CyberSecure Specialist

13 Mar

Blackbaud penalized $3M for not disclosing the full scope of ransomware attack

Data Breaches, Malware, Social Engineering

Software firm Blackbaud has agreed to pay a $3 million penalty for failing to disclose the full scope of the ransomware attack it suffered in 2020, according to the US Securities and Exchange Commission (SEC). South Carolina headquartered Blackbaud provides donor relationship management software to various non-profit organizations, including charities, higher education institutions, K-12 schools, healthcare organizations, religious organizations, and cultural organizations. The company detected unauthorized access to its systems on May 14, 2020, which…

Read More
13 Mar

6 reasons why your anti-phishing strategy isn’t working

Data Breaches, Malware, Social Engineering

Phishing attempts are typically like fishing in a barrel — given enough time, a bad actor is 100% likely to reel in a victim. Once they recognize organizations as habitually vulnerable, they will continue to target them and the barrel-fishing cycle goes on and on. “Bad actors are highly motivated and funded with the sole attempt to be successful at attracting only one victim,” says Johanna Baum, CEO and founder of Strategic Security Solutions Consulting.…

Read More
11 Mar

Cyber Madness Bracket Challenge – Register to Play

Information, News

As bracket-mania sweeps across the country for the 2023 NCAA Men’s Basketball Tournament, commonly referred to as “March Madness,” SecurityWeek will host its own “Cyber Madness” bracket challenge for those in the cybersecurity community to compete for a chance to win great prizes, earn bragging rights, and have some fun!  SecurityWeek’s Cyber Madness Bracket Challenge is a contest designed to bring the community together in a fun, competitive way through one of America’s top sporting…

Read More
11 Mar

Common WhatsApp scams and how to avoid them

Information

Here’s a roundup of some of the most common tricks that fraudsters use to dupe their victims on WhatsApp – and what you can do to protect yourself against them. With more than two billion users, WhatsApp offers a vast pool of potential targets for scammers. To make things more complicated, fraudsters aren’t known for resting on their laurels – instead, they’re learning new and sophisticated social engineering skills to entrap us in their trickery.…

Read More
11 Mar

APT hackers set a honeytrap to ensnare victims – Week in security with Tony Anscombe

Information

A request to move an online conversation to a supposedly more secure platform may not be as well-meaning as it sounds Have you ever been asked to move an online conversation to another – and supposedly more secure – platform? This technique, often used by romance scammers, was recently used against a number of Indian and Pakistani netizens, possibly with a military or political background. The targeted campaign – courtesy of the Transparent Tribe APT…

Read More
11 Mar

SHEIN shopping app goes rogue, grabs price and URL data from your clipboard

Information

by Paul Ducklin Chinese “fast fashion” brand SHEIN is no stranger to controversy, not least because of a 2018 data breach that its then-parent company Zoetop failed to spot, let alone to stop, and then handled dishonestly. As Letitia James, Attorney General of the State of New York, said in a statement at the end of 2022: SHEIN and [sister brand] ROMWE’s weak digital security measures made it easy for hackers to shoplift consumers’ personal…

Read More
11 Mar

CISA has added two new…

Attacks, Insights, Malware

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2020-5741 Plex Media Server Remote Code Execution Vulnerability CVE-2021-39144 XStream Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates. Binding Operational…

Read More
10 Mar

IceFire Ransomware Now Encrypts Both Linux and Windows Systems

Attacks, Malware

This new encryptor demonstrates the shift of many threat actors to target Linux systems. It is necessary for organizations to pivot to ensure that their Linux devices are adequately covered by behavioral as well as signature-based detections. One way that this could be done is by looking for a large number of file renames in quick succession, although this detection would be at the end of the kill chain. Overall, it is best to ensure…

Read More
10 Mar

Business Email Compromise (BEC) Attacks Only Take Hours According to Microsoft

Attacks, Malware

To prevent BEC attacks, Microsoft recommends implementing security measures such as two-factor authentication, using machine learning to identify suspicious activity, and educating employees about the risks and warning signs of BEC attacks. The report also emphasizes the importance of swift action when an attack is detected, as time is a critical factor in preventing further damage. Source: https://www.bleepingcomputer.com/news/security/microsoft-business-email-compromise-attacks-can-take-just-hours/

Read More
10 Mar

Xenomorph Android Malware Now Steals Banking Data

Attacks, Malware

Considering its current distribution channel, the Zombinder, users should be cautious with apps they install from Google Play, read reviews, and run background checks on the publisher. Generally, it is advisable to keep the number of apps running on your phone to the minimum possible and only install apps from known and trustworthy vendors. Source: https://www.bleepingcomputer.com/news/security/xenomorph-android-malware-now-steals-data-from-400-banks/

Read More