Continuous Monitoring and Protection
Microsoft has released updates addressing multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s November 2023 Security Update Guide and apply the necessary updates.
Read MoreThe ransomware and data extortion group RansomedVC announced plans to shut down the project and sell parts of its infrastructure. RansomedVC has only been around for a few months, operating under the ransomware-as-a-service (RaaS) business model. The group has listed more than 40 organizations on its leak site, demanding ransom payments of up to $1 million, depending on the victim’s size. The group mainly focuses on organizations in Europe, but recently claimed responsibility for attacks…
Read MoreToday, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and CISA released Business Continuity in a Box. Business Continuity in a Box, developed by ACSC with contributions from CISA, assists organizations with swiftly and securely standing up critical business functions during or following a cyber incident. Comprised of two core components—Continuity of Communications and Continuity of Applications—Business Continuity in a Box is designed for situations where the availability or integrity of an organization’s…
Read MoreToday, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released an update to joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware. The updated advisory provides network defenders with additional information on tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as June 2023. Royal ransomware attacks have spread across numerous critical infrastructure sectors including, but not…
Read MoreIn the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account. Entering my…
Read MoreBusiness Security By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk Phil Muncaster 10 Nov 2023 • , 4 min. read When it comes to mitigating an organization’s cyber risk, knowledge and expertise are power. That alone should make cyber threat intelligence (TI) a key priority for any organization. Unfortunately, this often isn’t the case. Among the…
Read MoreThe Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spyware 10 Nov 2023 This week, ESET researchers have described the ins and outs of a so-called watering-hole attack against a news website that delivers news about Gilgit-Baltistan, which is part of the disputed Kashmir region administered by Pakistan. When opened on a mobile device, the Urdu version…
Read MoreCanadian attack surface management firm Cavelo has raised CA$5 million (approximately US$3.6 million) in a seed funding round that brings the total raised by the company to CA$6.3 million (roughly US$4.5 million). The new investment round was led by Inovia Capital, with participation from Graphite Ventures and other existing investors. Founded in 2020, the Waterloo-based cybersecurity startup provides organizations with the necessary means to scan their environments for data that might be at risk in…
Read MoreSecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…
Read MoreESET researchers have identified what appears to be a watering-hole attack on a regional news website that delivers news about Gilgit-Baltistan, a disputed region administered by Pakistan. When opened on a mobile device, the Urdu version of the Hunza News website offers readers the possibility to download the Hunza News Android app directly from the website, but the app has malicious espionage capabilities. We named this previously unknown spyware Kamran because of its package name…
Read More