Comments on: Cyber security trends for 2022

By: Tomi Engdahl

Tomi Engdahl — Wed, 04 Jan 2023 08:19:34 +0000

Ransomware impacts over 200 govt, edu, healthcare orgs in 2022 https://www.bleepingcomputer.com/news/security/ransomware-impacts-over-200-govt-edu-healthcare-orgs-in-2022/
Ransomware attacks in 2022 impacted more than 200 hundred larger organizations in the U.S. public sector in the government, educational, and healthcare verticals. Data collected from publicly available reports, disclosure statements, leaks on the dark web, and third-party intelligence show that hackers stole data in about half of these ransomware attacks.

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 Jan 2023 17:05:05 +0000

Extracting Encrypted Credentials From Common Tools
Attackers are harvesting credentials from compromised systems. Here’s how some commonly used tools can enable this.
https://www.darkreading.com/dr-tech/extracting-encrypted-credentials-from-common-tools

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 Jan 2023 16:59:43 +0000

Cyber attacks set to become ‘uninsurable’, says Zurich chief
https://www.swissinfo.ch/eng/business/cyber-attacks-set-to-become–uninsurable—says-zurich-chief/48161718

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 Jan 2023 16:59:07 +0000

CVE-2022-38627: A journey through SQLite Injection to compromise the whole enterprise building
https://infosecwriteups.com/cve-2022-38627-a-journey-through-sqlite-injection-to-compromise-the-whole-enterprise-building-15cebd072ed6

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 Jan 2023 16:57:57 +0000

https://www.dna.fi/yrityksille/blogi/-/blogs/vain-paranoidit-parjaavat-hybridityo-vaatii-tujumpaa-tietoturvaa

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 Jan 2023 15:15:35 +0000

https://windowsir.blogspot.com/2022/09/deconstructing-florians-bicycle.html

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 Jan 2023 15:15:10 +0000

https://freedom-to-tinker.com/2022/09/20/cross-layer-security-a-holistic-view-of-internet-security/#respond

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 Jan 2023 07:03:41 +0000

https://www.securityweek.com/five-stories-shaped-cybersecurity-2022

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 Jan 2023 06:54:32 +0000

SPF and DMARC use on GOV domains in different ccTLDs
https://isc.sans.edu/diary/rss/29384
To discover what percentage of second-level GOV domains actually employ the aforementioned security mechanisms, I wrote a short script that identified ccTLDs in which such domains existed, and gathered and evaluated the corresponding SPF and DMARC records, if these were published (determining whether DKIM is being used by a specific domain is unfortunately impossible without direct communication . The results wereinteresting, if not necessarily optimistic.

By: Tomi Engdahl

Tomi Engdahl — Sun, 01 Jan 2023 21:46:29 +0000

Lily Hay Newman / Wired:
A look at 2022′s worst breaches, leaks, ransomware attacks, state-sponsored hacking campaigns, and digital takeovers, including at least two Twilio breaches — The year was marked by sinister new twists on cybersecurity classics, including phishing, breaches, and ransomware attacks.

https://www.wired.com/story/worst-hacks-2022/