Threat Landscape Briefing – May 2023

In this month’s briefing, we explore these topics:

• Uber drivers’ data stolen due to third-party data breach (timestamp – 00:51)
  • The world’s largest ride-sharing company, Uber, suffered a third-party data breach when information on Uber drivers was stolen from a law firm.
  • See Info-Tech’s Discover and Classify Your Data blueprint for guidance on discovering and classifying your data to better protect it.
• ChatGPT can be used as a malware machine after all (timestamp – 02:51)
  • Security researchers successfully used ChatGPT to generate sophisticated malware capable of exfiltrating sensitive data.
  • See Info-Tech’s Develop and Implement a Security Incident Management Program blueprint for information on preparing for an incident.
• Hackers can open Nexx garage doors remotely (timestamp – 04:15)
  • Nexx smart devices have been identified as having multiple vulnerabilities that can be exploited to gain access to and control devices such as garage doors, home alarms, and smart plugs.
  • See Info-Tech’s Secure IT/OT Convergence blueprint for guidance on securing the Internet of Things.
• Proxy-crypto-fragilistic jacking (timestamp – 06:45)
  • With proxyjacking, an attacker can use your system and internet connection without your knowledge to resell for a passive income.
  • Refer to Info-Tech’s Secure Your Hybrid Workforce blueprint to better protect your remote employees from this threat.

If you have a question or would like to receive these monthly briefings via email, submit a request here.