CyberSecure Specialist

28 Sep

Can open-source software be secure?

Information

Secure Coding, Business Security Or, is mass public meddling just opening the door for problems? And how does open-source software compare to proprietary software in terms of security? 26 Sep 2023  •  , 5 min. read There are – and will always be – vulnerabilities in software. Just like there is no perfect security, there is no perfect codebase. That begs the question: What is the best way to fix software problems, especially at scale?…

Read More
28 Sep

NIST Unveils Newly Named Human-Centered Cybersecurity Program

Insights

The Human-Centered Cybersecurity program (formerly Usable Cybersecurity) is part of the Visualization and Usability Group at NIST. It was created in 2008, but we’ve known for quite some time that we needed to rename our program to better represent the broader scope of work we provide for the cybersecurity practitioner and IT professional communities. We made the decision to update the name to Human-Centered Cybersecurity to better reflect our new (but long-time practiced) mission statement,…

Read More
28 Sep

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Information, News

Google has rushed to patch another Chrome zero-day vulnerability exploited by a commercial spyware vendor.  The internet giant announced on Tuesday that the stable channel of Chrome for Windows, macOS and Linux has been updated to version 117.0.5938.132. The latest update patches 10 vulnerabilities, three of which have been highlighted by the company in its advisory. The most important vulnerability, tracked as CVE-2023-5217, has been described as a “heap buffer overflow in vp8 encoding in…

Read More
27 Sep

NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors

Attacks, Insights, Malware

Today, the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA), along with the Japan National Police Agency (NPA) and the Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released joint Cybersecurity Advisory (CSA) People’s Republic of China-Linked Cyber Actors Hide in Router Firmware. The CSA details activity by cyber actors, known as BlackTech, linked to the People’s Republic of China (PRC). The advisory…

Read More
27 Sep

Mozilla Releases Security Advisories for Thunderbird and Firefox

Attacks, Insights, Malware

Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox ESR 115.3, and Firefox 118. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security advisories for Thunderbird 115.3, Firefox ESR 115.3 and Firefox 118 for more information and apply the necessary updates.

Read More
27 Sep

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Data Breaches, Information, Insights

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord. First spotted in 2018,…

Read More
27 Sep

Update on Naked Security

Information

Dear Naked Security readers, Firstly, thank you for your interest, your time, and your contributions to the Naked Security community. Your invaluable engagement and expertise have helped improve cybersecurity for everyone. We have recently added the extensive catalog of Naked Security articles to the Sophos News blog platform, enabling us to provide all Sophos security research, insights, and intelligence in a single location. We are redirecting articles from Naked Security to Sophos News and you…

Read More
27 Sep

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data

Information, News

Nearly all modern graphics processing units (GPUs) are vulnerable to a new type of side-channel attack that could be leveraged to obtain sensitive information, according to a team of researchers from various universities in the United States. The new attack method, named GPU.zip, was discovered and detailed by representatives of the University of Texas at Austin, Carnegie Mellon University, University of Washington, and University of Illinois Urbana-Champaign. The GPU.zip attack leverages hardware-based graphical data compression,…

Read More
25 Sep

Stealthy APT Gelsemium Seen Targeting Southeast Asian Government

Information, News

A stealthy advanced persistent threat (APT) actor known as Gelsemium has been observed targeting a government entity in Southeast Asia to establish persistence and collect intelligence, cybersecurity firm Palo Alto Networks reveals. As part of the observed activity, spanning over a period of six months in late 2022 and into 2023, the threat actor deployed a variety of web shells to support lateral movement and malware delivery, along with backdoors, a Cobalt Strike beacon, and…

Read More
24 Sep

Stealth Falcon preying over Middle Eastern skies with Deadglyph

Information

For years, the Middle East has maintained its reputation as a fertile ground for advanced persistent threats (APTs). In the midst of routine monitoring of suspicious activities on the systems of high-profile customers, some based in this region, ESET Research stumbled upon a very sophisticated and unknown backdoor that we have named Deadglyph. We derived the name from artifacts found in the backdoor (such as 0xDEADB001, shown also in Table 1), coupled with the presence…

Read More