Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

It’s another new year and hence another occasion to predict how the cybersecurity landscape will evolve in 2023. Once again, it will be challenging, as most every year is, and could wind up being an unusually difficult 12 months because of multiple headwinds.

Industrial control systems are fundamental to all industrial processes, from power generation to water treatment and manufacturing. ICS refers to the collection of devices that govern a process to ensure its safe and effective execution. These devices include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control systems like Remote Terminal Units (RTU) and Programmable Logic Controllers (PLC).

The new year is upon us, but from a cybersecurity perspective, things look much the same as they did last year. January brought fresh attacks on a pair of familiar targets, high-stakes escalations in the ransomware game, and questionable crisis management from a high-profile victim. In other words, business as usual for cybercriminals! Let’s look at a few noteworthy cybercrimes from January 2023.

Cloud-native software development is a driving force because it empowers teams to build and deploy applications at speed and scale. Along with microservices, cloud infrastructure, and API’s, containers are a crucial part of this development process. Let’s look at the security implications of containers in cloud-native application development and how to manage the security challenges they pose.

Early Friday morning, February 3, 2023, Arctic Wolf Labs began monitoring a new ransomware campaign targeting public-facing ESXi servers. The campaign has grown exponentially over the weekend, with approximately 3,000 victims worldwide as of early-Monday morning. Based on reporting from OVH, the threat actors behind this campaign are likely leveraging a nearly two year old heap overflow vulnerability (CVE-2021-21974) in VMware ESXi’s OpenSLP service.

Today, Fireblocks is expanding access to the DeFi ecosystem on TRON, the second-largest DeFi protocol. Customers can now securely connect to TRON dApps through WalletConnect, starting with JustLend DAO and JustStables, with support for SUN to be added soon. Thousands of organizations rely on Fireblocks to securely access a range of DeFi applications across EVM and non-EVM chains – to date, the platform has powered over $150B in DeFi transactions.

Ransomware is one of the most painful threats to organizations worldwide. As this industry keeps on growing both in number of groups and improved technology, every now and then global authorities are able to get their hands on individuals and important data that can mitigate and prevent this threat. This week, the FBI was able to take down the notorious Hive Ransomware group’s Onion Site.

Over the weekend, a relatively new ransomware group named Nevada Ransomware initiated a first massive campaign, targeting any ESXi machine that is exposed to the internet. The group seemed to compromise hundreds of servers over the weekend and caused major damage. Although the scale of this campaign is one of the biggest we have seen, it might already have a solution.

According to a recent study, machine identities (IDs) are growing at twice the rate of human identities. To defend these machine identities in the IoT, privilege access management will be one of the most important areas of focus for businesses in the Internet of Things (IoT) space in 2023. As more and more devices are connected to the internet and can share data, it’s becoming increasingly important to make sure that only authorized users have access to sensitive information.