CyberSecure Specialist

12 Oct

6 steps to getting the board on board with your cybersecurity program

Information

Business Security How CISOs and their peers can better engage with boards to get long-term buy-in for strategic initiatives Phil Muncaster 11 Oct 2023  •  , 4 min. read Building a safer digital world requires action on several fronts. Initiatives like Cybersecurity Awareness Month (CSAM) are great opportunities to remind the general public of important best practices for password management, vulnerability patching and more. But while this can help make life tougher for cybercriminals targeting…

Read More
12 Oct

Virus Bulletin PUA – a love letter

Information

Digital Security Late nights at VB2023 featured intriguing interactions between security experts and the somewhat enigmatic world of grayware purveyors Cameron Camp 10 Oct 2023  •  , 3 min. read Late night at VB2023 is when the goblins come out – crafted visages of carefully-played fans cum lures foisted by the industry of potentially unwanted application (PUA) vendors, sponsored- and pay-per-click application installers, and other download monetizers that form up a multibillion dollar ecosystem. And…

Read More
12 Oct

Virus Bulletin – building digital armies

Information

Cybercrime Security researchers, global organizations, law enforcement and other government agencies need to have the right conversations and test potential scenarios without the pressure of an actual attack Cameron Camp 11 Oct 2023  •  , 3 min. read Squashing malware groups involves imposing steep costs on small ad hoc groups. But those actions are slowly ebbing in favor of going after much more organized actor groups aligned in support of nation-state-aligned ideals. Doing that is…

Read More
12 Oct

SEC Investigating Progress Software Over MOVEit Hack

Data Breaches, Information, News

The US Securities and Exchange Commission is launching its own investigation into the vulnerability in Progress Software’s MOVEit transfer tool that exposed data from more than 2,000 organizations and 60 million individuals. Tracked as CVE-2023-34362, the flaw was exploited as a zero-day by the notorious Russia-linked Cl0p ransomware group to steal data from organizations using the MOVEit Transfer managed file transfer (MFT) software. Of the victim organizations, roughly 900 are schools in the United States,…

Read More
12 Oct

CISA Releases Nineteen Industrial Control Systems Advisories

Attacks, Insights, Malware

CISA released nineteen Industrial Control Systems (ICS) advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-285-01 Siemens SIMATIC CP products ICSA-23-285-02 Siemens SCALANCE W1750D ICSA-23-285-03 Siemens SICAM A8000 Devices ICSA-23-285-04 Siemens Xpedition Layout Browser ICSA-23-285-05 Siemens Simcenter Amesim ICSA-23-285-06 Siemens SICAM PAS/PQS ICSA-23-285-07 Siemens RUGGEDCOM APE180 ICSA-23-285-08 Siemens SINEC NMS ICSA-23-285-09 Siemens CPCI85 Firmware of SICAM A8000 Devices ICSA-23-285-10 Siemens Tecnomatix Plant Simulation  ICSA-23-285-11…

Read More
12 Oct

CISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware

Attacks, Insights, Malware

Today, as part of the Ransomware Vulnerability Warning Pilot (RVWP), CISA launched two new resources for combating ransomware campaigns: A “Known to be Used in Ransomware Campaigns” column in the KEV Catalog that identifies KEVs associated with ransomware campaigns. A “Misconfigurations and Weaknesses Known to be Used in Ransomware Campaigns” table on StopRansomware.gov that identifies misconfigurations and weaknesses associated with ransomware campaigns. The table features a column that identifies the Cyber Performance Goal (CPG) action for each misconfiguration…

Read More
11 Oct

Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk

Information, News

The maintainers of the cURL data transfer project on Wednesday rolled out patches for a severe memory corruption vulnerability that exposes millions of enterprise OSes, applications and devices to malicious hacker attacks. According to an high-risk bulletin, the flaw poses a direct threat to the SOCKS5 proxy handshake process in cURL and can be exploited remotely in some non-standard configurations. The bug, tracked as CVE-2023-38545, exists in the libcurl library that handles data exchange between…

Read More
11 Oct

FBI and CISA Release Update on AvosLocker Advisory

Attacks, Insights, Malware

Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA), #StopRansomware: AvosLocker Ransomware (Update) to disseminate known indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods associated with the AvosLocker variant identified through FBI investigations as recently as May 2023. This release updates the March 17, 2022 joint CSA, Indicators of Compromise Associated with AvosLocker ransomware, released by FBI, CISA, and the…

Read More
10 Oct

Patch Tuesday, October 2023 Edition

Information, Insights

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS. Apple last week shipped emergency updates in iOS 17.0.3 and iPadOS 17.0.3 in response to active attacks. The patch fixes CVE-2023-42724, which attackers have been using in targeted attacks to elevate their…

Read More
10 Oct

Your family, home and small business need a cyber-resilience strategy, too!

Information

Digital Security Your preparedness to deal with cyberattacks is key for lessening the impact of a successful incident – even in home and small business environments Tony Anscombe 09 Oct 2023  •  , 3 min. read Cybersecurity Awareness Month (CSAM) is upon us again. Much like European Cyber Security Month (ECSM), this important initiative is focused on raising awareness of the risks associated with the digital world we live in, and, hopefully, initiate changes in…

Read More