InfraGard data for sale. Cyberespionage warnings. Data sharing practices. Malicious drivers with legitimate signatures. Patch Tuesday. Task Force KleptoCapture indicts five Russian nationals.
The FBI’s InfraGard user data shows up for sale. An update on Iranian cyber operations. NSA warns of Chinese cyber threats. Challenges in sharing data for threat detection and prevention. Legitimately signed drivers are used in targeted attacks. Patch Tuesday addressed a lot of actively exploited issues. Tim Starks from the Washington Post Cybersecurity 202 shares his reporting on ICS vulnerabilities. Our guest is Mike Fey from Island with an introduction to the enterprise browser space. And the US indicts five Russian nationals on sanctions-evasion charges.
FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked (KrebsOnSecurity)
NSA Outs Chinese Hackers Exploiting Citrix Zero-Day (SecurityWeek)
Effect of data on Federal agencies' policies. (CyberWire)
SAP Security Patch Day December 2022 (Onapsis)
December 2022 Security Updates (Microsoft Security Response Center)
December Patch Tuesday Updates | 2022 - Syxsense Inc (Syxsense Inc)
Microsoft December 2022 Patch Tuesday fixes 2 zero-days, 49 flaws (BleepingComputer)
Apple security updates (Apple Support)
VMware Patches VM Escape Flaw Exploited at Geekpwn Event (SecurityWeek)
Experts detailed a previously undetected VMware ESXi backdoor (Security Affairs)
Adobe Patches 38 Flaws in Enterprise Software Products (SecurityWeek)
Russian Military and Intelligence Agencies Procurement Network Indicted in Brooklyn Federal Court (US Department of Justice)