WyzGuys Tech Talk

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

April 22, 2022

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion.

LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.  More…

APT attack on a telecom company in Kazakhstan

In October 2021, one of Kazakhstan’s telecommunication companies contacted Doctor Web,
with suspicion of malware in the corporate network. During the first look, we found backdoors
that were previously only used in targeted attacks. During the investigation, we also found out
that the company’s internal servers had been compromised since 2019. For several years,
Backdoor.PlugX.93 and BackDoor.Whitebird.30, the Fast Reverse Proxy (FRP) utilities, and
RemCom have been the main attackers’ tools.  More…

Why IT and network security outsourcing is just what you need

If there are two truisms in the business world, it’s these:

1. Companies have become more reliant on computer technology than ever before to get the job done.

2. Technology has become increasingly complex over time, making it difficult for companies to discern internally how they should manage their networks and the threats against them.

These two reasons demonstrate why businesses need to take a holistic look at their IT and cybersecurity efforts. Not only does outsourcing your IT and network security programs save you time, money and effort, but it also allows you to access technologies, processes and procedures you might not otherwise have considered. As your company is busy running itself and handling your normal business needs, an outsourced IT and network security vendor might be just what you need.  More…

OAuth 2.0: What is it and how does it work?

The OAuth authentication framework provides users with a safe way to access online services without putting their credentials at risk. Here’s a quick rundown of what you should know about OAuth 2.0.

2021 Top Routinely Exploited Vulnerabilities

Original release date: April 27, 2022

CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK)  have released a joint Cybersecurity Advisory that provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.

CISA encourages users and administrators to review joint Cybersecurity Advisory: 2021 Top Routinely Exploited Vulnerabilities  and apply the recommended mitigations to reduce the risk of compromise by malicious cyber actors.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.