TWINN #112 Important Tech Trends
I want to review some important trends that we cannot ignore today. All the links and stories today are about trends. Last week I know I also talked about how the wind was blowing, but it seems there’s an acceleration happening on various fronts, and it’s only wise for us to all be aware and come out in front of it. Instead of being afraid of new trends, let’s ride the waves (if they’re good), or be prepared to defend against upcoming threats.
Table of Contents
The 5 Top Cyber Security Stories Of The Week – February 20, 2023
1. New “Swiss Army Malware” can develop more threats than ever before.
This report from Picus Security shows that new malware can carry up to 30 TTPs (Tactics, Techniques and Procedures).
The trend? Increased sophistication requiring increased defensive posturing. Zero Trust connectivity happens to address the vast majority of TTPs in malware by limiting what an infected system can do.
2. Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxy.
“An external control of file name or path vulnerability [CWE-73] in FortiNAC web server may allow an unauthenticated attacker to perform arbitrary write on the system,” Fortinet said in an advisory last week.
The trend? Attackers are going higher up the food chains so an attack vector affects a wider range of products and presents more openings for attack.
3. ‘A Wolf in Sheep’s Clothing’: Cybersecurity Expert Raises the Alarm About China’s Cyber Actors.
Non-chinese companies operating in China are required to comply by local laws. “By complying with Chinese laws, these companies unwittingly installed backdoors for Chinese state hackers.”
The trend? Jurisdictions that aren’t friendly to us do not hesitate to take advantage any way they can.
4. GoDaddy: Hackers stole source code, installed malware in multi-year breach.
“…customer reports in early December 2022 that their sites were being used to redirect to random domains, the attackers had access to the company’s network for multiple years.”
The trend? Broad impact attacks. Why focus on a lonely website on GoDaddy when you can target them all at once?
5. 5 key cybersecurity trends for 2023.
Of course the top one is no surprise: “Credential phishing remains hackers’ go-to”. Since the cyber-security community still claims that a phish-killer is illusive, it’s no surprise that this continues to be an attack vector by criminals. However, we believe the trend this year will be reversing as we figure out how to make ourselves phishing-proof. Some early adopters in the bleeding edge of Zero Trust connectivity are already experiencing this as it soon becomes available for a much more broad adoption.
Did you know?
You can Make Your Old Windows PC Usable Again With Tron Script which makes good use of tools we already know and like!