CyberSecure Specialist

21 Jun

Apple patch fixes zero-day kernel hole reported by Kaspersky – update now!

Information

by Paul Ducklin Right at the start of June 2023, well-known Russian cybersecurity outfit Kaspersky reported on a previously unknown strain of iPhone malware. Most notable about the original story was its strapline: Targeted attack on [Kaspersky] management with the Triangulation Trojan. Although the company ultimately said, “We’re confident that Kaspersky was not the main target of this cyberattack”, the threat hunting it was called upon to do wasn’t on customer devices, but on its…

Read More
21 Jun

Why you should review the security of your MSSQL servers

Data Breaches, Malware, Social Engineering

Brute-force credential guessing attacks against database servers are ramping up with MSSQL being at the top of the target list. That’s because attackers can leverage the many extensibility features that Microsoft’s database server provides to integrate with other Windows components and features to elevate their privileges and gain full control of the underlying servers. Last week, researchers from security firm Trustwave released data collected over four months from their global honeypot project, a network of…

Read More
21 Jun

Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’ 

Information, News

Apple has rolled out a major security-themed iOS update to fix remote code execution vulnerabilities that have already been exploited in the wild. The patches address a pair of vulnerabilities reported by Russian anti-malware vendor Kaspersky and follow the public documentation of ‘Operation Triangulation,’ a digital spy campaign that used zero-click iMessage exploits. The patches – iOS 16.5.1, iPadOS 16.5.1, iOS 15.7.7 and iPadOS15.7.7 – cover security defects in kernel and WebKit and have been…

Read More
21 Jun

Why Malware Crypting Services Deserve More Scrutiny

Information, Insights

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. In fact, the process of “crypting” malware is sufficiently complex and time-consuming that most serious cybercrooks will outsource this critical function to a handful of trusted third parties. This story explores the history and identity behind Cryptor[.]biz,…

Read More
21 Jun

Ransomware attacks pose communications dilemmas for local governments

Data Breaches, Malware, Social Engineering

In the early morning of May 3, the City of Dallas, Texas, was hit by a ransomware attack, for which the Royal ransomware gang later took credit. The city’s police, fire rescue, water service payment, and development systems, among others, were significantly hampered by the incident, forcing many departments to revert to handwritten and radio-related communications. In a report dated May 31, released on June 9, the city said that more than 90% of the…

Read More
21 Jun

Baffle launches new user interface to simplify application data security

Data Breaches, Malware, Social Engineering

Data security software provider Baffle has released Baffle Manager 2.0, an interface upgrade to automate enterprise-level data protection for applications, analytics, and AI. The user interface upgrade is aimed at simplifying application-level encryptions, which were difficult and time-consuming with legacy systems, the company said in a press statement. “Baffle Manager 2.0 is a single platform where users can create and manage their data protection policies across the cloud, legacy, and third-party applications and stay on…

Read More
21 Jun

PwC and EY impacted by MOVEit cyber attack

Attacks, Data Breaches

Multinational accounting firms PricewaterhouseCoopers (PwC) and Ernst & Young (EY) are among the seemingly ever-growing list of victims linked to a cyber security incident that originated with data transfer service, MOVEit.  A supply chain cyber attack launched at MOVEit by ransomware gang Clop has resulted in a series of data breaches for a large number of high-profile brands including Health Service Ireland (HSE) and payroll services provider Zellis. The breach of Zellis has also led to…

Read More
21 Jun

Why CISOs should be concerned about space-based attacks

Data Breaches, Malware, Social Engineering

Russia didn’t just attack Ukraine on the ground when it invaded that country on February 24, 2022, it also raided Ukraine’s data connections in space. On that date, “a multifaceted and deliberate cyber-attack against Viasat’s KA-SAT network resulted in a partial interruption of KA-SAT’s consumer-oriented satellite broadband service,” Viasat reported on March 30, 2022. According to the satellite services provider, “the cyber-attack did impact several thousand customers located in Ukraine and tens of thousands of…

Read More
20 Jun

Passwords out, passkeys in: are you ready to make the switch?

Information

With passkeys poised for prime time, passwords seem passé. What are the main benefits of ditching one in favor of the other? Chances are good that many of us have had enough of passwords. In a world where we have to manage access for scores of online accounts, passwords no longer seem fit for purpose. Many of us reuse the same, easy-to-remember login credentials across these apps and websites and commit other password-related mistakes, which…

Read More
20 Jun

ASUS warns router customers: Patch now, or block all inbound requests

Information

by Paul Ducklin ASUS is a well-known maker of popular electronics products, ranging from laptops and phones to home routers and graphics cards. This week, the company published firmware updates for a wide range of its home routers, along with a strong warning that if you aren’t willing or able to update your firmware right now, then you need to: [Disable] services accessible from the WAN side to avoid potential unwanted intrusions. These services include…

Read More