CyberSecure Specialist

07 Jul

CISA Adds One Known Vulnerability to Catalog

Attacks, Insights, Malware

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-29256 Arm Mali GPU Kernel Driver Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates. Binding Operational Directive (BOD)…

Read More
07 Jul

Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities

Attacks, Insights, Malware

Progress Software has released a Service Pack to address three newly disclosed vulnerabilities (CVE-2023-36934, CVE-2023-36932, CVE-2023-36933) in MOVEit Transfer. A cyber threat actor could exploit some of these vulnerabilities to obtain sensitive information.  CISA encourages users to review Progress Software’s MOVEit Transfer article and apply product updates as applicable for security improvements.

Read More
07 Jul

What’s up with Emotet?

Information

A brief summary of what happened with Emotet since its comeback in November 2021 Emotet is a malware family active since 2014, operated by a cybercrime group known as Mealybug or TA542. Although it started as a banking trojan, it later evolved into a botnet that became one of the most prevalent threats worldwide. Emotet spreads via spam emails; it can exfiltrate information from, and deliver third-party malware to, compromised computers. Emotet operators are not…

Read More
07 Jul

S3 Ep142: Putting the X in X-Ops

Information, Malware

by Paul Ducklin PUTTING THE X IN X-OPS First there was DevOps, then SecOps, then DevSecOps. Or should that be SecDevOps? Paul Ducklin talks to Sophos X-Ops insider Matt Holdcroft about how to get all your corporate “Ops” teams working together, with cybersecurity correctness as a guiding light. No audio player below? Listen directly on Soundcloud. With Paul Ducklin and Matt Holdcroft. Intro and outro music by Edith Mudge. You can listen to us on…

Read More
06 Jul

Truebot Hackers Exploiting Netwrix Auditor Flaw: CISA, FBI Alert

Information, News

The US government’s cybersecurity agency CISA on Thursday warned that hackers linked to the Truebot malware operation are exploiting a known vulnerability in the Netwrix Auditor application to break into organizations in the US and Canada. In a joint advisory issued alongside the FBI and information sharing partners in Canada, CISA urged network admins to immediately apply patches for remote code execution flaws in IT auditing software sold by Netwrix. The issue, tagged as CVE-2022-31199,…

Read More
06 Jul

Mozilla Releases Security Advisories for Thunderbird, Firefox, and Firefox ESR

Attacks, Insights, Malware

Mozilla has released security advisories to address vulnerabilities in Thunderbird, Firefox, and Firefox ESR. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply the necessary updates: Security Vulnerabilities fixed in Firefox 115 Mozilla Foundation Security Advisory 2023-24 Security Vulnerabilities fixed in Firefox ESR 102.13 Mozilla Foundation Security Advisory 2023-23 Security Vulnerabilities fixed in Thunderbird 102.13…

Read More
06 Jul

CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants

Attacks, Insights, Malware

Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigations (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) released a joint Cybersecurity Advisory (CSA), Increased Truebot Activity Infects U.S. and Canada Based Networks, to help organizations detect and protect against newly identified Truebot malware variants. Based on confirmation from open-source reporting and analytical findings of Truebot variants, the four organizations assess cyber threat actors…

Read More
06 Jul

Firefox 115 is out, says farewell to older Windows and Mac users

Information

by Paul Ducklin Firefox’s latest monthly update just came out, bumping the primary version of the popular alternative browser to 115.0. OK, it’s technically a once-every-four-weeks update, so that there will sometimes be two major updates in a single calendar month, just as you sometimes get two full moons in a month, but this month there’s only one. (At the end of next month, August 2023, there will co-incidentally be both a blue moon, which…

Read More
05 Jul

Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech

Information, News

Infisical, a San Francisco startup working on open-source technology to help organizations manage secrets sprawl, has banked $2.8 million in seed funding as investors continue to bet on early stage companies in the supply chain security space. Infisical’s seed round was led by Gradient Ventures, the Google-owned venture capital outfit.  The company said it also took on equity investments from Y Combinator, TwentyTwo VC, and a prominent list of prominent tech executives. The Silicon Valley…

Read More
05 Jul

Deepfaking it: What to know about deepfake‑driven sextortion schemes

Information

Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns The U.S. Federal Bureau of Investigation (FBI) is warning about an increase in extortion campaigns where criminals tap into readily available artificial intelligence (AI) tools to create sexually explicit deepfakes from people’s innocent photos and then harass or blackmail them. According to its recent Public Service Announcement, the Bureau has received a growing number of…

Read More