- Zero Trust Metrics: Track Progress and Program Maturity – The CISA Zero Trust Maturity Model is filled with concepts and language appropriate for federal agencies, but it doesn’t always translate to the private sector, and certainly not to smaller, less-mature mid-market organizations.
- (ISC)2 Los Angeles Chapter Meeting
- Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration – Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks.
- LockBit ransomware encryptors found targeting Mac devices – The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major ransomware operation to ever specifically target macOS.
- NCR suffers Aloha POS outage after BlackCat ransomware attack – NCR is suffering an outage on its Aloha point of sale platform after being hit by an ransomware attack claimed by the BlackCat/ALPHV gang.
- Western Digital Hackers Demand 8-Figure Ransom Payment for Data – Western Digital has yet to comment on claims that the breach reported earlier this month led to data being stolen.
- Hackers abuse Google Command and Control red team tool in attacks – The Chinese state-sponsored hacking group APT41 was found abusing the GC2 (Google Command and Control) red teaming tool in data theft attacks against a Taiwanese media and an Italian job search company.
- Army helicopter crash blamed on skipped software patch – The emergency ditching of an Australian military helicopter in the water just off a beach in New South Wales, has been blamed on the failure to apply a software patch.
- Lazarus hackers now push Linux malware via fake job offers – A new Lazarus campaign considered part of “Operation DreamJob” has been discovered targeting Linux users with malware for the first time.
- Popular Fitness Apps Leak Location Data Even When Users Set Privacy Zones – Fitness apps such as Strava leak sensitive location information of users, even when they’ve used in-app features to specifically set up privacy zones to hide their activity within specified areas, researchers have found.
- March 2023 broke ransomware attack records with 459 incidents – March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, an increase of 91% from the previous month and 62% compared to March 2022.
- Major US CFPB Data Breach Caused by Employee – The sensitivity of the personal information involved in the breach has yet to be determined by agency officials, but it affects 256,000 consumers.
- American Bar Association data breach hits 1.4 million members – The American Bar Association (ABA) has suffered a data breach after hackers compromised its network and gained access to older credentials for 1,466,000 members.
- Security Now 917: Zombie Software
- Smashing Security 317: Another Uber SNAFU, an AI chatbot quiz, and is juice-jacking genuine?
- Security Now 918: A Dangerous Interpretation
- Smashing Security 318: Tesla workers spy on drivers, and Operation Fox Hunt scams
TryHackMe – Finished Open CTI and MISP rooms as part of the SOC Analyst learning path, which completes the cyber threat intelligence section. Next is network security and traffic!