Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month.

Governments everywhere are increasingly concerned about implementing frameworks to improve the protection of personal and commercial information and defend national security against cyberattacks. I was recently in Australia, and it was hard to ignore the news that the Australian government released a discussion paper to shape its work on its 2023 – 2030 cybersecurity strategy.

Earlier today, April 25, 2023, researchers Pedro Umbelino at Bitsight and Marco Lux at Curesec published their discovery of CVE-2023-29552, a new DDoS reflection/amplification attack vector leveraging the SLP protocol. If you are a Cloudflare customer, your services are already protected from this new attack vector.

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting newly added coverage for several recently discovered or analyzed ransomware and malware variants, including Sabbath ransomware, 3CXDesktopApp vulnerability, amongst others. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook™ to ensure coverage against these advanced threats.

Over the past few years, IT companies adopted IoT, wireless and hybrid networks to stay competitive and to meet the demands of their clients. Among these networks, wireless networks are the most common and the most vulnerable to cyberattacks as hackers constantly try to penetrate them. A cyberattack is initiated by planting a rogue device in your organization’s network.

Unfortunately, for LastPass and its users, this nightmare became a reality in August 2022 when a developer account was compromised. This led to a series of events that ultimately led to the exposure of sensitive customer data. A hacker exploited an employee to access the company’s data. But get this: the hacker exploited a three-year-old vulnerability that wasn’t patched. That’s like leaving your front door wide open for three years and being surprised when a burglar walks right in!

Supply chain attacks are a growing and increasingly sophisticated form of cyber threat. They target the complex network of relationships between organizations and their suppliers, vendors, and third-party service providers. These attacks exploit vulnerabilities that emerge due to the interconnected nature of digital supply chains, which often span multiple organizations, systems, and geographies.

Cybersecurity has become a top-of-mind concern for many C-level executives and board members. Data breaches are a daily occurrence and carry a hefty — and growing — price tag averaging $4.35 million worldwide, according to the latest Cost of a Data Breach report. However, this is only one of several potential cybersecurity risks that an organization can face.

AT&T Cybersecurity is committed to providing thought leadership to help you strategically plan for an evolving cybersecurity landscape. Our 2023 AT&T Cybersecurity Insights™ Report: Edge Ecosystem is now available. It describes the common characteristics of an edge computing environment, the top use cases and security trends, and key recommendations for strategic planning. This is the 12th edition of our vendor-neutral and forward-looking report.