Week in review: VMware ESXi servers under attack, ChatGPT’s malicious potential, Reddit breached

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

While governments pass privacy laws, companies struggle to change
In this Help Net Security interview, Bill Tolson, VP of Compliance and eDiscovery at Archive360, discusses how organizations should ensure privacy is built into the design process, cybersecurity investments for better privacy, and much more.

North Korea targets US, South Korean hospitals with ransomware to fund further cyber operations
US and South Korean agencies have issued a joint cybersecurity advisory describing the tactics, techniques and procedures used by North Korean hackers to deploy “state-sponsored” ransomware on hospitals and other organizations that can be considered part of the countries’ critical infrastructure.

Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)
Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows them to run exploit code remotely, without prior authentication.

Released: Decryptor for Cl0p ransomware’s Linux variant
Flawed encryption logic used in Cl0p (Clop) ransomware’s Linux (ELF) variant has allowed SentinelOne researchers to create and release a free decryptor.

Attackers are searching for online store backups in public folders. Can they find yours?
Too many online store administrators are storing private backups in public folders and exposing database passwords, secret API keys, administrator URLs and customer data to attackers who know where to look.

CISA releases ESXiArgs ransomware recovery script
According to the latest data, the number of ESXiArgs ransomware victims has surpassed 3,800, and CISA has published a recovery script for victim organizations.

NIST chooses encryption algorithms for lightweight IoT devices
ASCON is the name of the group of lightweight authenticated encryption and hashing algorithms that the U.S. National Institute of Standards and Technology (NIST) has chosen to secure the data generated by Internet of Things (IoT) devices: implanted medical devices, keyless entry fobs, “smart home” devices, etc.

Reddit breached: Internal docs, dashboards, systems accessed
Popular social news website and forum Reddit has been breached (again) and the attacker “gained access to some internal docs, code, as well as some internal dashboards and business systems,” but apparently not to primary production systems and user data.

What a perfect day in data privacy looks like
Cybersecurity and privacy leaders should realize that as consumers become more aware of their data autonomy, enhanced data privacy can offer a real competitive business advantage.

ChatGPT’s potential to aid attackers puts IT pros on high alert
51% of IT professionals predict that we are less than a year away from a successful cyberattack being credited to ChatGPT, and 71% believe that foreign states are likely to already be using the technology for malicious purposes against other nations, according to BlackBerry.

Balancing risk and security tradeoffs
In this Help Net Security video, Christopher Hodson, CSO at Cyberhaven, talks about how CISOs have been investing in inflating their tech stack, but for what?

India-China relations will define the IoT landscape in 2023
In recent months, India and China have faced off over their disputed border in the Himalayas. The military stand-off mirrors growing tech conflict between the two superpowers.

Amazon S3 to apply security best practices for all new buckets
Starting in April 2023, Amazon S3 will change the default security configuration for all new S3 buckets. For new buckets created after this date, S3 Block Public Access will be enabled, and S3 access control lists (ACLs) will be disabled.

Top 3 resolutions for security teams
In this Help Net Security video, Kevin Garrett, Senior Solutions Engineer at Censys, recommends three critical elements all security teams need to add to their resolutions this year.

Generative AI: A benefit and a hazard
If there’s one thing people will remember about AI advances in 2022, it’ll be the advent of sophisticated generative models: DALL.E 2, Stable Diffusion, Midjourney, ChatGPT.

Nevada Ransomware has released upgraded locker
Resecurity has identified a new version of Nevada Ransomware which recently emerged on the Dark Web right before the start of 2023.

How CISOs can improve security practices to keep up with evolving technologies
In this Help Net Security video, Rick McElroy, Principal Security Strategist at VMware, offers a perspective on these trends, including tips on how consumers and organizations can bolster their security practices to keep up with evolving technologies.

Establishing secure habits for software development in 2023
As a new year commences, it’s not unusual for people to take the opportunity to adopt better practices and principles and embrace new ways of thinking in both their personal and professional lives.

Novel face swaps emerge as a major threat to biometric security
As biometric face verification gains traction and becomes more widely adopted, threat actors are targeting all systems with sophisticated online attacks.

The dangers of unsupported applications
Are ageing technologies and infrastructure threatening the security and productivity of your business?

Inadequate cybersecurity investments leave rail industry at risk
The popular notion might view the rail industry as a laggard compared to auto or high-tech manufacturing when embracing Industry 4.0. Yet railways are increasingly dependent on sophisticated connected systems to enhance efficiency and customer satisfaction.

How to scale cybersecurity for your business
Every organization’s journey to scale their cybersecurity capabilities is unique. Depending on what they have to work with, however, some might have a bumpier ride than others.

New infosec products of the week: February 10, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Cequence Security, Deepwatch, Neustar Security Services, OPSWAT, and SecuriThings.

More about

Don't miss