1. Home
  2. Cybersecurity Events

Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

Critical Bluetooth security flaw impacts multiple systems - Google, Apple and Linux devices
published: yesterday
The discovery of the 'BLUFFS' series of attacks, exploiting fundamental flaws in Bluetooth protocol session key derivation and impacting a vast range of devices like iPhones and Android smartphones. The vulnerability raises significant security concerns, prompting advisories for vendor level fixes and cautious Bluetooth usage by users, especially in public.
Take action: This is a protocol level problem. You can't do too much to mitigate the risk unless and until the vendor issues a patch. Fortunately the exploit requires physical proximity, so your best mitigation is to limit the use of Bluetooth to trusted spaces only. Also, be VERY diligent about applying patches to your devices to get the eventual protocol level patch.
Prioritize patching of internet facing systems or get hacked - a US government primer
published: Dec. 5, 2023
Hackers exploited a vulnerability in an unpatched Adobe ColdFusion, CVE-2023-26360, to compromise servers of a U.S. federal agency, with two incidents in June thwarted by cybersecurity measures.
Take action: Always prioritize patching of internet facing systems. As an alternative mitigating measure lock them in an internal network. Don't be optimistic, hackers use automation to find your vulnerable system.
State of (in)security - Week 48
published: Dec. 4, 2023
In the week of November 27 to December 4, 2023, there were 7 advisories/vulnerability events and 36 incident/data breach events, marking a significant increase in both compared to the previous week, although the number of impacted individuals decreased from 10.5 million to 6 million.
Take action: Running a legacy version of an internet connected software is a guaranteed recipe for a disaster. You are not saving money by running these systems - you spend a lot of money on hardware, people and you will pay massively more when you get hacked.
How legacy software will kill you - 20,000 legacy Microsoft Exchange servers are active globally
published: Dec. 2, 2023
A vast number of outdated Microsoft Exchange email servers, primarily in Europe, the U.S., and Asia, remain publicly accessible and highly vulnerable to attacks due to running unsupported software versions. At least 20,000 of these servers already beyond their end-of-life stage and susceptible to various significant security flaws.
Take action: Running a legacy version of an internet connected software is a guaranteed recipe for a disaster. Don't "plan to replace them". Replace them now, even if it means going to a cheap cloud service. You are not saving money by running these systems - you spend a lot of money on hardware, people and you will pay massively more when you get hacked.
State of (in)security - Week 47
published: Nov. 27, 2023
Between November 20 and 27, 2023, there were 2 security advisories and 27 data breach incidents, with a significant rise in affected individuals from 2.7 million to 10.5 million week-over-week, despite a decrease in overall incidents.
Take action: Keep your legacy infrastructure in mind - all the systems and pieces of software that are no longer supported by the vendors. Plan to replace such infrastructure quickly after end of support. Such infrastructure is quite likely to carry vulnerabilities and it's no longer going to be patched by the vendor. Even if it's still operating well, that infrastructure makes you an easy target for attack.
State of (in)security - Week 46
published: Nov. 20, 2023
In the third week of November 2023, there were 10 advisories and 30 data breach incidents, with a slight increase in advisories and consistent incident numbers compared to the previous week, impacting 2.7 million individuals —down from 4 million. The largest breach being Truepill pharmacy affecting 2.3 million.
Take action: If your organization is faced with an incident, don't try to hide it. The cat is out of the bag, process it and report it. That's the best way not to be extorted nor suffer penalties. And it still shows a better level of trustworthiness than playing dumb. And pentest your AI/ML systems, they may be vulnerable because they are running on regular servers with standard and often unpatched base software.
Time to start pentesting your AI models, because there are a bunch of issues
published: Nov. 16, 2023
Researchers have identified critical vulnerabilities in the infrastructure supporting AI models, underscoring the need for companies to conduct security testing on their AI systems. AI models and machine learning platforms are software running on sometimes vulnerable infrastructure, making them susceptible to exploitation and posing real risks to organizations, particularly those heavily integrating AI into their operations.
Take action: It's time to start bounty programs and systemic pentesting of your AI/ML systems. Because they are built and implemented by people, and people make the same mistakes and security vulnerabilities..
Respect Incident Reporting to regulators - hackers are pressuring victims by reporting them to SEC
published: Nov. 15, 2023
The cybercriminal group AlphV reported its victim, MeridianLink, to the SEC, alleging a breach of the new SEC rule on cybersecurity incident disclosure for publicly traded companies. This action highlights the evolving tactics of cybercriminals who are shifting from data unavailability threats to regulatory pressure extortion, emphasizing the need for organizations to adopt proper incident management processes.
Take action: If your organization is faced with an incident, don't try to hide it. The cat is out of the bag, process it and report it. That's the best way not to be extorted nor suffer penalties. And it still shows a better level of trustworthiness than playing dumb.
State of (in)security - Week 45
published: Nov. 13, 2023
Between November 6 and November 13, 2023, there was a slight increase in data breach incidents (from 22 to 29) and a decrease in advisories (from 6 to 4), with over 4 million individuals affected, a decrease from the previous week's record of 815 million, and the largest breach involving the Maine government's MOVEit system impacting 1.3 million individuals.
Take action: Quality assurance, code review and testing is important for all software. Confirmed even by criminals who lost the stolen digital funds by bugs in their theft code.
Time for change: privacy ignoring data brokers sell data of US military personnel
published: Nov. 7, 2023
The Duke University study highlights the troubling simplicity and low cost of obtaining personal details of U.S. military personnel from data brokers, posing a significant national security risk and amplifying calls for stringent privacy regulation.
Take action: If the privacy of all other citizens was not as important as profitable businesses, perhaps this research and an outcry by the very influential military complex will be the trigger that's needed to put check and balances on exploitation of privacy, resale of personal data with a comprehensive privacy regulation in the entire US. Because it's sorely needed.