Security News > 2023 > February

When a Texas school district sold some old laptops at auction last year, it probably didn't expect to end up in a public legal fight with a local computer repair shop - but a debate over what to do with district data found on the liquidated machines has led to precisely that. The San Benito Consolidated Independent School District sold more than 3,500 devices at auction in July 2022, of which 700 were purchased by local computer repair and resale shop RDA Technologies.

France's Computer Emergency Response Team has issued a Bulletin D'Alerte regarding a campaign to infect VMware's ESXI hypervisor with ransomware. Targets don't come much richer than ESXi - the bare metal hypervisor can afford access to many guest machines that run apps and store data.

Organizations are required to capture, index, secure, and dispose of all PII based on differing state, federal, and foreign data privacy laws. While global data protection regulations forced organizations to pay more attention to how they handle PII, we still see massive breaches, and millions lose their privacy daily.

The Info-Tech's report focuses on data that details the likely changes in processes and IT infrastructure due to hybrid work, concerns and perceptions about readiness to meet current and future legislation, and the impact of a potential recession on security budgets. According to Info-Tech's research, security leaders must build a strong cybersecurity workforce by strategically acquiring, retaining, and upskilling talent to maintain secure systems and increase confidence in the security practice.

Cybersecurity and privacy leaders should realize that as consumers become more aware of their data autonomy, enhanced data privacy can offer a real competitive business advantage. As data becomes embedded in each interaction, numerous data privacy concerns come into play throughout.

Resecurity has identified a new version of Nevada Ransomware which recently emerged on the Dark Web right before the start of 2023. Around February 1, 2023 - the group distributed an updated locker written in Rust for their affiliates supporting Windows, Linux and ESXi - this programming language has become a trend for ransomware developers these days.

Dashlane announced it had made the source code for its Android and iOS apps available on GitHub under the Creative Commons Attribution-NonCommercial 4.0 license. The popular subscription-based password manager and digital wallet have decided to release the code of its mobile apps to increase transparency in how they operate while also promoting a more collaborative and open development approach going forward.

Researchers at IT security company Check Point security have flagged Dingo Token as a potential scam after finding a function that allows the project's owner to manipulate trading fees up to 99% of the transaction value. Dingo Token is currently ranked #619 in CoinMarketCap with a market capitalization of over $20 million.

Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines. The new Linux Royal Ransomware variant was discovered by Will Thomas of the Equinix Threat Analysis Center, and is executed using the command line.

The hack of SolarWinds' software more than two years ago pushed the threat of software supply chain attacks to the front of security conversations, but is anything being done? More recently, attackers have targeted code repositories like GitHub and PyPI and companies like CI/CD platform provider CircleCI, an incident that expanded the definition of a supply chain attack, according to Matt Rose, field CISO for cybersecurity vendor ReversingLabs.