Cyber Threat Report: Cyber Security News for 03/16/23

Microsoft Lays off Team Responsible for AI Ethics
What was left of the team has now been wiped out completely. Read More

SonicWall Devices Infected by Malware that Survives Firmware Upgrades
The deployed malware is customized for SonicWall devices and is used to steal user credentials, provide shell access to the attackers, and even persist through firmware upgrades. Read More

Feds fine Florida Children’s Health Insurance Site for Massive 2020 Hack
Company knowingly failed to properly maintain, patch, and update the software systems,” which left the website and patient data exposed to cyber threats. Read More

Data Security Firm Rubrik Targeted With GoAnywhere Zero-Day Exploit
Cybersecurity firm Rubrik has confirmed being hit by the GoAnywhere zero-day exploit after the Cl0p ransomware group named the company on its leaked website. Read More

Microsoft Warns of Outlook Zero-Day Exploitation, Patches 80 Security Vulns
Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane. Read More

CISA now Warns Critical Infrastructure of Ransomware-Vulnerable Devices
Ransomware Vulnerability Warning Pilot (RVWP) program has two goals: to scan critical infrastructure entities' networks for Internet-exposed systems with vulnerabilities that ransomware attackers often exploit to breach networks and help vulnerable organizations fix the flaws before they get hacked. Read More

Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities
The security defect came to light, according to the Sunnyvale-based company, after multiple FortiGate devices belonging to an unnamed customer suffered from a "sudden system halt and subsequent boot failure," indicating an integrity breach. Read More

Universities and Colleges Cope Silently with Ransomware Attacks
Ransomware gangs like Vice Society target colleges and universities like every other sector, but they try hard to keep that information quiet. Read More

Open Letter Demands OWASP Overhaul, Warns of Mass Project Exodus
The viability of the Open Worldwide Application Security Project for the modern open-source software landscape has been called into question. Read More

A Spy Wants to Connect With You on LinkedIn
Russia, North Korea, Iran, and China have been caught using fake profiles to gather information. Read More

Ransomware Gang LockBit Claims to have Stolen Confidential SpaceX Data
An auction will apparently be held in a couple of days. Read More

China Sought Control of Submarine Cables to Spy, says Micronesia
The outgoing president alleges Beijing is systematically bullying strategically located island paradise. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

Microsoft recently announced a layoff of hundreds of employees, which included most of the AI ethics team. This raises concern for those in the cybersecurity field about how technology companies manage ethical principles in their AI-related product developments and usage. The layoffs on this team have sparked debate over how ethical issues should be approached in relation to AI, as well as criticism from those affected. Microsoft has stated that its commitment to upholding ethical standards remains unchanged.

Last week, SonicWall, an American cybersecurity company that sells a range of security appliances, reported that a malicious software called 'VPNFilter' has been infecting their devices. The malware is able to survive firmware upgrades, making it difficult to remove completely without professional assistance. This attack underscores the importance of regularly updating devices and having knowledgeable cybersecurity support.

Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.