2023 and Cybersecurity - Cyber Security Informer

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Schneier on Security

NOVEMBER 18, 2024

Zero-day vulnerabilities are more commonly used , according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.

Cybersecurity

macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published

Penetration Testing

NOVEMBER 26, 2024

The flaw, designated CVE-2023-32428... The post macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published appeared first on Cybersecurity News.

Cybersecurity

Top 15 Exploited Vulnerabilities of 2023

SecureWorld News

NOVEMBER 12, 2024

A new joint Cybersecurity Advisory, co-authored by leading cybersecurity agencies from the United States, Australia, Canada, New Zealand, and the United Kingdom, details the vulnerabilities malicious actors routinely exploited in 2023.

Software

Software Passwords Cyber threats Risk

Most Popular Cybersecurity Blogs from 2023

Lohrman on Security

JANUARY 14, 2024

What were the top government technology and security blogs in 2023? The metrics tell us what cybersecurity and technology infrastructure topics were most popular.

Cybersecurity

Cybersecurity Technology Government

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). In this eBook, we will look at the 2023 report and explore the most important cybersecurity stats and how to prevent them.

Identity Theft

RSAC 2023: Generative AI Takes the Cybersecurity Industry by Storm

Lohrman on Security

APRIL 30, 2023

Yes, generative AI stole the show at RSA Conference 2023 in San Francisco last week. Here’s a roundup of the top news from the biggest cybersecurity conference in the world.

Cybersecurity

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. Amazon was compromised in May, 2023 via a MoveIT 0day exploit.

Data breaches

Data breaches Hacking Ransomware Technology

Microsoft Patch Tuesday, February 2023 Edition

Krebs on Security

FEBRUARY 14, 2023

Redmond flags CVE-2023-23376 as an “Important” elevation of privilege vulnerability in the Windows Common Log File System Driver , which is present in Windows 10 and 11 systems, as well as many server versions of Windows. Researchers at cybersecurity forensics firm Mandiant were credited with reporting the bug.

Internet

Internet Internet Cyber threats Malware

2023’s Dark Horse Cyber Story: Critical Infrastructure Attacks

Lohrman on Security

DECEMBER 3, 2023

There are several cybersecurity trends that truly deserve top attention when we look back at 2023 — and they will get it. Meanwhile, cyber attacks against critical infrastructure quietly grow, despite a lack of major attention.

Cyber Attacks

Cyber Attacks Cybersecurity

Cybersecurity Predictions for 2024

We’ve recently looked back at what happened within cybersecurity in 2023. In this eBook—with some guidance from the Google Cloud Cybersecurity Forecast 2024—we will delve into some of the most anticipated trends, threats, and cutting-edge solutions that are set to define the cybersecurity landscape in the months ahead.

Cybersecurity

Atlassian Confluence Vulnerability CVE-2023-22527 Exploited for Cryptomining

Penetration Testing

OCTOBER 30, 2024

In a recently disclosed report by Trend Micro, attackers were observed exploiting a vulnerability in Atlassian’s Confluence servers (CVE-2023-22527) to hijack victim resources and harvest rewards from the Titan Network—a... The post Atlassian Confluence Vulnerability CVE-2023-22527 Exploited for Cryptomining appeared first on Cybersecurity (..)

Cybersecurity

Securing Tomorrow: Cybersecurity Review 2023 & Forecasting 2024 Threats – A Free Webinar With Joseph Steinberg and Dror Liwer

Joseph Steinberg

JANUARY 30, 2024

Embark on a journey of thought leadership into the dynamic realm of cybersecurity, and be part of the conversation and collective effort to shape the future of the industry, by joining the inaugural webinar of Coro’s new series, Cybersphere.

Artificial Intelligence

Artificial Intelligence Cybersecurity Cyber threats Technology

Zero Trust Strategies for 2023: A Webinar With Renowned CyberSecurity Expert Joseph Steinberg

Joseph Steinberg

NOVEMBER 30, 2022

On Tuesday, December 6, 2022, at Noon US Eastern (9:00 AM US Pacific = 5:00 PM UTC/GMT) you can join a fireside chat with renowned security experts Magda Chelly and Joseph Steinberg, who will share their insights and recommendations on how to leverage Zero Trust to keep your users, assets, and data safe in 2023 and beyond.

Artificial Intelligence

Artificial Intelligence Cybersecurity

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. Here is part one of three groupings. This is folly.

Cybersecurity

Cybersecurity Social Engineering Cyber threats Software

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Today’s technology leaders play a more strategic role in establishing cybersecurity strategy for their organizations. November 14th, 2023 at 9:30am PST, 12:30pm EST, 5:30pm GMT In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?” Register today!

Cybersecurity

CVE-2023-32197 (CVSS 9.1): Critical RKE2 Flaw Exposes Windows Nodes to Privilege Escalation

Penetration Testing

OCTOBER 28, 2024

A significant security vulnerability, CVE-2023-32197, has been identified in RKE2, Rancher’s Kubernetes distribution geared toward high-security environments, including the U.S. Federal Government.

Government

Government Cybersecurity

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Security Affairs

DECEMBER 8, 2024

On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. In 2023, upon discovering the cyber attack, the Anna Jaques Hospital took the impacted systems down and launched an investigation into the security breach. The hospital revealed that the security breach exposed sensitive health data for over 316,000 patients.

Data breaches

Data breaches Insurance Healthcare Ransomware

Mauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604)

Penetration Testing

DECEMBER 8, 2024

The AhnLab Security Intelligence Response Center (ASEC) has revealed that threat actors exploiting a critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, have begun deploying Mauri ransomware in their attacks....

Ransomware

Ransomware Security Intelligence Cybersecurity Malware

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Hacking Technology

On the Cybersecurity Jobs Shortage

Schneier on Security

SEPTEMBER 20, 2023

In April, Cybersecurity Ventures reported on extreme cybersecurity job shortage: Global cybersecurity job vacancies grew by 350 percent, from one million openings in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures. million in 2023, with more than 750,000 of those positions in the U.S.

Cybersecurity

Cybersecurity Engineering CISO Architecture

Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025

Security Boulevard

JANUARY 10, 2025

According to a Netskope report, phishing attacks surged in 2024, with enterprise employees clicking on phishing links at a rate nearly three times higher than in 2023. The post Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025 appeared first on Security Boulevard. The study found phishing campaigns have evolved.

Phishing

Phishing Risk Cybersecurity Security Awareness

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

As they do, they create more security vulnerabilities and inherent business, changing the nature of cybersecurity careers. Meanwhile, according to non-profit trade association CompTIA’s Cyberseek tool, nearly half a million cybersecurity jobs were open between May 2023 and April 2024 in the U.S., million workers.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing Engineering

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

Penetration Testing

OCTOBER 13, 2024

This vulnerability, tracked... The post Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581) appeared first on Cybersecurity News.

Cybersecurity

2023 Cybersecurity Awareness Month Appeal: Make Online Security Easier

Lohrman on Security

AUGUST 20, 2023

So as we prepare for Cybersecurity Awareness Month in October, the goal is to make cybersecurity easy. Surveys show that most Americans think online security is too hard, confusing and frustrating.

Cybersecurity

Security Alert: Bootkitty Bootkit Targets Linux via UEFI Vulnerability (CVE-2023-40238)

Penetration Testing

DECEMBER 1, 2024

This new threat exploits the LogoFAIL vulnerability (CVE-2023-40238), a UEFI firmware flaw,... The post Security Alert: Bootkitty Bootkit Targets Linux via UEFI Vulnerability (CVE-2023-40238) appeared first on Cybersecurity News.

Firmware

Firmware Cybersecurity Malware

Empowering Boards for Cybersecurity Incidents

SecureWorld News

JANUARY 12, 2025

This article explores how boards can effectively prepare, respond, and lead during cybersecurity incidents, turning a potential disaster into a managed crisis. These principles serve as the foundation for the board's actions before, during, and after a cybersecurity incident.

Cybersecurity

Cybersecurity Ransomware Data breaches Government

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

SecureWorld News

NOVEMBER 18, 2024

Environmental Protection Agency (EPA) Office of Inspector General (OIG) has highlighted significant cybersecurity vulnerabilities in the nation's drinking water systems. The findings revealed exploitable cybersecurity weaknesses that could disrupt service, cause data loss, or lead to information theft. A recent report from the U.S.

Cybersecurity

Cybersecurity Risk Penetration Testing Technology

Cyber Security Expert Joseph Steinberg To Continue Serving On Newsweek Expert Forum In 2023

Joseph Steinberg

JANUARY 10, 2023

Cyber Security Expert, Joseph Steinberg, who joined Newsweek’s Expert Forum in 2021, will continue serving as a member of the premier news organization’s council in 2023. Steinberg brings important insights about cybersecurity, privacy, and artificial intelligence to this community.”.

Artificial Intelligence

Artificial Intelligence CISO Technology Cybersecurity

AI Cybersecurity Firm Raises $100 Million to Strengthen National Security

eSecurity Planet

FEBRUARY 18, 2025

Dream, an AI cybersecurity startup, has raised $100 million in a Series B funding round led by Bain Capital Ventures to bolster its mission of defending nations and critical infrastructure from cyber threats. Kurz, a former Austrian prime minister, co-founded Dream in 2023. led to widespread fuel shortages across the East Coast.

Cybersecurity

Cybersecurity Cyber threats Government Data privacy

Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788

Penetration Testing

DECEMBER 19, 2024

This SQL injection vulnerability, identified as CVE-2023-48788, affects FortiClient... The post Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788 appeared first on Cybersecurity News.

Cybersecurity

Artificial Intelligence and CyberSecurity Expert Joseph Steinberg To Keynote Pennsylvania Summit

Joseph Steinberg

OCTOBER 4, 2023

CyberSecurity and Artificial Intelligence Expert , Joseph Steinberg, will keynote the upcoming Securing the Future: Cloud, Cybersecurity, and AI Summit , taking place on Wednesday, October 11, 2023, in Pennsylvania, USA.

Artificial Intelligence

Artificial Intelligence Cybersecurity Technology

2023 Cyber Review: The Year GenAI Stole the Show

Lohrman on Security

DECEMBER 10, 2023

This was a year unlike any other in the brief history of the cybersecurity industry, with generative artificial intelligence disrupting plans and ushering in unparalleled change to security.

Artificial Intelligence

Artificial Intelligence Cybersecurity

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

Security Boulevard

DECEMBER 30, 2024

In December 2023, as cyberattacks surged, the U.S. Securities and Exchange Commission (SEC)began enforcing new cybersecurity disclosure rules. Recognizing the critical need for transparency and robust cybersecurity measures, the U.S. This pushed C-level executives and boards to adopt measures for compliance and transparency.

Cybersecurity

Cybersecurity Cyber Risk CISO Risk

The 3 biggest cybersecurity threats to small businesses

Malwarebytes

MAY 1, 2025

Without robust IT budgets or fully staffed cybersecurity departments, small businesses often rely on their own small stable of workers (including sole proprietors with effectively zero employees) to stay safe online. That means that what worries these businesses most in cybersecurity is what is most likely to work against them.

Small Business

Small Business Cybersecurity Passwords Scams

Artificial Intelligence in Cybersecurity: Boon or Bane? – A Free Webinar With Joseph Steinberg, Author of Cybersecurity For Dummies

Joseph Steinberg

MARCH 13, 2023

While the introduction of artificial intelligence (AI) is certainly delivering many benefits to mankind, including in the realm of cybersecurity, it has also created all sorts of new risks as evildoers seek to harness AI for their illicit and harmful purposes. The post Artificial Intelligence in Cybersecurity: Boon or Bane?

Artificial Intelligence

Artificial Intelligence Cybersecurity Cyber threats Cybercrime

HPE is notifying individuals affected by a December 2023 attack

Security Affairs

FEBRUARY 10, 2025

Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors. Hewlett Packard Enterprise has started notifying individuals whose personal information was exposed in a December 2023 cyber attack. reads FORM8-K filing with the U.S.

Accountability

Accountability Passwords Cybersecurity Marketing

Google Cybersecurity Action Team Threat Horizons Report #9 Is Out!

Anton on Security

FEBRUARY 7, 2024

If this keeps being profitable, they will keep doing it, we need to … ImposeCost :-) ] Source: TH9 “Several times throughout 2023, we observed threat actors leverage illicit cloud access in an attempt to infect third parties. Related posts: Google Cybersecurity Action Team Threat Horizons Report #8 Is Out!

Cybersecurity

Cybersecurity Ransomware Passwords Cryptocurrency

CyberSecurity and Artificial Intelligence Expert Joseph Steinberg To Discuss Building Trust in AI

Joseph Steinberg

SEPTEMBER 12, 2023

CyberSecurity and Artificial Intelligence Expert , Joseph Steinberg, will speak as part of a panel discussion on the intersection of CyberSecurity and Artificial Intelligence (AI), to take place on Tuesday, September 12, 2023 at 2 PM US Eastern time.

Artificial Intelligence

Artificial Intelligence Cybersecurity Data breaches Engineering

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

INE Security , a leading provider of cybersecurity training and certifications, today shared its cybersecurity training for cyber hygiene practices for small businesses, underscoring the critical role of continuous education in safeguarding digital assets. INE Security emphasizes the importance of regular training forall employees.

Small Business

Small Business Data breaches Backups Passwords

Breachforums Boss to Pay $700k in Healthcare Breach

Krebs on Security

MAY 15, 2025

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick , a.k.a. Image: Ke-la.com.

Healthcare

Healthcare Insurance Data breaches Government

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

The Hacker News

MAY 23, 2025

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network.

Small Business

Small Business Cybersecurity

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The Rhysida ransomware group has been active since May 2023. In December 2023, FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks. In December 2023, FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks.

Government

Government Ransomware Hacking Manufacturing

MY TAKE: A few reasons to believe RSAC 2023’s ‘stronger together’ theme is gaining traction

The Last Watchdog

APRIL 30, 2023

The theme of RSA Conference 2023 — ‘stronger together’ — was certainly well chosen. It certainly was terrific to see the cybersecurity industry’s premier trade event fully restored to its pre-Covid grandeur at San Francisco’s Moscone Center last week.

Mobile

Mobile Cloud Migration Penetration Testing Authentication

Top 5 Global Cyber Security Trends of 2023, According to Google Report

Tech Republic Security

MAY 3, 2024

According to the M-Trends report, the average time it takes for an organisation to detect an attacker in their environment has decreased from 16 days in 2022 to 10 days in 2023.

Ransomware

Ransomware Cybersecurity

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published

Trending Sources

Top 15 Exploited Vulnerabilities of 2023

Most Popular Cybersecurity Blogs from 2023

5 Key Findings From the 2023 FBI Internet Crime Report

RSAC 2023: Generative AI Takes the Cybersecurity Industry by Storm

Amazon discloses employee data breach after May 2023 MOVEit attacks

Microsoft Patch Tuesday, February 2023 Edition

2023’s Dark Horse Cyber Story: Critical Infrastructure Attacks

Cybersecurity Predictions for 2024

Atlassian Confluence Vulnerability CVE-2023-22527 Exploited for Cryptomining

Securing Tomorrow: Cybersecurity Review 2023 & Forecasting 2024 Threats – A Free Webinar With Joseph Steinberg and Dror Liwer

Zero Trust Strategies for 2023: A Webinar With Renowned CyberSecurity Expert Joseph Steinberg

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

Software Composition Analysis: The New Armor for Your Cybersecurity

CVE-2023-32197 (CVSS 9.1): Critical RKE2 Flaw Exposes Windows Nodes to Privilege Escalation

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Mauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604)

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

On the Cybersecurity Jobs Shortage

Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025

Top 9 Trends In Cybersecurity Careers for 2025

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

2023 Cybersecurity Awareness Month Appeal: Make Online Security Easier

Security Alert: Bootkitty Bootkit Targets Linux via UEFI Vulnerability (CVE-2023-40238)

Empowering Boards for Cybersecurity Incidents

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

Cyber Security Expert Joseph Steinberg To Continue Serving On Newsweek Expert Forum In 2023

AI Cybersecurity Firm Raises $100 Million to Strengthen National Security

Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788

Artificial Intelligence and CyberSecurity Expert Joseph Steinberg To Keynote Pennsylvania Summit

2023 Cyber Review: The Year GenAI Stole the Show

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

The 3 biggest cybersecurity threats to small businesses

Artificial Intelligence in Cybersecurity: Boon or Bane? – A Free Webinar With Joseph Steinberg, Author of Cybersecurity For Dummies

HPE is notifying individuals affected by a December 2023 attack

Google Cybersecurity Action Team Threat Horizons Report #9 Is Out!

CyberSecurity and Artificial Intelligence Expert Joseph Steinberg To Discuss Building Trust in AI

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Breachforums Boss to Pay $700k in Healthcare Breach

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

Rhysida Ransomware gang claims the hack of the Government of Peru

MY TAKE: A few reasons to believe RSAC 2023’s ‘stronger together’ theme is gaining traction

Top 5 Global Cyber Security Trends of 2023, According to Google Report

Stay Connected