CyberSecure Specialist

17 May

Researchers show ways to abuse Microsoft Teams accounts for lateral movement

Data Breaches, Malware, Social Engineering

With organizations increasingly adopting cloud-based services and applications, especially collaboration tools, attackers have pivoted their attacks as well. Microsoft services consistently rank at the top of statistics when it comes to malicious sign-in attempts, and Microsoft Teams is one application that recently seems to have attracted attackers’ interest. Researchers from security firm Proofpoint investigated how attackers could abuse access to a Teams account and found some interesting attack vectors that could allow hackers to move…

Read More
17 May

Access to Energy Sector ICS/OT Systems Offered on Hacker Forums

Information, News

Threat actors have been offering access to energy sector organizations, including industrial control systems (ICS) and other operational technology (OT) systems, according to a new report from Searchlight Cyber. The UK-based threat intelligence company has conducted an analysis of posts published between February 2022 and February 2023 on cybercrime forums, dark web sites, and marketplaces, and found many offers for initial access into the environments of energy sector organizations, including oil and gas and renewable…

Read More
17 May

Entro exits stealth with context-based secrets management

Data Breaches, Malware, Social Engineering

Entro, the Israeli cybersecurity company focused on protection for secrets and programmatic access to cloud services and data, has exited stealth with its first-ever product offering context-based secrets management. The new offering is the first and only holistic secrets security platform that detects, safeguards, and provides context for secrets stored across vaults, source code, collaboration tools, cloud environments, and SaaS platforms, Entro claimed. “Entro implements proactive measures to secure secrets, such as real-time discovery, end-to-end visibility,…

Read More
17 May

Attacker uses the Azure Serial Console to gain access to Microsoft VM

Data Breaches, Malware, Social Engineering

Financially motivated threat actor UNC3944 is using phishing and SIM swapping attacks to take over Microsoft Azure admin accounts and gain access to virtual machines (VM), according to cybersecurity firm Mandiant. Using access to virtual machines the attackers employed malicious use of the Serial Console on Azure Virtual Machines to install third-party remote management software within client environments, Mandiant said in a blog. UNC3944 has been active since May 2022. The threat actor has been…

Read More
17 May

Insider threats surge across US CNI as attackers exploit human factors

Data Breaches, Malware, Social Engineering

Over three-quarters (77%) of organizations across US critical national infrastructure (CNI) have seen a rise in insider-driven cyberthreats in the last three years, according to new research from cybersecurity services firm Bridewell. The Cyber Security in CNI: 2023 report surveyed 525 cybersecurity decision makers in the US in the transport and aviation, utilities, finance, government, and communications sectors. It revealed that increased insider threat could be linked to heightened economic pressures and remote working. Threats…

Read More
17 May

Security breaches push digital trust to the fore

Data Breaches, Malware, Social Engineering

As digital transactions with customers, employees, suppliers, and other stakeholders grow, digital trustworthiness is set to become one of the most important enterprise-wide initiatives with the biggest potential impact (both negative and positive), even though it often has the smallest budget allocation. “Organizations are focusing on security and privacy, but if your customers don’t trust you, they will go elsewhere,” says Mark Thomas president of Escoute Consulting, which specializes in compliance. This view is borne…

Read More
17 May

Pig butchering scams: The anatomy of a fast‑growing threat

Information

How fraudsters groom their marks and move in for the kill using tricks from the playbooks of romance and investment scammers Sometimes you have to say things that go without saying: Social media and instant messaging have made staying in touch with friends easier than ever. These days, you’re never too far away from people within your social circle – as well as just about everybody else on the planet. What’s more, you don’t need…

Read More
17 May

ESET Research Podcast: A year of fighting rockets, soldiers, and wipers in Ukraine

Information

ESET experts share their insights on the cyber-elements of the first year of the war in Ukraine and how a growing number of destructive malware variants tried to rip through critical Ukrainian systems With the Russian invasion on February 24th, 2022, the age of wipers seems to have arrived as a growing number of destructive malware variants tried to rip through sensitive Ukrainian systems. While such attacks weren’t unheard of in the years preceding the…

Read More
17 May

You may not care where you download software from, but malware does

Information

Why do people still download files from sketchy places and get compromised as a result? One of the pieces of advice that security practitioners have been giving out for the past couple of decades, if not longer, is that you should only download software from reputable sites. As far as computer security advice goes, this seems like it should be fairly simple to practice. But even when such advice is widely shared, people still download…

Read More
17 May

Belkin Wemo Smart Plug V2 – the buffer overflow that won’t be patched

Information

by Paul Ducklin Researchers at IoT security company Sternum dug into a popular home automation mains plug from well-known device brand Belkin. The model they looked at, the Wemo Mini Smart Plug (F7C063) is apparently getting towards the end of its shelf life, but we found plenty of them for sale online, along with detailed advice and instructions on Belkin’s site on how to set them up. Old (in the short-term modern sense) though they…

Read More