CyberSecure Specialist

06 Jun

KeePass Update Patches Vulnerability Exposing Master Password

Information, News

Open source password manager KeePass was updated over the weekend to patch a vulnerability allowing attackers to retrieve the cleartext master password from a memory dump. Tracked as CVE-2023-32784 and impacting KeePass 2.x versions, the issue is related to the custom-developed textbox used for password entry, which creates a leftover string in memory for each character that the user types. An attacker can use a KeePass process dump, a hibernation file, a swap file, or…

Read More
06 Jun

Only one in 10 CISOs today are board-ready, study says

Data Breaches, Malware, Social Engineering

Even though there is a growing demand for cybersecurity expertise at the highest levels of business, a significant number of public companies lack even one qualified cybersecurity expert on their board of directors, according to a study by cybersecurity research and advisory firm IANS. In addition, the study found that just a little more than one in 10 CISOs have all the key traits thought to be crucial for success on a corporate board. In…

Read More
06 Jun

Lacework’s new CIEM uses ML to fish out high-risk identities

Data Breaches, Malware, Social Engineering

Cloud security provider Lacework has released a new cloud infrastructure entitlement management (CIEM) offering to strengthen the observability of all cloud identities. The new capability is aimed at simplifying Lacework’s cloud security offering by merging with its existing cloud security posture management (CSPM), attack path analysis, and threat detection capabilities into a single platform.   “CIEM enriches our platform with cloud identity and entitlement configuration data, along with the understanding of how identities and entitlements are…

Read More
06 Jun

BBC, Boots and British Airways affected by malware gang attack

Attacks, Data Breaches

A cyber attack against document transfer app MOVEit has resulted in data breaches of several high-profile UK organizations and businesses. Those affected includes the British Broadcasting Company (BBC), health and beauty retailer Boots and UK-based airline British Airways.  The attack involved the exploitation of a critical vulnerability in MOVEit’s infrastructure which allows malicious actors to break into company networks and steal data. The vulnerability was flagged by security researchers and the US government on June…

Read More
06 Jun

CISA and Partners Release Joint Guide to Securing Remote Access Software

Attacks, Insights, Malware

Today, CISA, Federal Bureau of Investigation (FBI), the National Security Agency (NSA), Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Israel National Cyber Directorate (INCD) released the Guide to Securing Remote Access Software. This new joint guide is the result of a collaborative effort to provide an overview of legitimate uses of remote access software, as well as common exploitations and associated tactics, techniques, and procedures (TTPs), and how to detect and defend against malicious…

Read More
06 Jun

OWASP lists 10 most critical large language model vulnerabilities

Data Breaches, Malware, Social Engineering

The Open Worldwide Application Security Project (OWASP) has published the top 10 most critical vulnerabilities often seen in large language model (LLM) applications, highlighting their potential impact, ease of exploitation, and prevalence. Examples of vulnerabilities include prompt injections, data leakage, inadequate sandboxing, and unauthorized code execution. The list aims to educate developers, designers, architects, managers, and organizations about the potential security risks when deploying and managing LLMs, raising awareness of vulnerabilities, suggesting remediation strategies, and…

Read More
05 Jun

RomCom ransomware is being spread via poisoned Google ads

Attacks, Data Breaches

RomCom ransomware is being spread via poisoned Google adverts for legitimate software companies including Chat-GPT, PDF Reader Pro and Devolutions’ Remote Desktop Manager. According to researchers at IT security company Trend Micro, malicious actors are using Google advertisements for trusted companies to entice people into clicking on the advert and downloading RomCom ransomware onto their devices. The malicious actors are doing this through the use of fake sites set up to look like legitimate ones…

Read More
05 Jun

What if the Current AI Hype Is a Dead End?

Information, News

As I discussed in my previous column on Cybersecurity Futurism for Beginners, we are applying methods and approaches commonly used in future studies, especially horizon scanning and scenario planning, to explore future scenarios for how AI such as LLM’s may impact security operations going forward. To quickly rehash, horizon scanning is not strictly speaking about predicting the future. Rather, it’s about the early detection of weak signals to identify drivers of emerging trends. We’re not…

Read More
05 Jun

Atomic Wallet hack leads to at least $35M in stolen crypto assets

Data Breaches, Malware, Social Engineering

A cyberattack on crypto wallet Atomic Wallet has resulted in at least $35 million worth of crypto assets being stolen since June 2, according to ZachXBT, an independent  on-chain investigator known for tracing stolen crypto funds and assisting with hacked projects. The five most significant losses account for $17 million.  “Think it could surpass $50m. Keep finding more and more victims sadly,” said  ZachXBT, in a tweet. The biggest victim of the Atomic Wallet was…

Read More
05 Jun

SAFE Security claims to predict data breaches with new generative AI offering

Data Breaches, Malware, Social Engineering

AI-based cyber risk management SaaS vendor SAFE Security has announced the release Cyber Risk Cloud of Cloud – a new offering it claims uses generative AI to help businesses predict and prevent cyber breaches. It does so by answering questions about a customer’s cybersecurity posture and generating likelihoods for different risk scenarios. These include the likelihood of a business suffering a ransomware attack in the next 12 months and the dollar impact of an attack,…

Read More