CyberSecure Specialist

26 Oct

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data

Information, News

Open source data integration platform Mirth Connect is affected by a remote code execution vulnerability that can be exploited without authentication, cybersecurity firm Horizon3.ai warns. Developed by NextGen HealthCare, Mirth Connect is a cross-platform interface engine that healthcare organizations rely on for information management. Tracked as CVE-2023-43208, the newly disclosed issue is a bypass for a critical-severity RCE flaw (CVE-2023-37679, CVSS score of 9.8) that was disclosed in August 2023 and which was addressed with…

Read More
26 Oct

VMware Releases Security Advisory for vCenter Server

Attacks, Insights, Malware

VMware released a security advisory for a vulnerability (CVE-2023-34048) affecting the VMware vCenter Server and (CVE-2023-34056) affecting [VMware Cloud Foundation]. A remote cyber actor could exploit these vulnerabilities to obtain information or take control of an affected system. CISA encourages users and administrators to review the VMware vCenter Server Out-of-Bounds Write Vulnerability VMSA-2023-0023 advisory and apply the necessary updates.  

Read More
26 Oct

Apple Releases Security Advisories for Multiple Products

Attacks, Insights, Malware

Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates: iOS 17.1 and iPadOS 17.1 iOS 16.7.2 and iPadOS 16.7.2 iOS 15.8 and iPadOS 15.8 macOS Sonoma 14.1 macOS Ventura 13.6.1 macOS Monterey 12.7.1 tvOS 17.1 watchOS 10.1 Safari 17.1

Read More
25 Oct

‘YoroTrooper’ Espionage Group Linked to Kazakhstan

Information, News

The YoroTrooper espionage group likely consists of individuals from Kazakhstan, Cisco’s Talos security researchers report. Active since at least June 2022 and initially detailed in March this year, YoroTrooper has been observed targeting government entities in Azerbaijan, Kyrgyzstan, Tajikistan, and other Commonwealth of Independent States (CIS) countries. According to Cisco’s latest report on the advanced persistent threat (APT) actor, the operations appear to be conducted by individuals from Kazakhstan, based on the use of Kazakh…

Read More
25 Oct

One login to rule them all: Should you sign in with Google or Facebook on other websites?

Information

Digital Security Why use and keep track of a zillion discrete accounts when you can log into so many apps and websites using your Facebook or Google credentials, right? Not so fast. What’s the trade-off? André Lameiras 23 Oct 2023  •  , 6 min. read “Continue with Google” – such a seamless way to sign up for and log into a website or app, especially since you likely are already logged into your Google account.…

Read More
24 Oct

Personal Information Stolen in City of Philadelphia Email Hack

Data Breaches, Information, News

The City of Philadelphia has revealed that the information of certain individuals was stolen in a cyberattack earlier this year. The malicious activity, the city says in an incident notification (PDF) on its website, was initially identified on May 24, and involved its email environment. According to the city, the investigation into the matter has revealed that an unauthorized party had access to certain city email accounts between May 26 and July 28, and that…

Read More
24 Oct

Cybersecurity Awareness Month 2023 Blog Series | Recognizing and Reporting Phishing

Insights

During this week’s blog series, we sat down with two of our NIST experts from the Visualization and Usability Group at NIST — Shanée Dawkins and Jody Jacobs — who discussed the importance of recognizing and reporting phishing. This blog wraps up our Cybersecurity Awareness Month 2023 blog series…but we of course plan to continue to share, collaborate, learn, and spread the word all year long. 1. This week’s Cybersecurity Awareness Month theme is ‘recognize and report…

Read More
23 Oct

China Crackdown on Cyber Scams in Southeast Asia Nets Thousands but Leaves Networks Intact

Information, News

Zhang Hongliang, a former restaurant manager in central China, took various gigs in and outside China to support his family after losing his job during the COVID-19 pandemic. In March, a job offer to teach Chinese cooking at a restaurant led him into a cyber scam compound in Myanmar, where he was instead ordered to lure Chinese into giving up their savings for fake investment schemes via social media platforms. Zhang is one of tens…

Read More
23 Oct

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Information, Insights

A 22-year-old New Jersey man has been sentenced to more than 13 years in prison for participating in a firebombing and a shooting at homes in Pennsylvania last year. Patrick McGovern-Allen was the subject of a Sept. 4, 2022 story here about the emergence of “violence-as-a-service” offerings, where random people from the Internet hire themselves out to perform a variety of local, physical attacks, including firebombing a home, “bricking” windows, slashing tires, or performing a…

Read More
23 Oct

CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities

Attacks, Insights, Malware

Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). The guidance now notes that Cisco has fixed these vulnerabilities for the 17.9 Cisco IOS XE software release train with the 17.9.4a update. According to Cisco’s Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature, fixes are still to be determined for the following Cisco IOS XE software release…

Read More