Security News > 2023 > December

As ransomware continues to be on the rise, we can expect groups to continue to evolve their attacks and operate at a larger scale for bigger profits. As a result, attack surfaces - most prominently in manufacturing, healthcare, and education - doubled and tripled in size, which appealed to ransomware groups.

Despite advanced security protocols, many cybersecurity incidents are still caused by employee actions. In this Help Net Security video, John Scott, Lead Cybersecurity Researcher at CultureAI, discusses how integrating AI and automation into your cybersecurity strategy can improve employee behaviors and reduce security incidents.

Australia is building a top-secret cloud to host intelligence data and share it with the US and UK, which have their own clouds built for the same purpose. The three clouds were discussed on Monday by Andrew Shearer, Australia's director-general of national intelligence, at an event hosted by the Center for Strategic & International Studies in Washington, DC. "We are working very hard on a top-secret cloud initiative," Shearer told the event, adding that it will interoperate with similar infrastructure already operated by the US and UK, and mean sensitive data can be shared "Near instantaneously."

OpenTofu is an open-source alternative to Terraform's widely used Infrastructure as Code provisioning tool. Previously named OpenTF, OpenTofu is an open and community-driven response to Terraform's recently announced license change from a Mozilla Public License v2.0 to a Business Source License v1.1, providing everyone with a reliable, open-source alternative under a neutral governance model.

90% of the world's largest energy companies experienced a third-party breach in the past 12 months, according to SecurityScorecard. 92% of the energy companies evaluated have been exposed to a fourth-party breach.

Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory. Short for Spectre based on LAM, the SLAM attack was discovered by researchers at Systems and Network Security Group at Vrije Universiteit Amsterdam, who demonstrated its validity by emulating the upcoming LAM feature from Intel on a last-generation Ubuntu system.

A years-old Bluetooth authentication bypass vulnerability allows miscreants to connect to Apple, Android and Linux devices and inject keystrokes to run arbitrary commands, according to a software engineer at drone technology firm SkySafe. The bug, tracked as CVE-2023-45866, doesn't require any special hardware to exploit, and the attack can be pulled off from a Linux machine using a regular Bluetooth adapter, says Marc Newlin, who found the flaw and reported it to Apple, Google, Canonical, and Bluetooth SIG. Newlin says he'll provide vulnerability details and proof-of-concept code at an upcoming conference but wants to hold off until everything is patched.

A U.S. senator revealed today that government agencies worldwide demand mobile push notification records from Apple and Google users to spy on their customers. Data collection through this method helps link devices to Apple or Google accounts and may also allow access to unencrypted notification content, including text displayed on the receiving smartphone.

Schneier has used the phrase "Security theatre" to describe public actions which do not increase security, but which are designed to make the public think that the organization carrying out the actions is taking security seriously. Security theatre has positive aspects too, provided that it is not used as a substitute for actions that would actually improve security.

Microsoft's Extended Security Updates program doesn't replace all of those options; ESUs just provide the monthly security updates from Windows Update and only cover what Microsoft classifies as critical or important vulnerabilities, which means no fixes for security issues you can mitigate without Microsoft making changes to Windows. What's different this time is that individuals will be able to buy the annual ESU subscription for their Windows 10 PCs. How can I get Extended Security Updates for Windows 10?