[ This article was originally published here ]
Major corporate and US government breaches, White House enforces TikTok ban, and NCSC issues zero trust guidance. Here are the latest threats and advisories for the week of March 3, 2023.
Alerts and warnings of threats
The UK’s National Cyber Security Center has published guidance on how businesses can take advantage of zero trust security. The article explains why some systems cannot be integrated into a zero trust network. Organizations can work around this problem by creating a mixed state using a zero-trust proxy or a managed virtual private network (VPN).
Added a high severity flaw (CVE-2022-36537) affecting the ZK Framework to the US Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities. The remote code execution flaw is being actively exploited and can give threat actors access to sensitive information. Affected ZK Framework versions include 9.6.1, 126.96.36.199, 188.8.131.52, 184.108.40.206, and 220.127.116.11.
Emerging threats and research
Password management company LastPass has been affected by an attack related to its August 2022 leak. LastPass explained: “In the second incident, the threat actor quickly made use of information extracted during the first incident, prior to the reboot completed by our teams, to enumerate and ultimately extract data from cloud storage resources.” The motive and identity of the threat actor is still unknown. As have become increasingly common, the incident could be a springboard for an attack on a larger target.
In December of last year, the US Senate approved a ban on the use of TikTok from government devices. The ban began Monday, allowing federal agencies 30 days to remove the popular social media app. The ban is a move by the White House to protect US citizens from China-driven social media campaigns that could deepen divisions and rig the vote on important domestic issues. follow a resemblance last week.
The US Marshals Service, one of the highest-ranking law enforcement agencies in the United States, has been hit with a major violation. On February 17, a ransomware infection affected a system containing “sensitive law enforcement information.” According to Marshals Service spokesman Drew Wade, sensitive data includes administrative information, legal process returns, and personally identifiable information related to the subjects of USMS investigations. certain USMS employees and third parties.
in a to employees last week, the publishing and media company News Corp, which owns newspapers including The Sun, The Times and The Australian, revealed that it experienced a breach that lasted two years. “News Corp understands that, between February 2020 and January 2022, an unauthorized party gained access to certain business documents and emails from a limited number of its personnel’s accounts on the affected system, some of which contained personal information.” the letter said. The leak also affected some News Corp brands, including the New York Post, the Wall Street Journal and some UK publications.
US streaming platform Dish Network has confirmed that it suffered a ransomware attack, which is responsible for the multi-day network and service outage that began last Friday. While Dish also confirmed that the data was stolen from its systems, it did not specify who the data belonged to: customers, employees, or both. The company’s website is still experiencing an outage while the attack is investigated with the help of external security consultants.
To stay up-to-date on the latest cyber security threats and advisories, check out the (ISC) blog for weekly updates². Share other alerts and threat discoveries you’ve encountered and join the conversation in the (ISC) community² board.