CyberSecure Specialist

01 Jun

Serious Security: That KeePass “master password crack”, and what we can learn from it

Information

by Paul Ducklin Over the last two weeks, we’ve seen a series of articles talking up what’s been described as a “master password crack” in the popular open-source password manager KeePass. The bug was considered important enough to get an official US government identifier (it’s known as CVE-2023-32784, if you want to hunt it down), and given that the master password to your password manager is pretty much the key to your whole digital castle,…

Read More
01 Jun

Russia Blames US Intelligence for iOS Zero-Click Attacks

Information, News

Russian anti-malware vendor Kaspersky on Thursday said it discovered an APT actor launching zero-click iMessage exploits on iOS-powered devices in its corporate network. Kaspersky’s disclosure comes on the same day Russia’s Federal Security Service (FSB) blamed US intelligence agencies for an ongoing spy campaign targeting thousands of iOS devices belonging to domestic subscribers and foreign diplomatic missions. The FSB, the Russian security agency that succeeded the Soviet KGB, said iPhones belonging to diplomats from NATO…

Read More
01 Jun

ISACA pledges to help grow cybersecurity workforce in Europe

Data Breaches, Malware, Social Engineering

Global professional association ISACA has announced a pledge to the European Commission to grow and empower the cybersecurity workforce in Europe. The pledge will see ISACA provide 20,000 free memberships to students across Europe to acquire crucial cybersecurity skills and support the identification of qualified cybersecurity candidates for organizations, supporting the European Union’s (EU) cybersecurity agenda, it said. Closing the cybersecurity workforce gap and promoting diversity within the field will be key focus areas, helping…

Read More
01 Jun

IOTW: MCNA Dental suffers data breach affecting 8.9 million patients

Attacks, Data Breaches

American dental insurer, MCNA Dental, has suffered a ransomware-related data breach that has exposed the data of more than 8.9 million patients. In a notice published to its website on May 26, MCNA Dental said that it became aware of malicious actors gaining unauthorized access to its systems on March 6. An investigation into the data breach revealed that malicious actors had been accessing MCNA Dental’s network since February 26. During the malware attack and…

Read More
01 Jun

BigID wants to let you tweak your data classifications manually

Data Breaches, Malware, Social Engineering

BigID is adding a feature that lets end users of its data intelligence platform manually adjust classification models, in an effort to make those more precise without the need for advanced coding knowledge. The company announced today that the new feature, called classifier tuning, would allow users to adjust machine learning models in real time, leading to improved accuracy in the classification of machine-discovered data. BigID said that the idea is to help businesses, which…

Read More
01 Jun

Progress Software Releases Security Advisory for MOVEit Transfer

Attacks, Insights, Malware

Progress Software has released a security advisory for a SQL injection vulnerability (CVE-2023-34362) in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urgers users and organizations to review the MOVEit Transfer Advisory, follow the mitigation steps, apply the necessary updates, and hunt for any malicious activity.  

Read More
01 Jun

What is the Cybercrime Atlas? How it can help disrupt cybercrime

Data Breaches, Malware, Social Engineering

Announced in June 2022, the Cybercrime Atlas is an initiative from the World Economic Forum (WEF) to map activities of cybercriminals and create a database that can be used by law enforcement across the world to disrupt the cyber-criminal ecosystem. Cybercrime Atlas officially launched in February 2023 in a partnership between WEF and Banco Santander, Fortinet, Microsoft, and PayPal. Cybercrime Atlas was conceptualized by WEF’s Partnership against Cybercrime, which includes more than 40 public and…

Read More
31 May

Gigabyte firmware component can be abused as a backdoor

Data Breaches, Malware, Social Engineering

Researchers warn that the UEFI firmware in many motherboards made by PC hardware manufacturer Gigabyte injects executable code inside the Windows kernel in an unsafe way that can be abused by attackers to compromise systems. Sophisticated APT groups are abusing similar implementations in the wild. “While our ongoing investigation has not confirmed exploitation by a specific threat actor, an active widespread backdoor that is difficult to remove poses a supply chain risk for organizations with…

Read More
31 May

Tricks of the trade: How a cybercrime ring operated a multi‑level fraud scheme

Information

A peek under the hood of a cybercrime operation and what you can do to avoid being an easy target for similar ploys They hacked into corporate emails, stole money from people and businesses, and tricked others into transferring the loot. Nigerian nationals Solomon Ekunke Okpe and Johnson Uke Obogo ran a sophisticated fraud scheme that caused up to US$1 million in losses to victims. A US court recently sentenced the duo to four years and…

Read More
31 May

Serious Security: Verification is vital – examining an OAUTH login bug

Information

by Paul Ducklin Researchers at web coding security company SALT just published a fascinating description of how they found an authentication bug dubbed CVE-2023-28131 in a popular online app-buildin toolkit known as Expo. The good news is that Expo responded really quickly to SALT’s bug report, coming up with a fix within just a few hours of SALT’s responsible disclosure. Fortunately, the fix didn’t rely on customers downloading anything, because the patch was implemented inside…

Read More