Week in review: LastPass breach disaster, online tracking via UID smuggling, ransomware in 2023

/in


Cybersecurity week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

LastPass says attackers got users’ info and password vault data
The information couldn’t come at a worst time, as businesses are winding down their activities and employees and users are thick in the midst of last-minute preparations for end-of-year holidays.

New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)
Ransomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities (CVE-2022-41082) to achieve remote code execution on Microsoft Exchange servers.

Make sure your company is prepared for the holiday hacking season
We’re coming to that time of the year when employees are excited about the holidays and taking time off to be with their loved ones. But while employees are preparing for some rest and relaxation, hackers are gearing up for their busy season.

5 cybersecurity trends accelerating in 2023
Netwrix has released key cybersecurity trends that will affect organizations of all sizes in 2023.

What happens once scammers receive funds from their victims
In this Help Net Security video, Ronnie Tokazowski, Principal Threat Advisor at Cofense, offers insight into the world’s most lucrative cybercrime – business email compromise (BEC).

APIs are placing your enterprise at risk
The recent push to focus on API security comes at a critical time where more enterprises are relying on enterprise mobility, meaning increasing a reliance on mobile app connectivity.

UID smuggling: A new technique for tracking users online
Advertisers and web trackers have been able to aggregate users’ information across all of the websites they visit for decades, primarily by placing third-party cookies in users’ browsers.

Ransomware predictions for 2023
In this Help Net Security video, Dave Trader, Field CISO at Presidio, talks about the evolution of ransomware attacks and outlines what we can expect in 2023.

Amplified security trends to watch out for in 2023
In 2023 and beyond, organizations can expect to continue dealing with many of the same threats they face today but with one key difference: expect criminals…

Source…