The cybersecurity landscape from the week of November 5 to November 11, 2023, was marked by several significant events:
Boeing Data Breach by Lockbit: Boeing, a major defense and space contractor, experienced a data breach. Internal data from the company was published online by the cybercrime gang Lockbit. This incident highlights the ongoing threat posed by cybercrime groups to significant corporate and governmental entities.
NIST SP 800-53 Release 5.1.1 Update: The National Institute of Standards and Technology (NIST) issued SP 800-53 Release 5.1.1, an update concerning cybersecurity and privacy controls. This release provides organizations using SP 800-53r5 (Revision 5) the option to defer implementing the changes in this patch release until the release of SP 800-53 Release 6.0.0. This update is critical for maintaining the integrity and
DP World Australia’s port operations hit by cyber attack:Global ports operator DP WorldAustralia has restricted access to its ports as it works to contain a cyber security incident that is likely to disrupt the movement of goods for days. DP World Australia, part of Dubai’s state-owned ports giant DP World, operates four container terminals in Australia in Melbourne, Sydney, Brisbane and in Fremantle, Western Australia
Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518: On October 31, 2023, Atlassian published an advisory on CVE-2023-22518, an Improper authorization vulnerability involving the Confluence Data Center and Server. nitially reported to cause data loss, it was eventually revealed that exploiting this vulnerability allows unauthorized users to reset and create a Confluence instance administrator account, allowing them to perform all admin privileges available to these accounts.