CyberSecure Specialist

07 Oct

Taiwan Probes Firms Suspected of Selling Chip Equipment to China’s Huawei Despite US Sanctions

Information, News

Taiwan authorities are investigating four Taiwan-based companies suspected of helping China’s Huawei Technologies to build semiconductor facilities. Minister of Economic Affairs Wang Mei-hua said Friday that the investigation will determine if the companies have violated regulations prohibiting sales of sensitive technologies and equipment to China. The Ministry of Economic Affairs summoned the semiconductor and factory services suppliers for questioning after a report by Bloomberg said they were working with Huawei as it builds a network…

Read More
06 Oct

Operation Jacana: Foundling hobbits in Guyana

Information

In February 2023, ESET researchers detected a spearphishing campaign targeting a governmental entity in Guyana. While we haven’t been able to link the campaign, which we named Operation Jacana, to any specific APT group, we believe with medium confidence that a China-aligned threat group is behind this incident. In the attack, the operators used a previously undocumented C++ backdoor that can exfiltrate files, manipulate Windows registry keys, execute CMD commands, and more. We named the…

Read More
06 Oct

MGM Resorts Says Ransomware Hack Cost $110 Million

Data Breaches, Information, News

Hospitality and entertainment giant MGM Resorts said costs from last month’s debilitating ransomware infection has exceeded $110 million, including $10 million in one-time consulting clean-up fees. In an SEC 8-K filing, MGM Resorts said the data-extortion attack caused operational disruptions, especially in its Las Vegas properties, and an estimated financial toll that includes about $100 million in lost revenue. MGM Resorts, which manages prominent hotels like Mandalay Bay (site of the Black Hat security conference),…

Read More
06 Oct

Android Devices With Backdoored Firmware Found in US Schools

Information, News

Tens of thousands of Android devices have been shipped to end-users with backdoored firmware, according to a warning from cybersecurity vendor Human Security. As part of the global cybercriminal operation called BadBox (PDF), Human Security found a threat actor relied on supply chain compromise to infect the firmware of more than 70,000 Android smartphones, CTV boxes, and tablet devices with the Triada malware. The infected devices come from at least one Chinese manufacturer but, before…

Read More
06 Oct

Apple Releases Security Updates for iOS and iPadOS

Attacks, Insights, Malware

Apple has released security updates to address vulnerabilities in iOS and iPadOS. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisory and apply the necessary updates: iOS 17.0.3 and iPadOS 17.0.3.

Read More
05 Oct

Playing your part in building a safer digital world: Why cybersecurity matters

Information

We Live Progress, Digital Security In an increasingly complex and interconnected digital landscape, personal cybersecurity empowers you to protect your data, privacy and digital well-being Phil Muncaster 03 Oct 2023  •  , 5 min. read We live in a digitally connected world. And for the most part, this has made our lives immeasurably better. Advances in technology have enabled everything from on-demand gaming to remote medical consultations. Incremental innovation keeps us safer, happier and more…

Read More
05 Oct

GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks

Information, News

Software development giant GitHub on Wednesday announced an enhancement to its secret scanning feature, now allowing users to check the validity of exposed credentials for major cloud services. Generally available since March 2023, the secret scanning feature is meant to help organizations and developers identify potentially exposed secrets in their repositories and take immediate action. Backed by a large number of service providers in the GitHub Partner Program, the feature sends alerts to developers when…

Read More
05 Oct

Atlassian Releases Security Advisory for Confluence Data Center and Server

Attacks, Insights, Malware

Atlassian released a security advisory to address a vulnerability affecting Confluence Data Center and Confluence Server. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following advisory and apply the necessary updates: CVE-2023-22515 – Privilege Escalation Vulnerability in Confluence Data Center and Server.

Read More
05 Oct

NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations

Attacks, Insights, Malware

Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. The misconfigurations in the CSA illustrate a trend of systemic weaknesses in many large organizations, including those with mature cyber…

Read More
04 Oct

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks

Information, News

Server and computer hardware giant Supermicro has released updates to address multiple vulnerabilities in Baseboard Management Controllers (BMC) IPMI firmware. The issues (tracked as CVE-2023-40284 to CVE-2023-40290) could allow remote attackers to gain root access to the BMC system, firmware supply chain security firm Binarly, which identified the bugs, explains. A special chip on server motherboards that support remote management, the BMC allows administrators to monitor various hardware variables and even update the UEFI system…

Read More