CyberSecure Specialist

26 May

S3 Ep136: Navigating a manic malware maelstrom

Information, Malware, Uncategorized

by Paul Ducklin A PYTHON PERSPECTIVE VORTEX No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Cybercrime after cybercrime, some Apple updates, and an attack on a…

Read More
26 May

Elon Musk’s social security number allegedly leaked in Tesla data breach

Attacks, Data Breaches

Car manufacturer Tesla’s CEO, Elon Musk, may have had his social security number leaked in a data breach that saw 100GB of confidential information accessed. The Dutch data protection watchdog, Autoriteit Persoonsgegevens (DPA), has said that Tesla may have failed to protect confidential data from employees, customers and business partners. According to news publication Reuters, Tesla has been accused of failing to protect employee, customer and business partner data after 100GB of confidential information was…

Read More
26 May

Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation

Information, News

A recently identified ransomware operation called Buhti is using LockBit and Babuk variants to target both Linux and Windows systems, Symantec reports. Initially observed in February 2023, the Buhti operation, which Symantec calls Blacktail, has been rapidly expanding since mid-April, exploiting recent vulnerabilities for initial access, and relying on a custom tool to steal victim files. In a recent attack, the Buhti operators used a minimally modified version of the LockBit 3.0 (LockBit Black) ransomware…

Read More
26 May

Google Cloud Users Can Now Automate TLS Certificate Lifecycle

Information, News

Google on Thursday announced the availability of its Automatic Certificate Management Environment (ACME) API for all Google Cloud users, allowing them to automatically acquire and renew TLS certificates for free. The ACME protocol was designed to automate TLS certificate lifecycle through APIs that are supported by dozens of clients, and has become the standard for certificate management across the internet, with most TLS certificates in the WebPKI being issued by ACME certificate authorities. The protocol’s…

Read More
26 May

Zyxel Firewalls Hacked by Mirai Botnet

Information, News

A Mirai botnet variant has been exploiting a recently patched vulnerability tracked as CVE-2023-28771 to hack many Zyxel firewalls.  The Taiwan-based networking device manufacturer informed customers about the security hole on April 25, when it announced the availability of patches for impacted ATP, VPN, USG Flex and ZyWALL/USG firewalls. The OS command injection vulnerability, found by Trapa Security, is caused by improper error message handling in some firewalls, and it could allow an unauthenticated attacker…

Read More
26 May

Watch Now: Threat Detection and Incident Response Virtual Summit

Information, News

All sessions from SecurityWeek’s Threat Detection & Incident Response Summit  are now available to watch on demand. This fully immersive online event brought together security practitioners from around the world to share war stories on breaches and the murky world of high-end cyberattacks. Gain insights and learn strategies as we discuss threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack. Agenda sessions available to watch on demand include…

Read More
25 May

How to check for new exploits in real time? VulnCheck has an answer

Data Breaches, Malware, Social Engineering

Cybersecurity professionals who need to track the latest vulnerability exploits now have a new tool designed to make their job easier, with the launch today of VulnCheck XDB, a database of exploits and proof of concepts hosted on Git repositories. The tool, from cyberthreat intelligence provider VulnCheck, is aimed at helping vulnerability researchers and security teams prioritize vulnerabilities based on the availability and criticality of new exploits that have been made public. “There is a…

Read More
25 May

Inactive accounts pose significant account takeover security risks

Data Breaches, Malware, Social Engineering

Inactive and non-maintained accounts pose significant security risks to users and businesses, with cybercriminals adept at using information stolen from forgotten or otherwise non-upheld accounts to exploit active accounts. That’s according to Okta’s first Customer Identity Trends Report which surveyed more than 20,000 consumers in 14 countries about their online experiences and attitudes towards digital security and identity. It found that increasing identity sprawl can trigger significant account takeover (ATO) security risks due to accounts…

Read More
25 May

CISA Warns of Hurricane/Typhoon-Related Scams

Attacks, Insights, Malware

CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon, as attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures (TTPs). Social engineering TTPs include phishing attacks that use email or malicious websites to solicit personal information by posing as a trustworthy organization, notably as charities providing relief. Exercise caution in handling emails with hurricane/typhoon-related subject lines, attachments, or hyperlinks…

Read More
25 May

Digital security for the self‑employed: Staying safe without an IT team to help

Information

Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business Approximately one in seven people in Europe and the United States are self-employed, often realizing their dream to be in charge of their own destiny and having more freedom and control over their careers. But with nominally more freedom to shape the trajectory of their future comes extra jeopardy. This often means little or no…

Read More