Security News

It may be tempting for organizations to wait and see how regulations develop or hold on for federal-level legislation; the American Data Privacy Protection Act has been introduced to Congress, although it will take a while to see if it has a chance of coming through the legislative process and being passed into law. For organizations with customers in both the US and Europe, there's recently been some good news: the EU has decided that "The United States ensures an adequate level of protection - comparable to that of the European Union - for personal data transferred from the EU to US companies." In principle, this means user data from Europe can flow freely to the US without additional data protection safeguards.

In this Help Net Security video, Gal Sadeh, Head of Data and Security Research at Silverfort, discusses LATMA, a free, open-source tool. It's engineered with advanced algorithms to track and report any unusual activity within an environment.

The ThreatNG Governance and Compliance Dataset is an open-source initiative that aims to democratize access to critical data, fostering transparency, collaboration, and improvement of cybersecurity practices globally. The open-source datasets offered by ThreatNG provide an understanding of organizational practices, promoting informed decision-making and accountability within the corporate landscape.

In Claroty's previous survey conducted in 2021, 32% of ransomware attacks impacted IT only, while 27% impacted both IT and OT. Today, 21% impact IT only, while 37% impact both IT and OT - a significant 10% jump for the latter in just two years. 61% of respondents are currently utilizing security tools that leverage generative AI and an alarming 47% say that it raises their security concerns.

Distinguishing real, business-critical application risks is more challenging than ever. A siloed, ad hoc approach to AppSec generates noisy false positives that overwhelm under-resourced security teams.

Of these, four are rated critical - including three remote code execution vulnerabilities and one spoofing bug - and 29 important. The only vulnerability listed as publicly disclosed in Microsoft's December patch party is a speculative leaks flaw in some AMD processors tracked as CVE-2023-20588 and first disclosed in August.

Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. Recent incidents investigated by Microsoft Threat Intelligence experts revealed that attackers mainly target user accounts that lack robust authentication mechanisms in phishing or password-spraying attacks, focusing on those with permissions to create or modify OAuth apps.

The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, military intelligence officers breached Russia's federal taxation service central servers and 2,300 regional servers across Russia and occupied Ukrainian territories.

Microsoft's December 2023 Patch Tuesday is a light one: 33 patches, only four of which are deemed critical. "This month, Microsoft did not patch any zero-day vulnerabilities, marking only the second time in 2023 that no zero-days were fixed," noted Satnam Narang, senior staff research engineer at Tenable.

An ex-First Republic Bank cloud engineer was sentenced to two years in prison for causing more than $220,000 in damage to his former employer's computer network after allegedly using his company-issued laptop to watch pornography. Miklos Daniel Brody, 38, of San Francisco, pleaded guilty in April to two charges of violating the Computer Fraud and Abuse Act after obtaining information from and intentionally damaging a protected computer, and one charge of making false statements to a government agency.