CyberSecure Specialist

03 Aug

How Malicious Android Apps Slip Into Disguise

Information, Insights

Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research. At issue is a mobile malware obfuscation method identified by researchers at ThreatFabric, a security firm based in Amsterdam. Aleksandr Eremin, a senior malware analyst at the company, told KrebsOnSecurity…

Read More
02 Aug

Performance and security clash yet again in “Collide+Power” attack

Information

by Paul Ducklin Another week, another BWAIN! As you’ll know if you listened to last week’s podcast (hint, hint!), BWAIN is short for Bug With An Impressive Name: It’s a nickname we apply when the finders of a new cybersecurity attack get so excited about their discovery that they give it a PR-friendly moniker, register a vanity domain name for it, build it a custom website, and design it a special logo. This time, the…

Read More
02 Aug

Microsoft Catches Russian Government Hackers Phishing with Teams Chat App

Information, News

Software giant Microsoft on Wednesday sounded an alarm after catching a known Russian government-linked hacking group using its Microsoft Teams chat app to phish for credentials at targeted organizations. According to a research report from Redmond’s Threat Intelligence team, the hacking team is linked to the Foreign Intelligence Service of the Russian Federation (also known as the SVR) and has been caught targeting government, non-government organizations (NGOs), IT services, technology, discrete manufacturing, and media sectors.…

Read More
02 Aug

Mozilla Releases Security Updates for Firefox and Firefox ESR

Attacks, Insights, Malware

Mozilla has released security updates to address vulnerabilities for Firefox 116, Firefox ESR 115.1, and Firefox ESR 102.14. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox 116, Firefox ESR 115.1, and Firefox ESR 102.14 for more information and apply the necessary updates.

Read More
01 Aug

Firefox fixes a flurry of flaws in the first of two releases this month

Information

by Paul Ducklin The latest full new version of Firefox is out, marking the first of two “monthly” upgrades you’ll see this month. Just as there will be a blue moon in August 2023 (that’s the name applied to a second full moon in the same calendar month, rather than reference to an atmospheric phenomenon that makes the moon seem blue, in case you ever wondered), there will be a blue Firefox too. Firefox version…

Read More
01 Aug

Forgepoint Capital Places $15M Series A Bet on Converge Insurance

Information, News

Venture capital outfit Forgepoint Capital has placed another bet in the cyber-insurance sector, leading a $15 million funding round for New York tech startup Converge Insurance. The $15 million Series A investment is Forgepoint’s second push into the cyber-insurance sector following last year’s incubation of Surefire Cyber, a startup selling incident response services specifically to cyber insurers, brokers and legal firms. Converge Insurance describes itself as a modern managing general agent (MGA) that fuses cyber…

Read More
01 Aug

CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities

Attacks, Insights, Malware

The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) have released a joint Cybersecurity Advisory (CSA), Threat Actors Exploiting Ivanti EPMM Vulnerabilities, in response to the active exploitation of CVE-2023-35078 and CVE-2023-35081 affecting Ivanti Endpoint Manager Mobile (EPMM) (formerly known as MobileIron Core). Threat actors can chain these vulnerabilities to gain initial, privileged access to EPMM systems and execute uploaded files, such as webshells.  In July 2023, NCSC-NO became…

Read More
31 Jul

SEC demands four-day disclosure limit for cybersecurity breaches

Information

by Paul Ducklin Last week, the US Securities and Exchange Commission (SEC) announced new and fairly strict rules about cybersecurity breach disclosures for any people or companies that fall under its regulatory remit. The SEC, by the way, was founded at the height of the US Great Depression in the 1930s, with the aim of preventing the sort of unregulated speculation that led to what became known as Black Thursday, the infamous Wall Street crash…

Read More
31 Jul

US Gov Rolls Out National Cyber Workforce, Education Strategy

Information, News

The Biden administration on Monday rolled out its first-ever National Cyber Workforce and Education Strategy (NCWES), announcing a series of “generational investments” to  address immediate and long-term cyber workforce needs.  The new strategy seeks to transform cyber education in K-12 schools, community colleges and technical schools, invest in teachers and cyber education systems and make training more accessible and affordable.  “Filling the hundreds of thousands of cyber job vacancies across our nation is a national…

Read More