WyzGuys Tech Talk

A quick Saturday digest of cybersecurity news articles from other sources.

LastPass admits to customer data breach caused by previous breach

Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.

The CHRISTMA EXEC network worm – 35 years and counting!

“Uh-oh, this viruses-and-worms scene could turn out quite troublesome.” If only we’d been wrong…

December 2022 sees the 35th anniversary of the first major self-spreading computer virus – the infamous CHRISTMA EXEC worm that temporarily crushed the major mainframe networks of the day…

CISA Releases Phishing Infographic

Original release date: December 8, 2022

Today, CISA published a Phishing Infographic to help protect both organizations and individuals from successful phishing operations. This infographic provides a visual summary of how threat actors execute successful phishing operations. Details include metrics that compare the likelihood of certain types of “bait” and how commonly each bait type succeeds in tricking the targeted individual. The infographic also provides detailed actions organizations and individuals can take to prevent successful phishing operations—from blocking phishing attempts to teaching individuals how to report successful phishing operations.

CISA Releases Three Industrial Control Advisories

Original release date: December 8, 2022

CISA has released three (3) Industrial Control Systems (ICS) advisories on 08 December 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:

• ICSA-22-342-01 Advantech iView
• ICSA-22-342-02 AVEVA InTouch Access Anywhere
• ICSA-22-342-03 Rockwell Automation Logix Controllers