Vigilance isn’t purely receptive. Without criticism, it will become blind with detail.
Nation-states exploit the WinRAR vulnerability. Criminals leak more stolen 23andMe data. QR codes as a risk. NSA and partners offer anti-phishing guidance. A Ukrainian hacktivist auxiliary takes down Trigona privateers. Hacktivism and influence operations remain the major cyber features of the Hamas-Israeli war. On today’s Threat Vector, David Moulton speaks with Kate Naunheim, Cyber Risk Management Director at Unit 42, about the new cybersecurity regulations introduced by the SEC. Our own Rick Howard talks with Jen Miller Osborn about the 10th anniversary of ATT&CKcon. And the epistemology of open source intelligence: tweets, TikToks, Instagrams–they’re not necessarily ground truth.
To delve further into this topic, check out this upcoming webinar by Palo Alto's Unit 42 team on November 9, 2023, "The Ransomware Landscape: Threats Driving the SEC Rule and Other Regulations."
Please share your thoughts with us for future Threat Vector segments by taking our brief survey.
To learn what is top of mind each month from the experts at Unit 42 sign up for their Threat Intel Bulletin.
The forgotten malvertising campaign (Malwarebytes)
Hacker leaks millions of new 23andMe genetic data profiles (BleepingComputer)
Exploring The Malicious Usage of QR Codes (SlashNext |)
How to Protect Against Evolving Phishing Attacks (National Security Agency/Central Security Service)
Ukrainian activists hack Trigona ransomware gang, wipe servers (BleepingComputer)
Three clues the Ahli Arab Hospital strike came from Gaza (The Telegraph)