CyberSecure Specialist

14 Jun

Attackers set up rogue GitHub repos with malware posing as zero-day exploits

Data Breaches, Malware, Social Engineering

In an unusual attack campaign, a hacker has been setting up rogue GitHub repositories that claim to host zero-day exploits for popular applications but which instead deliver malware. The attacker also created fake GitHub and Twitter accounts posing as security researchers and even used real photos of researchers from well-known cybersecurity firms. “The attacker has made a lot of effort to create all these fake personas, only to deliver very obvious malware,” researchers from security…

Read More
14 Jun

Microsoft Outs New Russian APT Linked to Wiper Attacks in Ukraine

Information, News

Security researchers at Microsoft are publicly outing a new APT group linked to Russia’s General Staff Main Intelligence Directorate (GRU), warning that the threat actor has worked on destructive wiper malware attacks that hit organizations in Ukraine. A new report from Redmond’s threat intelligence team tagged the group as ‘Cadet Blizzard’ and documented signs and evidence that adds clarity to the scope and usage of malware in a wartime environment. “[The] emergence of a novel…

Read More
14 Jun

Microsoft Office 365 AitM phishing reveals signs of much larger BEC campaign

Data Breaches, Malware, Social Engineering

Researchers investigating an Office 365 account compromise resulting from an adversary-in-the-middle (AitM) phishing attack found evidence of a much larger global attack campaign that spans the past year and is possibly tied to an infostealer malware called FormBook. “In the past few years, Sygnia’s IR teams have engaged in numerous incidents in which world-wide organizations were targeted by BEC attacks,” researchers from cybersecurity firm Sygnia said in their report. “While some of these attacks were…

Read More
14 Jun

Cybersixgill automates threat intelligence with IQ generative AI application

Data Breaches, Malware, Social Engineering

Cybersixgill’s new IQ cybersecurity threat intelligence application promises to offer quicker and more digestible intelligence on potential threats on the dark web, by leveraging generative AI to provide automated reporting and dissemination of information. The idea is to simplify access to threat intelligence data, which ordinarily is done manually by analysts. According to the company’s announcement, Cybersixgill IQ, which is trained on the company’s own data sets, is able to “democratize” cybersecurity threat intelligence by…

Read More
14 Jun

CISA and NSA Release Joint Guidance on Hardening Baseboard Management Controllers (BMCs)

Attacks, Insights, Malware

Today, CISA, together with the National Security Agency (NSA), released a Cybersecurity Information Sheet (CSI), highlighting threats to Baseboard Management Controller (BMC) implementations and detailing actions organizations can use to harden them.  BMCs are trusted components designed into a computer’s hardware that operate separately from the operating system (OS) and firmware to allow for remote management and control, even when the system is shut down. Hardened credentials, firmware updates, and network segmentation options are often…

Read More
14 Jun

CISA and Partners Release Joint Advisory on Understanding Ransomware Threat Actors: LockBit

Attacks, Insights, Malware

Today, CISA, the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and international partners released Understanding Ransomware Threat Actors: LockBit, a joint Cybersecurity Advisory (CSA) to help organizations understand and defend against threat actors using LockBit, the most globally used and prolific Ransomware-as-a-Service (RaaS) in 2022 and 2023. This guide is a comprehensive resource detailing the observed common vulnerabilities and exposures (CVEs) exploited, as well as the tools, and tactics,…

Read More
14 Jun

Rezilion releases agentless runtime software vulnerability management solution

Data Breaches, Malware, Social Engineering

Software supply chain security vendor Rezilion has announced the release of a new agentless solution for vulnerability management. It enables security teams to monitor exploitable software attack surfaces in runtime without using an agent, reducing the time and overhead required for traditional runtime-based software vulnerability analysis, according to the firm. Rezilion’s new solution covers all versions of Windows and Linux across 12 code languages, it said. Effective prioritization and remediation of software vulnerabilities can be…

Read More
14 Jun

Cyber liability insurance vs. data breach insurance: What’s the difference?

Data Breaches, Malware, Social Engineering

With an ever-increasing number of cybersecurity threats and attacks, companies are becoming motivated to protect their businesses and customer data both technically and financially. Finding the right insurance has become a key part of the security equation, which is no surprise given that the average cost of a data breach in the US has risen to $9.44 million — more than twice the global average of $4.35 million. The global cyber insurance market was valued…

Read More
13 Jun

British watchdog Ofcom latest victim of MOVEit attack

Attacks, Data Breaches

British television watchdog Ofcom is the latest victim of a supply chain attack against document transfer service MOVEit. The cyber attack against MOVEit saw Russian ransomware gang Clop exploit a critical zero-day vulnerability in the company’s infrastructure. This vulnerability allowed Clop to access the networks of companies that use MOVEit, meaning they were able to access and steal their data. During the cyber attack against Ofcom, confidential data on the companies regulated by the organization…

Read More
13 Jun

Top five APAC government hacks of 2023 (so far)

Attacks, Data Breaches

Local and national governments in the Asia-Pacific region have been high on the target list for hacking groups in 2023 Add bookmark In an interconnected world driven by advanced technology, the threat of cyber-espionage looms large, with governments increasingly becoming prime targets. The Asia-Pacific (APAC) region, home to bustling economies and geopolitical complexities, finds itself at the center of this silent war. From targeted attacks on critical infrastructure to the manipulation of sensitive information, such…

Read More