Dr. Erdal Ozkaya
Search
  • Home
  • General, Cybersecurity, Video Tutorials
  • Cybersecurity Predictions for 2023 : free video tutorial

Cybersecurity Predictions for 2023 : free video tutorial

Hacking Trends 2023
Erdal2023-01-03T17:38:18-04:00

Cybersecurity Predictions for 2023

Table of Contents

  • Cybersecurity Predictions for 2023
    • Hacking Trends of 2022
      • Cyber Attacks Per Minute
      • Cost of Cybersecurity Per Minute
      • Cybersecurity Highlights from 2022
    • Predictions for 2023

The world of cybersecurity is rapidly changing, and it’s important for the industry to accurately forecast the trends of the future in order to stay ahead of evolving threats in the new year. Predicting the future might seem hard and inaccurate but not Cybersecurity. Grab your drink and watch this session to have a more secure year šŸ™‚

Cybersecurity Predictions for 2023 based on Hacking Trends of 2022 …

Hacking Trends of 2022

So, what happened last year, in summary :

  • Cyber Attack on Australia’s largest telco’s Telstra, Optus (and even TPG – Vodaphone)Ā 

Australia telecoms giant Optus said current and former customer data was accessed following a cyberattack on its systems. The telco giants have confirmed the attacks, about 1.2 million Optus customers were compromised.Ā  The breach affected 10 million customers, equivalent to around 40% of Australia’s population, attracted harsh criticism from the government.

The other giant Telstra were also “breached” and more then 30.000 employee details has been shared in a Hacking Forum šŸ™ You can read more about it here

  • NewsCorp hit with cyberattack, allegedly from China

NewsCorp confirmed that their data was taken by a foreign government. Mandient is alleging China is involved.Ā  Read more about this incident hereĀ 

  • Cash App data breach

More than 8 million users of the mobile payment application CashApp have been impacted by a data breach, according to a filing through the U.S. Securities and Exchange Commission by parent company Block Inc. Based on the filling those details has been breached : full names and brokerage account numbers as well as stock activity on Cash App .

  • Binance , bitcoin stolen in ā€˜large scale’ hack

Cryptocurrency exchange Binance has confirmed a ā€œlarge scaleā€ data breach, In a statement, the company said hackers stole API keys, two-factor codes and other information in the attack.

ā€œThe hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,ā€ the statement read. ā€œThe transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed.ā€

ā€œOnce executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,ā€ the statement said. You can read the statement hereĀ 

  • PressReader Suffers Cyber-Attack

World’s largest digital newspaper and magazine distributor Pressreader were a victim of a cyber breach too. Here is a summary of their statement

ā€œOur security teams have now classified this as a cyber security incident. This situation comes as companies across North America have seen an increase in security incidents over the past several weeks.ā€ You can read the full statement hereĀ 

  • Samsung confirms data breach, personal customer data stolen

Samsung has confirmed it suffered a data breach which led to the personal information of customers being leaked online, In a blog post. Samsung shared that added that an ā€œunauthorized third party” had acquired information from some of Samsung’s US systems, including names, contact information, dates of birth and product registration details. However, no credit card numbers, or social security numbers were breached. You can read the full blog post hereĀ 

  • Uber CISO has been arrested over failure of disclose a cyber breach

Uber’s former security chief has been found guilty of not disclosing a data breach at the ridesharing giant, in what is believed to be the first time a company executive has been charged over a hack. Joe Sullivan, the former security lead at Uber, guilty onĀ two counts in relation to the covering up of a breach of customer data in 2016.

  • US govt: Iranian hackers breached federal agency using Log4Shell exploit

The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining malware. The attackers compromised the federal network after hacking into an unpatched VMware Horizon server using an exploit targeting the Log4Shell (CVE-2021-44228) remote code execution vulnerability. Read the details in Bleeping Computer’s web siteĀ 

  • The North Face Credential Stuffing Attack Compromises 200,000 Accounts

The North Face suffered a credential stuffing attack that compromised over 194,905 accounts. The North Face sent out data breach notification letters and initiated password resets for impacted accounts, according to Bleeping Computer. You can read the details hereĀ 

  • Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies’ Data Leak

“This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services,” Microsoft it in this alert.

  • Cisco Hacked: Ransomware Gang Claims It Has 2.8GB Of Data

Cisco confirms hacking as Yanluowang ransomware group publishes a partial list of files it claims to have exfiltrated.

  • Okta Cyber Attack: Another Major Supply Chain Incident

On March 21st, 2022, the digital extortion group Lapsus$ claimed it had gained access to an administrative account for Okta, the identity management platform. According to Okta, thousands of organizations worldwide use its identity management platform to manage employee access to applications or devices. A breach of Okta’s systems represents a significant risk to Okta’s customers and the broader supply chain.

  • What is Spring4Shell?

Spring4Shell is a vulnerability in VMWare’s Spring Core Java framework – an open-source platform for developing Java applications. Spring is a highly-popular framework with 60% of Java developers depending on it for the production of their applications. Because of the framework’s dominance in the Java ecosystem, many applications could potentially be impacted by the Spring4Shell zero-day. In comparison, the Log4J framework is used by almost all Java-based web apps and cloud services, so though Spring4Shell is categorized as a critical vulnerability, it’s still significantly less dangerous than Log4Shell. The Spring4Shell vulnerability is being tracked as CVE-2022-22965.

  • Microsoft Digital Defense Report 2022

ā€œAttackers are adapting and finding new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure.ā€. Download the report here

Cyber Attacks Per Minute

  • Password Attacks 34.740
  • IoT Based Attacks 1.902
  • DDoS Attacks 1.095
  • Phishing Attacks 7
  • Malware Treats 18.265
  • Brute Force Authentication Attacks 48.706
  • SQL Injection Attacks 1 per 2 minutes
  • New threat detection 1 per 35 minutes
  • Supply Chain Attacks 1 every 35 minutes
  • Ransomware Attacks 1 Every 195 minutes

Cost of Cybersecurity Per Minute

  • Worldwide economic impact $1,141,553
  • Global cybersecurity spends $ 285,388
  • E-commerce payment fraud loss $38,052
  • Global ransomware damages $38,051
  • Amount lost to cryptocurrency cost $4,566
  • Average cost of breach $8
  • Average cost of a malware attack $5

Cybersecurity Highlights from 2022

  • There have been more than 6.3 billion attack attempts
  • White hat hackers earned over $19 million in bounties
  • You can purchase a consumer account for
  • Hackers create 400,000 new pieces of malware daily
  • $1 on the dark market
  • Phishing attacks make up over 80% of reported security activities.
  • Russian hackers can infiltrate a computer network in 18 minutes.
  • More than 6,000 online criminal marketplaces sell ransomware products and services.

Predictions for 2023

  • Web Application and API Attacks will rise
  • Ransomware business models will continue to evolve
  • Misconfiguration attacks will not go away
  • Supply Chain attacks will be increased
  • Data privacy laws are getting more strict
  • Cloud Attacks will not decrease
  • Social Engineering is also not going anywhere
  • APIs will cause Unforeseen Breaches
  • Hackers will find a way to breach MFA
  • Firmware attacks will be even more popular

Summary of Cyber Recommendations for 2023Ā 

  • Adopt Assume Breach mentality
  • Implement Defense in Depth
  • Adopt Zero Trust
  • Utilize AI
  • Build a better Cyber Reslince Program
  • Think like a hacker
  • DevSecOps will become business-critical
  • Use EDR where possible if not use Open EDR
  • Invest in Cyber Threat Intelligence
  • Adopt a Vulnerability management which isĀ risk-based
  • Invest in Security Awareness Training

Cybersecurity Predictions for 2023
Cybersecurity Predictions for 2023

Supply Chain Attacks

Software supply chain attacks, such as the headline-making incidents that impacted SolarWinds and Kaseya, have brought the importance of understanding your software dependencies into sharp focus. In 2021, U.S. President Joe Biden issued an executive order on improving the nation’s cybersecurity that requires software sellers to provide federal procurement agents with a Software Bill of Materials (SBOM) for each software application. An SBOM is a list of every software component that comprises an application and includes every library in the application’s code, as well as services, dependencies, compositions and extensions.

Private sector companies are also increasingly required to have SBOMs as many large enterprises now demand them as a part of their Master Service Agreement (MSA) with a software provider. Security industry analysts believe SBOMs will soon become standard practice as part of the procurement process.

A more recent memorandum from Office of Management and Budget (OMB) goes even deeper and includes new security requirements that federal agencies must comply with on software supply chain security matters. The memo requires software producers to attest to compliance with NIST Guidance, so companies that want to sell their software to the government will need to assess and attest their

 

To watch more Video Tutorials , click hereĀ 

Keywords

gartner cybersecurity trends 2023 – cybersecurity trends 2023 pdf – cybersecurity challenges 2023 – cybersecurity threats 2023 – cyber security in 2025 – Assume Breach – Cybersecurity Predictions for 2023 : free video tutorial – cybersecurity predictions – predictions for cybersecurity –

Is there a future in cybersecurity?

What will cybersecurity look like in 2023?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *


Related Posts

Cybersecurity community meet up London

Cybersecurity community meet up London – Free Pizzas

Cybersecurity community meet up London If you are in London and you want to join our Cybersecurity community meet up, join... read more
Tag Heuer Connected Calibre E4 Review

Tag Heuer Connected Calibre E4 Review – Honest Guide

Tag Heuer Connected Calibre E4 Review Here is the honest review of the brand-new Tag Heuer Connected Edition 4 comprehensive review.... read more

Pen Test Magazine – inspiring Interview with Erdal Ozkaya 2012

Pen Test Magazine - inspiring Interview with Erdal Ozkaya 2012 Erdal Ozkaya is the founder and Senior Microsoft Instructor of CEO... read more
Hacking Countermeasures Erdal Ozkaya

Free Hacking Course : Hacking Countermeasures 4 weeks

Free Hacking Course : Hacking Countermeasures In this FREE COURSE subject, students will learn how to scan, test, hack and secure... read more
Inspire Keynote Speaker Ozkaya

Inspire speaker at Arab Emerging technologies & Startups conference

I will be presenting the keynote at the Arab EmTech & Startups Conference whichĀ focuses on how organizations or Startups in... read more
Time to patch Windows

Time to patch Windows (July 2019 updates)

Time to patch Windows Microsoft has just released today (10 July 2019) new patches, and here is what you need to... read more
Cybersecurity Securing Africa

Cybersecurity Securing Africa’s Businesses -2019 – Free to join

Cybersecurity Securing Africa 's Businesses Africa is a region often overlooked when it comes to cybersecurity. Although cyber infrastructure is not... read more
Sentinel's Talk Show with Dr Erdal Ozkaya - Global CISO

Sentinel Talk Show – Coming very soon for Free ( October 2021)

Sentinel Talk Show Sentinel Talk Show will have weekly Technology leaders as guests , hosted by Dr Erdal Ozkaya discussingĀ  current... read more
Top Cyber blogs

Best Cybersecurity Blogs – Top 100 –

Best Cybersecurity Blogs I am delighted to announce that my blog has been recognized in the Top 100 Cybersecurity blogs by... read more
Australian Information Security Association

AUSTRALIA UNDER ATTACK – Free Event 2010

AUSTRALIA UNDER ATTACK AISA November is a month which is serving YOU to help learning, This will be my third conference in... read more

Categories

  • About Dr Erdal Ozkaya (300)
    • Awards (97)
    • Erdal in the news (121)
    • Feedback (88)
    • My Books (53)
    • Who is Dr Erdal Ozkaya ? (2)
  • Announcemets (305)
  • Artificial Intelligence AI (11)
  • Certification (52)
  • Cloud Computing (73)
  • Cybersecurity (325)
  • Cybersecurity Leadership (58)
  • Digital Transformation (2)
  • Financial Sector (31)
  • Forensics (17)
  • Free Events (166)
  • General (138)
  • How to …? (61)
  • ISO 2700x (12)
  • News (38)
  • Reviews (77)
    • Book Reviews (32)
    • Free E-Books (14)
    • Hardware Review (9)
    • Security Review / Reports (10)
    • Software Review (8)
  • Siber Güvenlik (17)
  • Video Tutorials (101)
  • What is new? (27)
  • Windows (30)

Recent Comments

  • Sabri Kızmaz on Finans Sektƶrü Odaklı Siber Tatbikat
  • celal bayar on Finans Sektƶrü Odaklı Siber Tatbikat
  • Erdal on Free EDR Certification Training
  • SANDEEP SHRIVASTAV on Free EDR Certification Training
  • Alicia Harlow on Core isolation Memory Integrity not available – (Get it fixed)

Archives

Dr. Erdal Ozkaya © Copyright 2023. All Rights Reserved.