September 2023


 

SEC Approves Cyber Incident Reporting Rules for Public Companies

https://www.wsj.com/articles/sec-approves-cyber-incident-reporting-rules-for-public-companies-cc69bc4f


Chinese Hackers Breached E-Mail Accounts of Top U.S. Diplomats

https://www.cnbc.com/2023/07/21/china-hackers-breach-emails-of-us-diplomats-nicholas-burns-kritenbrink.html

Thought Leadership on What Happened / Investigation

https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr

This is Microsoft’s response. If you had E5 you would have log retention. Now included in lesser licensing packages. CISA and Microsoft Partnership Expands Access to Logging Capabilities Broadly

https://www.cisa.gov/news-events/news/cisa-and-microsoft-partnership-expands-access-logging-capabilities-broadly

Microsoft Teams “TeamsPhisher” Exploit 

https://www.darkreading.com/perimeter/microsoft-teams-exploit-toll-autodeliver-malware

Chat GPT Breach 

https://www.bleepingcomputer.com/news/security/over-100-000-chatgpt-accounts-stolen-via-info-stealing-malware/?latest

New York State Debuts First Cybersecurity Strategy

https://www.wsj.com/articles/new-york-state-to-debut-first-cybersecurity-strategy-4d5e37ed

NIST Drafts Major Update to Its Widely Used Cybersecurity Framework

https://www.nist.gov/news-events/news/2023/08/nist-drafts-major-update-its-widely-used-cybersecurity-framework