Mary, Queen of Scots, was a hapless CEO, even by the standards of 1600s Europe. Catholic Mary could focus any number of plots to overthrow Protestant Elizabeth, or be a partner through blood ties to calm things down.

Twitter has announced that starting with March 20, users who don't pay the Twitter Blue subscription will no longer be able to use the SMS-based two-factor authentication option. Twitter CEO Elon Musk further explained the rationale behind the move by claiming that "Twitter is getting scammed by phone companies for $60M/year of fake 2FA SMS messages."

Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities affecting its FortiNAC and FortiWeb solutions.Since cyberattackers love to exploit vulnerabilities in Fortinet enterprise solutions and a PoC exploit for CVE-2022-39952 is expected to be released soon, admins are advised to get a move on patching.

Such tools are essential for evaluating the performance of deep reinforcement learning algorithms. The method is emerging as a powerful decision-support tool for cybersecurity experts - a defense agent with the ability to learn, adapt to quickly changing circumstances, and make decisions autonomously.

Samsung has announced a new feature called Message Guard that comes with safeguards to protect users from malware and spyware via what's referred to as zero-click attacks. The security feature, available on Samsung Messages and Google Messages, is currently limited to the Samsung Galaxy S23 series, with plans to expand it to other Galaxy smartphones and tablets later this year that are running on One UI 5.1 or higher.

Gartner forecasts a 16.8% growth for SaaS in 2023 as companies - including SMBs - add new SaaS platforms to their IT stack. Too often we find SMBs think security is all in the hands of the SaaS provider, when in fact the SaaS customer is always responsible for their data and their users.

If an organization relies on automation and tools to highlight API security issues, it is still up to a trained developer to manage API behavior. Since there is no standard for managing APIs, organizations must rely on more than tools to solve their security challenges.

The number of data breaches affecting healthcare providers declined in the second half of 2022, consistent with a downward trend over the past two years, according to Critical Insight. Healthcare industry sees a decrease in data breaches.