Security News > 2023 > March

The Play ransomware gang has taken responsibility for a cyberattack on the City of Oakland that has disrupted IT systems since mid-February. Oakland is a city in California on the east side of the San Francisco Bay Area with a population of about 440,000.

SCSW Back in 2020, Eric Scales led the incident response team investigating a nation-state hack that compromised his company's servers along with those at federal agencies and tech giants including Microsoft and Intel. "It was similar to a fraternity rush - the best experience I never want to do again," Scales, head of incident response at Mandiant, told The Register.

Europe's proposed "Chat Control" legislation to automatically scan chat, email, and instant message communications for child sexual exploitation material ran up against broad resistance at a meeting of the German Parliament's Digital Affairs Committee on Wednesday. Chat Control 2.0 would make content scanning mandatory, even for encrypted communications - which would mean either content scanning prior to encryption or encryption keys managed by the service provider instead of the end user.

"These vulnerabilities can be triggered from user-mode applications by sending malicious commands to a TPM 2.0 whose firmware is based on an affected TCG reference implementation," the Trusted Computing Group said in an advisory. Large tech vendors, organizations using enterprise computers, servers, IoT devices, and embedded systems that include a TPM can be impacted by the flaws, Quarkslab noted, adding they "Could affect billions of devices."

Webinar Trying to keep on top of all the hype and complexity in cybersecurity can be more than an just an uphill struggle and more like a veritable mountain to climb every morning. So IT staff can be forgiven for wanting to change their security setups over and over again.

The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing social engineering campaign that commenced in January 2023. "Unlike most of the group's malware, MQsTTang doesn't seem to be based on existing families or publicly available projects," ESET researcher Alexandre Côté Cyr said in a new report.

The U.S. Cybersecurity and Infrastructure Security Agency has released a new advisory about Royal ransomware, which emerged in the threat landscape last year. "After gaining access to victims' networks, Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting the systems," CISA said.

If AI-based cybersecurity tools leveraged RLHF, they would be immensely powerful, intuitive, and effective and could improve detection and response times to even the most sophisticated threats. RLHF can be used to train AI-based models to detect and respond to potential threats more effectively by using human feedback to learn from real-world examples.

The Tenable report categorizes important vulnerability data and analyzes attacker behavior to help organizations inform their security programs and prioritize security efforts to focus on areas of most significant risk and disrupt attack paths, ultimately reducing exposure to cyber incidents. Threat actors continue to find success with known and proven exploitable vulnerabilities that organizations have failed to patch or remediate successfully.

Attackers are developing and deploying exploits faster than ever. 56% of the vulnerabilities were exploited within seven days of public disclosure - a 12% rise over 2021 and an 87% rise over 2020.