Security News > 2023 > March

AT&T is notifying roughly 9 million customers that some of their information was exposed after a marketing vendor was hacked in January. "The information did not contain credit card information, Social Security Number, account passwords or other sensitive personal information. We are notifying affected customers."

Starting March 13, GitHub will gradually introduce the 2FA enrollment requirement to groups of developers and administrators, beginning with smaller groups. In case your account is selected for enrollment, you will receive a notification via email and see a banner on GitHub.com requesting you to enroll in 2FA. You will have a 45-day window to configure 2FA on your account, and before that date, you can continue to use GitHub as usual except for the occasional reminders.

GitHub will start requiring active developers to enable two-factor authentication on their accounts beginning next week, on March 13. The gradual rollout will start next week with GitHub reaching out to smaller groups of administrators and developers via email and will speed up as the end of the year approaches to ensure that onboarding is seamless and users have time to sort out any issues.

To up your security risk management game, these industry best practices will help you understand and mitigate risks before they take hold. Your strategy should include the potential risks you've identified for your organization, how likely they are to occur and your response plan in the event of an active threat.

After your incoming traffic has been scanned, all safe traffic is forwarded to your network or servers for processing through the GRE tunnel. GRE tunnels can transport or forward multicast traffic, which is essential for actions like routing protocol advertisement and for video conferencing applications, while a VPN can only transport unicast traffic.

Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware. AhnLab Security Emergency Response Center, in a new analysis, said it marks the continued abuse of the flaws to deliver a variety of payloads on compromised systems.

A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world. The intrusions entail the exploitation of a recently disclosed deserialization vulnerability in IBM Aspera Faspex file-sharing software, according to cybersecurity company SentinelOne.

Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. IceFire operators exploit a deserialization vulnerability in the IBM Aspera Faspex file-sharing software to hack into targets' vulnerable systems and deploy their ransomware payloads.

The attacker will try to convince the user to download remote access software under the pretext of corporate IT help desk representatives. Attackers impersonating the help desk is clearly working: in July 2020, Twitter experienced a major security breach when hackers used a vishing scam to successfully access dozens of high-profile accounts, including those of Barack Obama, Joe Biden, Jeff Bezos, and Elon Musk.

Despite some occasional good news on the cybersecurity front, cyber attacks continue to move even faster and get more nefarious all the time. For business owners, it's imperative to make cybersecurity a priority.