CyberSecure Specialist

06 Nov

CISA Published When to Issue VEX Information

Attacks, Insights, Malware

Today, CISA published When to Issue Vulnerability Exploitability eXchange (VEX) Information, developed by a community of industry and government experts with the goal to offer some guidance and structure for the software security world, including the large and growing global SBOM community. This guide explains the circumstances and events that could lead an entity to issue VEX information and describes the entities that create or consume VEX information. Whether, and when, to issue VEX information…

Read More
06 Nov

Exploitation of Critical Confluence Vulnerability Begins

Information, News

The first in-the-wild exploitation attempts targeting a recent vulnerability in Atlassian Confluence Data Center and Confluence Server were observed over the weekend, threat intelligence firm GreyNoise warns. Patched a week ago, the critical security defect tracked as CVE-2023-22518 (CVSS score of 9.1) is an improper authorization flaw that could lead to “significant data loss”, Atlassian warned. The issue impacts all Confluence versions. Less than five days after releasing the patch, Atlassian issued a second warning,…

Read More
05 Nov

The mysterious demise of the Mozi botnet – Week in security with Tony Anscombe

Information

Video Various questions linger following the botnet’s sudden and deliberate demise, including: who actually initiated it? 03 Nov 2023 This week, ESET researchers described what they had aptly called “a fascinating case of cyberforensics” – the sudden and mysterious shutdown of the Mozi botnet. One of the world’s most notorious IoT botnets experienced a sudden drop in activity in August, first in India and then in China. This ultimately led the researchers to the discovery…

Read More
03 Nov

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop

Data Breaches, Information, News

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop, exposing credentials that led to the theft of data from multiple Okta customers. A brief post-mortem from Okta security chief David Bradbury said the internal lapse was the “most likely avenue” for the breach that ensnared hundreds of Okta customers, including cybersecurity companies BeyondTrust and Cloudflare. “We can confirm that from…

Read More
02 Nov

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Information, Insights

The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here’s a closer look at the Russia-based SWAT USA Drop Service, which currently employs more than 1,200 people across the United States who are knowingly or unwittingly involved in reshipping expensive consumer goods purchased with stolen credit cards. Among the most common ways…

Read More
02 Nov

Who killed Mozi? Finally putting the IoT zombie botnet in its grave

Information

ESET Research How ESET Research found a kill switch that had been used to take down one of the most prolific botnets out there 01 Nov 2023  •  , 3 min. read In August 2023, the notorious Mozi botnet, infamous for exploiting vulnerabilities in hundreds of thousands of IoT devices each year, experienced a sudden and unanticipated nosedive in activity. First observed in India on August 8th, 2023 and a week later in China on…

Read More
01 Nov

Countries at a UK Summit Pledge to Tackle AI’s Potentially ‘Catastrophic’ Risks

Information, News

Delegates from 28 nations, including the U.S. and China, agreed Wednesday to work together to contain the potentially “catastrophic” risks posed by galloping advances in artificial intelligence. The first international AI Safety Summit, held at a former codebreaking spy base near London, focused on cutting-edge “frontier” AI that some scientists warn could pose a risk to humanity’s very existence. British Prime Minister Rishi Sunak said the declaration was “a landmark achievement that sees the world’s…

Read More
01 Nov

Mozi Botnet Likely Killed by Its Creators

Information, News

The recent shutdown of the Mozi botnet is believed to be the work of its operators, who may have been forced to kill their creation by Chinese authorities. This is a theory from cybersecurity firm ESET, whose researchers recently discovered a kill switch suggesting that the takedown was deliberate.  Mozi emerged in September 2019 and at one point it was a highly active botnet, accounting for a large chunk of the traffic associated with IoT…

Read More
01 Nov

Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges

Information, News

VMware Carbon Black’s Threat Analysis Unit (TAU) has identified dozens of previously unknown vulnerable kernel drivers that could be exploited by attackers to alter firmware or escalate privileges. It’s not uncommon for threat actors, including cybercriminals and state-sponsored groups, to abuse kernel drivers in their operations. Such drivers can allow malicious hackers to manipulate system processes, maintain persistence on a system, and evade security products. VMware’s TAU collected roughly 18,000 Windows driver samples from VirusTotal…

Read More
01 Nov

20 scary cybersecurity facts and figures for a haunting Halloween

Information

Digital Security Cybersecurity Awareness Month draws to a close and Halloween is just around the corner, so here is a bunch of spine-tingling figures about some very real tricks and threats lurking online Phil Muncaster 30 Oct 2023  •  , 4 min. read October is Cybersecurity Awareness Month (CSAM) in the US and Canada and European Cybersecurity Month (ECMS) on the other side of the pond. These campaigns represent a great opportunity to share best…

Read More