CyberSecure Specialist

09 May

Google wins court order to force ISPs to filter botnet traffic

Information

by Naked Security writer A US court has recently unsealed a restraining order against a gang of alleged cybercrooks operating outside the country, based on a formal legal complaint from internet giant Google. Google, it seems, decided to use its size, influence and network data to say, “No more!”, based on evidence it had collected about a cybergang known loosely as the CryptBot crew, whom Google claimed were: Ripping off Google product names, icons and…

Read More
09 May

Low-level motherboard security keys leaked in MSI breach, claim researchers

Information

by Paul Ducklin About a month ago, we wrote about a data breach notification issued by major motherboard manufacturer MSI. The company said: MSI recently suffered a cyberattack on part of its information systems. […] Currently, the affected systems have gradually resumed normal operations, with no significant impact on financial business. […] MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official…

Read More
09 May

Microsoft Patch Tuesday: 40 Vulnerabilities, 2 Zero-Days

Information, News

Microsoft on Tuesday announced patches for 40 newly documented vulnerabilities in its products, including two zero-day flaws. One of the zero-days, CVE-2023-29336, is described as an elevation of privilege bug in the Win32k driver. Successful exploitation could allow an attacker to gain System privileges. Microsoft has shared no information on the attacks exploiting this vulnerability, but such issues are typically combined with code execution flaws to spread malware, according to Trend Micro’s Zero Day Initiative…

Read More
09 May

Cybersecurity stress returns after a brief calm: ProofPoint report

Data Breaches, Malware, Social Engineering

Global cybersecurity concerns are returning to pandemic levels as 68% of CISOs from 16 countries said they fear a cyberattack in the next 12 months, according to a ProofPoint survey. “With the disruption of the pandemic now largely behind us, the return to normal operations may imply that CISOs can breathe easier, but the opposite is true,” said Lucia Milică Stacy, Global Resident CISO of Proofpoint. “Compared with last year, CISOs are feeling less prepared…

Read More
09 May

Feds Take Down 13 More DDoS-for-Hire Services

Information, Insights

The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to “booter” services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S. men with computer crimes for allegedly operating booters. Booter services are advertised through a variety of methods, including Dark Web forums, chat platforms and even youtube.com. They accept…

Read More
09 May

Malwarebytes releases Mobile Security for OneView to secure Chromebooks, Android, iOS devices

Data Breaches, Malware, Social Engineering

Endpoint security vendor Malwarebytes has announced the release of Mobile Security for OneView to enable managed service providers (MSPs) to protect Chromebooks, Android, and iOS devices against mobile threats such as ransomware and malicious apps. MSPs can now use the Malwarebytes OneView platform to monitor their customers’ mobile phones and tablets alongside their servers, workstations, and laptops, the firm said. They can prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app…

Read More
09 May

DigiCert’s DigiCert ONE platform now available on Oracle Cloud Infrastructure

Data Breaches, Malware, Social Engineering

Digital trust firm DigiCert has announced a partnership with Oracle to make DigiCert ONE available on Oracle Cloud Infrastructure (OCI). DigiCert ONE is a cloud-native SaaS platform that secures and centrally manages users, devices, servers, documents, and software. Companies use OCI for various functions including secure infrastructure, application, and workload management. The partnership makes DigiCert ONE on OCI easy to deploy and scalable within customers’ single or multi-cloud environments, allowing users to find the right…

Read More
09 May

Nebulon’s TripLine offers ransomware encryption protection for on-prem systems

Data Breaches, Malware, Social Engineering

Smart infrastructure provider Nebulon today announced the immediate availability of TripLine, an early warning system for cryptographically based ransomware attacks on on-premises systems. It’s designed to quickly identify the precise time and system location where an attack has occurred. Nebulon said that the new service uses two techniques to achieve this aim. The first is the “secure enclave,” which is a domain isolated from the infrastructure that includes core management and storage functions. Second, it…

Read More
09 May

CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors

Attacks, Insights, Malware

Today, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and defend against this threat. CISA urges organizations to review the advisory for more information and apply the recommended mitigations and detection guidance. For more information on FSB and Russian state-sponsored cyber activity, please see…

Read More
09 May

Mozilla Releases Security Advisories for Multiple Products

Attacks, Insights, Malware

Mozilla has released security advisories to address vulnerabilities in Firefox and Firefox ESR. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply the necessary updates: Security Vulnerabilities fixed in Firefox 113 Mozilla Foundation Security Advisory 2023-16 Security Vulnerabilities fixed in Firefox ESR 102.11 Mozilla Foundation Security Advisory 2023-17 For updates addressing lower severity vulnerabilities, see the…

Read More