HoHoHo Holiday routines… – DataBreaches.Net

RedSense has issued a new paper that starts with a reminder:

Holidays Routine 2022/23: Not Novel

Naughty or nice, there’s a few things in cyber circuits that won’t change in this year’s Holiday Season.
1. Threat actors are financially motivated, driven by human needs, and the holidays are expensive
2. Threat actors stereotypically choose simple solutions available for their problem space(s)
3. Unmanaged digital disarray carries potential for breach consequences

Threat actors are also creatures of habit, often leveraging shared TTPs and re-used services and infrastructure, which gives defenders a significant potential advantage. Take for instance the ‘not novel’ tactics recently employed by recent ransomware campaign for Daixin, Hive, and Cuba……

Download the newest fact sheet from RedSense and their recommendations for prioritizing.

Resource: NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach
Cyber-Attack On Bectu’s Parent Union Sparks UK National Security Concerns
John Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion Attempt
A business's cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why?
Scenes from a "No Kings" Protest, 10-18-25

Related: