CyberSecure Specialist

10 Nov

Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan

Information

ESET researchers have identified what appears to be a watering-hole attack on a regional news website that delivers news about Gilgit-Baltistan, a disputed region administered by Pakistan. When opened on a mobile device, the Urdu version of the Hunza News website offers readers the possibility to download the Hunza News Android app directly from the website, but the app has malicious espionage capabilities. We named this previously unknown spyware Kamran because of its package name…

Read More
10 Nov

Intel Sued Over ‘Downfall’ CPU Vulnerability 

Information, News

A class action lawsuit has been filed against Intel over its handling of speculative execution vulnerabilities found in its CPUs, particularly the recently disclosed attack method named Downfall.  A 112-page class action complaint was filed this week by plaintiffs represented by Bathaee Dunne. News of a Bathaee Dunne-led lawsuit against Intel over the Downfall vulnerability emerged in late August, when the law firm announced that it was preparing to file a complaint. The plaintiffs say…

Read More
09 Nov

‘BlazeStealer’ Malware Delivered to Python Developers Looking for Obfuscation Tools

Information, Malware, News

Malicious Python packages posing as obfuscators have been targeting developers with malware that takes control over the infected systems, application security firm Checkmarx warns. Featuring names that start with ‘pyobf’ and masquerading as tools typically used by developers, the malicious packages deploy a payload dubbed ‘BlazeStealer’, to control the victim’s system and spy on them. BlazeStealer, Checkmarx has discovered, fetches a malicious script to enable a Discord bot and provide the attackers with control over…

Read More
09 Nov

CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain

Attacks, Insights, Malware

Today, CISA, the National Security Agency (NSA), and partners released Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption. Developed through the Enduring Security Framework (ESF), this guidance provides software developers and suppliers with industry best practices and principles, including managing open source software and software bills of materials (SBOM), to maintain and provide awareness about the security of software. Organizations can use this guide to assess and measure their security…

Read More
08 Nov

FBI Highlights Emerging Initial Access Methods Used by Ransomware Groups 

Information, News

The FBI has released a fresh warning on ransomware operators compromising third-party vendors and services to abuse them for initial access to victim environments. Threat actors have been observed exploiting vulnerabilities in vendor-controlled remote access to servers and abusing legitimate system management tools to elevate permissions in victim organizations’ networks, the Bureau says. “The FBI continues to track reporting of third-party vendors and services as an attack vector for ransomware incidents,” the agency notes in…

Read More
07 Nov

Navigating the security and privacy challenges of large language models

Information

Business Security Organizations that intend to tap the potential of LLMs must also be able to manage the risks that could otherwise erode the technology’s business value Phil Muncaster 06 Nov 2023  •  , 5 min. read Everyone’s talking about ChatGPT, Bard and generative AI as such. But after the hype inevitably comes the reality check. While business and IT leaders alike are abuzz with the disruptive potential of the technology in areas like customer…

Read More
07 Nov

FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents

Attacks, Insights, Malware

Today, the Federal Emergency Management Agency (FEMA) and the Cybersecurity and Infrastructure Security Agency (CISA) released the joint guide Planning Considerations for Cyber Incidents: Guidance for Emergency Managers to provide state, local, tribal, and territorial (SLTT) emergency managers with foundational knowledge of cyber incidents to increase cyber preparedness efforts in their jurisdictions. Emergency managers should be able to understand and prepare for the potential impacts of cyber incidents on their communities and emergency operations. FEMA…

Read More
07 Nov

CISA Releases Guidance for Addressing Citrix NetScaler ADC and Gateway Vulnerability CVE-2023-4966, Citrix Bleed

Attacks, Insights, Malware

Today, CISA, in response to active, targeted exploitation, released guidance for addressing Citrix NetScaler ADC and Gateway vulnerability CVE-2023-4966. The vulnerability, also known as Citrix Bleed, could allow a cyber actor to take control of an affected system. CISA recommends organizations patch unmitigated appliances, hunt for any malicious activity, and report any positive findings to CISA. Review CISA’s guidance for more information.

Read More
07 Nov

Federal Push for Secure-by-Design: What It Means for Developers

Information, News, Uncategorized

Secure-by-design as a requirement is coming. Developers should start preparing for it now. The March 2023 National Cybersecurity Strategy (NCS) includes, “In setting cybersecurity regulations for critical infrastructure, regulators are encouraged to drive the adoption of secure-by-design principles…” There are two important elements to this. The concept of secure-by-design is introduced but not defined; and it is implied that this undefined concept will be enforced on the critical infrastructure by regulations that are yet to…

Read More
06 Nov

Who’s Behind the SWAT USA Reshipping Service?

Information, Insights

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity of “Fearlless,” the nickname chosen by the proprietor of the SWAT USA Drops service. Based in Russia, SWAT USA recruits people in the United States to reship packages containing pricey electronics that are purchased with stolen…

Read More