CyberSecure Specialist

24 Mar

Understanding Managed Detection and Response – and what to look for in an MDR solution

Information

Why your organization should consider an MDR solution and five key things to look for in a service offering The threat landscape is evolving at breakneck speed and corporate cyberattack surfaces expand, with many trends and developments kicked into overdrive as a result of the surge in digital transformation investments during and after the COVID-19 pandemic. But the growth of the attack surface often results in a gap between attackers and defenders – across skills,…

Read More
24 Mar

WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!

Information

by Paul Ducklin Security holes in WordPress plugins that could allow other people to poke around your WordPress site are always bad news. Even if all you’re running is a basic setup that doesn’t have customer accounts and doesn’t collect or process any personal information such as names and email addresses… …it’s worrying enough just knowing that someone else might be messing with your content, promoting rogue links, or publishing fake news under your name.…

Read More
24 Mar

Critical flaw in WooCommerce can be used to compromise WordPress websites

Data Breaches, Malware, Social Engineering

WooCommerce, a popular plug-in for running WordPress-based online stores, contains a critical vulnerability that could allow attackers to take over websites. Technical details about the vulnerability have not been published yet, but the WooCommerce team released updates and attackers could reverse-engineer the patch. “Although what we know at this time is limited, what we do know is that the vulnerability allows for unauthenticated administrative takeover of websites,” researchers from web security firm Sucuri said in…

Read More
24 Mar

Tesla Hacked Twice at Pwn2Own Exploit Contest

Information, News

Researchers at French offensive hacking shop Synacktiv have demonstrated a pair of successful exploit chains against Tesla’s newest electric car to take top billing at the annual Pwn2Own software exploitation contest. Pwn2Own organizers confirmed the successful hacks exploited flaws in the Tesla-Gateway and Tesla-Infotainment sub-systems to “fully compromise” a new Tesla Model 3 vehicle. The first Tesla hack, described as a TOCTOU (time-of-check to time-of-use) race condition, earned the hackers a $100,000 cash prize and…

Read More
24 Mar

Bitter APT Targeting Chinese Nuclear Energy Organizations

Attacks, Malware

While largely targeting organizations in the APAC region, this company has also been seen targeting organization in Europe, indicating that they may pivot to compromise organizations worldwide in the future. As the initial compromise in this campaign stems from phishing, the best prevention is to provide adequate user education into the latest phishing campaigns. However, this is not adequate as all it takes is one phishing attachment to slip through the cracks and get executed…

Read More
24 Mar

Watch Out for These Tax Season Scams

Attacks, Malware

The IRS provided excellent tips for protecting against these types of scams: • File early. OK. The ship may have already sort of sailed on this one, but the earlier you file, the less time cybercriminals have to use your identity to commit fraud.• Watch out for phishing and smishing. The IRS won’t send unsolicited emails or texts. Skip the links and attachments and go straight to the IRS or the applicable state and city…

Read More
24 Mar

Decoy Installers Used to Deploy AresLoader by Russian Hacktivists

Attacks, Malware

Some defensive measures can be taken to lessen the likelihood of infection by AresLoader and other malware strains alike, including: 1. Be cautious when downloading and installing software: AresLoader malware is being spread through deceptive software installers, so it’s important to be careful when downloading and installing new software. Only download software from reputable sources and be wary of any installers that look suspicious or untrustworthy. 2. Keep software up to date: Cybercriminals often exploit…

Read More
24 Mar

Cyberpion rebrands as Ionix, offering new EASM visibility improvements

Data Breaches, Malware, Social Engineering

SaaS-based external attack surface management (EASM) company Cyberpion has rebranded as Ionix, at the same time adding a clutch of new cybersecurity capabilities to its namesake offering. Designed to provide a “wider coverage and deeper focus” into its customers’ internet-facing assets and connected dependencies, the revamp of Ionix’s system will feature new abilities such as extending visibility into connected assets and shadow IT, and scoring risks based on possible blast radius. “Along with the rebrand comes…

Read More
24 Mar

Android-based banking Trojan Nexus now available as malware-as-a-service

Data Breaches, Malware, Social Engineering

Italian cybersecurity firm Cleafy has found “Nexus”, a new Android Trojan capable of hijacking online accounts and siphoning funds from them, to be targeting customers from 450 banks and cryptocurrency services worldwide. First observed in June 2022 as a variant of SOVA, another Android banking Trojan, Nexus has since improved targeting capabilities and is available via a malware-as-a-service (MaaS) program for $3000 a month, and allows other attackers to rent or subscribe to the malware…

Read More
24 Mar

IOTW: BreachForums shuts down after FBI arrests its top admin

Attacks, Data Breaches

Notorious dark web hacking forum BreachForums is reportedly shutting down following the arrest of one of its top administrators by the United States’ Federal Bureau of Information (FBI). The administrator of the site, who went by ‘Pompompurin’ on the site and was named as Conor Brian Fitzpatrick by the FBI, was allegedly arrested by the Bureau on March 15 on suspicion of hosting and running the forum. BreachForums was thought to be the reincarnation of…

Read More