Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Dice’s salary report indicates it’s still a good time to work in tech

The average salaries for specialized tech professionals in the U.S. is over six figures, according to the new report.

How to (Actually) Use ChatGPT

I have developed a keen interest in the ChatGPT AI, and found this tutorial on LinkedIn from Sam Szuchan.  It is thirty-four slides, just keep clicking on the right arrow.  You will have to click through to LinkedIn for this.

And then there is this job posting, also from LinkedIn:

Beware rogue 2FA apps in App Store and Google Play – don’t get hacked!

Even in Apple’s and Google’s “walled gardens”, there are plenty of 2FA apps that are either dangerously incompetent, or unrepentantly malicious. (Or perhaps both.)

Dutch police arrest three cyberextortion suspects who allegedly earned millions

Ever paid hush money to crooks who broke into your network? Wondered how much you can trust them?

CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks

02/28/2023 07:00 AM EST

Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.

As detailed in the advisory, the CISA red team obtained persistent access to the organization’s network, moved laterally across multiple geographically separated sites, and gained access to systems adjacent to the organization’s sensitive business systems. This cybersecurity advisory highlights the importance of early detection and continual monitoring of cyber assets.

CISA encourages critical infrastructure organizations to apply the recommendations in the Mitigations section of this CSA to ensure security processes and procedures are up to date, effective, and enable timely detection and early mitigation of malicious activity.

Please share your thoughts. We recently updated our anonymous Product Feedback Survey and we’d welcome your feedback.

Pen testing report: IT budgets should focus on entire security stack

With nearly 90% of companies reporting cyberattacks, pen testing budgets are on the rise, with cloud infrastructure and services a key focus area, according to a new report.

Windows 11 update brings Bing Chat into the taskbar

Microsoft’s latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

LastPass Breach Update

I received this from LastPass on March 2:

“Dear LastPass Customer,

We are writing today to update you on our recent security incident disclosed on December 22. We have now completed an exhaustive investigation and have not seen any threat actor activity since October 26.

Earlier today, we posted an update to our blog with new findings and important information, including what happened and the actions we have taken, what data was accessed, what we have done to secure LastPass, actions we are recommending customers take to protect themselves or their businesses, and what you can expect from us going forward.

Given the volume of information we are sharing in the blog post, and to better assist our customers with their own incident-response efforts, we have prepared a Security Bulletin specifically for our Free, Premium, and Families consumer users to help guide you through a review of important LastPass settings designed to help secure your account by confirm best practices are being followed.

Please review the Security Bulletin and make any necessary changes to your account.

In sharing these additional details today and in our approach going forward, we are determined to do right by our customers and communicate more effectively. We thank you for your patience and continued support of LastPass.

The Team at LastPass”

LastPass: Keylogger on home PC led to cracked corporate password vault

Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn’t say which one!) on a developer’s home computer.

Coinbase Attack Used Social Engineering

Coinbase on their blog describes a targeted social engineering attack that led to the theft of some employee data. The attacker first sent smishing messages to several Coinbase employees, urging them to click a link and log in to their Coinbase work account. One employee fell for the attack, and the threat actor then attempted to use the victim’s account to gain access to Coinbase’s internal systems. Fortunately, the company’s security solutions prevented this.

Soon afterwards, however, the attacker called the same employee, claiming to work for the company’s IT department.

“About 20 minutes later our employee’s mobile phone rang,” Coinbase says. “The attacker claimed to be from Coinbase corporate Information Technology (IT) and they needed the employee’s help. Believing that they were speaking to a legitimate Coinbase IT staff member, the employee logged into their workstation and began following the attacker’s instructions. That began a back and forth between the attacker and an increasingly suspicious employee.”   More…

Blog post with links:

Nokia smartphone with DIY features launches as ‘right to repair’ demand heightens

The Nokia G22 smartphone comes with components you can easily dismantle and offers a repair manual from iFixit.




About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.