A quick Patch Tuesday retrospective, and then a look at what the threat groups are up to.
CyberWire Daily - A podcast by N2K Networks
Categories:
A look back at Patch Tuesday. BlackCat uses malicious Google ads. Social engineering in the third quarter of 2023. Are small businesses in denial about ransomware? Molerats have some new tools. Israel turns to NSO Group's Pegasus to search for hostages taken by Hamas. Tim Starks from the Washington Post examines the potential aftermath of a Russian group hitting a Chinese bank. In our Learning Layer, Sam Meisenberg helps a student understand and create a strategy for the CISSP CAT. And a cyberespionage campaign is attributed to Russia's SVR. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/218 Selected reading. Adobe Releases Security Updates for Multiple Products | CISA (Cybersecurity and Infrastructure Security Agency CISA) Fortinet Releases Security Updates for FortiClient and FortiGate (Cybersecurity and Infrastructure Security Agency | CISA) VMware Releases Security Update for Cloud Director Appliance (Cybersecurity and Infrastructure Security Agency | CISA) CISA Releases Two Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency | CISA) Microsoft Releases October 2023 Security Updates (Cybersecurity and Infrastructure Security Agency | CISA) Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws (BleepingComputer) SAP Security Patch Day for November 2023 (Onapsis) The ALPHV/BlackCat Ransomware Gang is Using Google Ads to Conduct… (eSentire) Q3 2023 Threat Landscape Report: Social Engineering Takes Center Stage (Kroll) OpenText Cybersecurity 2023 Global Ransomware Survey: The risk perception gap (OpenText Blogs) TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities (Proofpoint) Israel's NSO unleashes controversial spyware in Gaza conflict (Axios) APT29 Attacks Embassies Using CVE-2023-38831 (NCSCC) Cyber-espionage operation on embassies linked to Russia’s Cozy Bear hackers (Record) Learn more about your ad choices. Visit megaphone.fm/adchoices