Cyber security news December 2023

This posting is here to collect cyber security news in December 2023.

I post links to security vulnerability news to comments of this article.

You are also free to post related links to comments.

69 Comments

  1. Tomi Engdahl says:

    A quiet cybersecurity revolution is touching every corner of the economy as U.S., allies ‘pull all the levers’ to face new threats
    https://fortune.com/2023/12/20/quiet-cybersecurity-revolution-economy-us-allies-new-threats-regulation-politics-tech-eric-noonan/

    On Dec. 15, the Securities and Exchange Commission’s (SEC’s) expanded cybersecurity rules came into effect, requiring public companies to disclose incidents within four business days. That means headline-grabbing breaches–such as the one that affected all Okta customer support system users or the 23andMe hack that included the information of nearly 7 million customers–will have even greater consequences than whatever data was compromised. And the SEC rules are only the tip of the iceberg of changes to regulatory compliance.

    With little fanfare and largely unnoticed by the press, institutional investors, or anyone else, the federal government is quietly directing a seismic shift in the economy by mandating stringent cybersecurity compliance across all 16 critical infrastructure sectors

    Reply
  2. Tomi Engdahl says:

    Apple Shuts Down Flipper Zero’s Ability to Shut Down iPhones
    IOS 17.2 cut off Flipper Zero users running the Xtreme third-party firmware from mass-spamming popups at iPhones.
    https://gizmodo.com/apple-fixes-flipper-zero-shutting-down-iphones-1851102972

    Reply
  3. Tomi Engdahl says:

    5Ghoul: Singaporean researchers discover security flaws in almost all 5G smartphones
    https://soyacincau.com/2023/12/10/5ghoul-singaporean-researchers-discover-security-flaws-in-almost-all-5g-smartphones/

    A group of Singaporean researchers have discovered not one, not two but a total of fourteen security flaws that affect over 700 different 5G smartphones out there. Collectively dubbed ‘5Ghoul’, these security vulnerabilities also affect other devices such as routers and modems too.

    Researchers from the Singapore University of Technology and Design were apparently just messing around with 5G modem firmware, when they found these flaws that could be easily exploited over the air simply by impersonating a 5G base station. But perhaps crucially though, the hacker won’t even need details such as SIM card information to exploit 5Ghoul, merely needing to impersonate the cell tower with known connection parameters.

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*