Threat Source newsletter (Jan. 12, 2023): Did ChatGPT write our newsletter?

Welcome to this week’s edition of the Threat Source newsletter.

We tried to get ChatGPT to write this week’s newsletter but it was at capacity, so you’ll have to stick with us for another week. Or maybe that’s just what the robots want you to think, you be the judge.

The one big thing

This week Talos hosted a 2022 Year in Review: APTs livestream. On the livestream we brought together subject matter experts to deep dive into the Advanced Persistent Threats section of our 2022 Year in Review. During the livestream the panel covered section findings but also gave further insights to the trends we saw over the 2022 year.

Why do I care?

Over the next few weeks we’ll continue to host livestreams with our SMEs and report contributors to give further insights into our report and its findings. If you’re not one for larger reports or extended reading, our Topic Summary reports provide a one-pager to quickly digest the information of corresponding sections. Read the newly released APT Topic Summary Report here.

So now what?

Join us for our final two livestreams, on LinkedIn and Twitter, on January 24^th and February 7^th as we continue to discuss the general threat landscape and conclude our report coverage with a panel discussion on ransomware and commodity loaders.

Top security headlines of the week

Microsoft released its monthly security update on Tuesday, disclosing 98 vulnerabilities. Of these vulnerabilities, 11 are classified as “Critical”, 87 are classified as “Important”, no vulnerabilities were classified as “Moderate.” (DarkReading) See Talos’ Patch Tuesday coverage for Snort rules and prominent vulnerabilities.

We’re only the second week into 2023 and ransomware isn’t taking any breaks this year. Maternal & Family Health Services, a Pennsylvania based nonprofit health provider, confirmed the ransomware attack had exposed almost half a billion individuals’ personal data. Impacted were current and former patients along with employees and vendors. (TechCrunch)

Suffering from a previous breach earlier this month CircleCI is in the news yet again as researchers warn the breach may have an impact on other third-party applications. Given CircleCI integration with SaaS and Cloud providers and it’s authentication process researchers urge users to rotate all secrets stored in CircleCI and hunt for malicious behavior on SaaS and cloud platforms. (SC Media)