CyberSecure Specialist

08 Sep

New Phishing Campaign Launched via Google Looker Studio

Information, News

Cybersecurity firm Check Point is warning of a new type of phishing attacks that abuse Google Looker Studio to bypass protections. Google Looker Studio is a legitimate online tool for creating customizable reports, including charts and graphs, that can be easily shared with others. As part of the observed attacks, threat actors are using Google Looker Studio to create fake crypto pages that are then delivered to the intended victims in emails sent from the…

Read More
07 Sep

Apple Patches Actively Exploited iOS, macOS Zero-Days

Information, News

Apple on Thursday pushed out an urgent point-update to its flagship iOS and macOS platforms to fix a pair of security defects being exploited in the wild. The vulnerabilities, fixed in the latest iOS 16.6.1 and macOS Ventura 13.5.2 releases, are credited to the Citizen Lab at The University of Torontoʼs Munk School, suggesting exploitation in commercial surveillance spyware products. The Citizen Lab at The University of Torontoʼs Munk School actively tracks PSOAs (private sector…

Read More
07 Sep

CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

Attacks, Insights, Malware

Today, CISA, Federal Bureau of Investigation (FBI), and U.S. Cyber Command’s Cyber National Mission Force (CNMF) published a joint Cybersecurity Advisory (CSA), Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475. This CSA provides information on an incident at an Aeronautical Sector organization, with malicious activity occurring as early as January 2023.  CISA, FBI, and CNMF confirmed that nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain unauthorized access to a public-facing application (Zoho ManageEngine…

Read More
06 Sep

Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes

Data Breaches, Information, News

Microsoft has published a post-mortem detailing multiple errors that led to Chinese cyberspies hacking into US government emails, blaming the embarrassing incident on a crash dump stolen from a hacked engineer’s corporate account. The crash dump, which dated back to April 2021, contained a Microsoft account (MSA) consumer key that was used to forge tokens to break into OWA and Outlook.com accounts. “Our investigation found that a consumer signing system crash in April of 2021…

Read More
06 Sep

CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack

Attacks, Insights, Malware

CISA has released actionable guidance for Federal Civilian Executive Branch (FCEB) agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service (DDoS) attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against Web Services Technical Guidance:   Helps agencies prioritize DDoS mitigations based on mission and reputational impact.  Describes DDoS mitigation services so agencies can make risk-informed tradeoff decisions on how to use available resources most effectively. …

Read More
06 Sep

CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

Attacks, Insights, Malware

The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to a previously published Cybersecurity Advisory (CSA), Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations about threat actors exploiting CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Application Delivery Controller (ADC) and NetScaler Gateway—contains victim information gathered in August 2023. Since July 2023, the Joint Cyber Defense Collaborative (JCDC)…

Read More
05 Sep

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Data Breaches, Information, Insights

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. Taylor Monahan is lead product manager of MetaMask, a…

Read More
05 Sep

CISA Hires ‘Mudge’ to Work on Security-by-Design Principles

Information, News

The U.S. government’s cybersecurity agency CISA on Monday confirmed the addition of Peiter ‘Mudge’ Zatko to its roster of prominent voices preaching the gospel of security-by-design and secure-by-default development principles. Zatko, most recently the CISO at Twitter who blew the whistle on the social media giant’s security shortcomings, is joining the agency in a part-time capacity to work on the “security and resilience by design” pillar of the Biden administration’s National Cybersecurity Strategy. A statement…

Read More