As you've probably seen by now, Talos released our 2023 Year in Review report last week.
It's an extremely comprehensive look at the top threats, attacker trends and malware families from the past year with never-before-seen Cisco Talos telemetry.
With this being the last Threat Source newsletter of the calendar year, I figured I'd do a Year in Review of my own.
I don't have the data or first-hand research to back any of these statements up, this is purely just vibes-based or things I've discovered about myself and my cybersecurity habits over the past year, so while you may not be able to deploy any of these things on your firewall, I hope they serve as good advice to anyone thinking about the security landscape heading into the new year.
Just assume your passwords are going to get out there.
Several major password management services were hit with data breaches this year.
The basic idea of a password manager is that your login information is inherently safer than just using the same password repeatedly, writing them down on a physical sheet of paper, or just hoping you remember each time you log in.
Or if a traditional username and password combination is your only option, change that password as often as you can and make sure you have multi-factor authentication enabled to whatever password management service you use.
The company has completely torn down any internal teams it has dedicated to fighting fake news or scams and searching for literally anything will surface misleading information, outright lies or offensive content.
Over the past year, many major threat actors and malware operators that were once thought removed showed they could find a way back.
Trickbot, a major threat actor known for big game hunting, recently switched up its tactics and is actively targeting organizations in Ukraine, despite its developer being arrested and pleading guilty to several U.S. federal charges.
Emotet, which is known for its various stops-and-starts, is relatively quiet right now but was briefly active again earlier this year.
This is not to say that these law enforcement server takedowns and arrests aren't working - anything we can do to make the bad guys' lives harder is a win in the end - but it's continued proof that we can never really count any threat out.
The hope is that most people have patched since the ubiquitous vulnerability was discovered in late 2021, but telemetry indicates there are many vulnerable instances still out there.
Potentially affected users should update to the latest version of UEFI by updating their firmware, including new patches from AMI, Intel, Insyde, Phoenix and Lenovo.
Several major hardware and software vendors released their last patches of the calendar year this week.
Apple released patches for its major pieces of hardware, disclosing security issues in iPhones, Macs and more.
One of the vulnerabilities in macOS, CVE-2023-42914, is a kernel issue with the potential to allow apps to break out of their sandboxes.
The U.S. Cybersecurity and Infrastructure Security Agency released an advisory that attackers are actively exploiting a vulnerability in Adobe ColdFusion, which potentially poses a threat to government agencies.
Organizations must act now to prepare for the new requirements, safeguard their operations, and maintain a robust cybersecurity posture.
This Cyber News was published on blog.talosintelligence.com. Publication date: Thu, 14 Dec 2023 19:13:05 +0000