CyberSecure Specialist

02 Mar

Why healthcare providers are focusing on cyber resilience

Attacks, Data Breaches

The healthcare industry, especially within the Asia-Pacific region, has been the victim of a number of cyber attacks and data breaches within the last six months alone. In just one attack against Australian healthcare and insurance provider Medibank, the personal information of 9.7 million people was stolen and thousands had their private medical details posted online. In this exclusive interview, Cyber Security Hub speaks with Jojo Nufable, group IT infrastructure and cyber security head at…

Read More
02 Mar

Best and worst data breach responses highlight the do’s and don’ts of IR

Data Breaches, Malware, Social Engineering

In theory, enterprises should not only have security measures in place to prevent a data breach but should also have detailed plans for a response in the event of a breach. And they should periodically conduct drills to test those plans. Industry-wide best practices for incident response are well established. “In general, you want breach responses to be fairly timely, transparent, communicate with victims in a timely manner, prevent further harm to victims as best as…

Read More
02 Mar

BlackLotus UEFI bootkit: Myth confirmed

Information

The first in-the-wild UEFI bootkit bypassing UEFI Secure Boot on fully updated UEFI systems is now a reality The number of UEFI vulnerabilities discovered in recent years and the failures in patching them or revoking vulnerable binaries within a reasonable time window hasn’t gone unnoticed by threat actors. As a result, the first publicly known UEFI bootkit bypassing the essential platform security feature – UEFI Secure Boot – is now a reality. In this blogpost…

Read More
01 Mar

Internet Access, Privacy ‘Essential for Freedom’: Proton Chief

Information, News

Internet privacy company Proton can spot attacks on democracy in a country before they hit the headlines, simply by watching demand for its services explode, its chief told AFP. When Russia blocked access to independent news sites following its invasion of Ukraine a year ago, the small company which provides virtual private networks (VPNs) saw “a 9,000 percent increase in sign-ups over just a period of a few days”, company chief executive Andy Yen said…

Read More
01 Mar

Parallax RAT Hiding in Legitimate Processes

Attacks, Malware

Phishing continues to be a popular method of initial access for threat actors. The effectiveness of phishing attacks, when paired with increasingly popular evasion techniques such as process injection and process hollowing, create a dangerous combination. These types of attacks will likely continue to grow in popularity due to the accessibility of closed source tools like this. They also serve to highlight the importance of a mature detection program that can respond to complex attacks…

Read More
01 Mar

Cyber Attackers Shift Tactics for Maximum Impact

Attacks, Malware

The first step to secure IoT devices is knowing what is connected. This includes using a device identification and discovery tool that automates three critical IoT security functions: • Automatically and continuously detects, profiles, and classifies IoT devices on the network.• Maintains a real-time inventory of devices.• Provides relevant risk insights for each of these asset classes by continuously monitoring across attack vectors. By following these industry best practices for IoT security and adopting leading-edge…

Read More
01 Mar

CISA Warns of ZK Java Framework RCE Flaw Being Exploited in the Wild

Attacks, Malware

While this vulnerability was patched nearly a year ago, it is still being actively exploited in many organizations. This demonstrates the need for two key functions in any organization – threat intelligence and a patching schedule. Adequate threat intelligence is needed in an organization for a variety of different reasons, but one key reason is to ensure that the organization is made aware of any vulnerabilities that have been released in a timely manner. Threat…

Read More
01 Mar

BlackLotus bootkit can bypass Windows 11 Secure Boot: ESET

Data Breaches, Malware, Social Engineering

A Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus is found to be capable of bypassing an essential platform security feature, UEFI Secure Boot, according to researchers from Slovakia-based cybersecurity firm ESET. BlackLotus uses an old vulnerability and can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled, the researchers found. UEFI Secure Boot is a feature of the UEFI firmware, which is a successor to the traditional BIOS (Basic Input/Output System)…

Read More
01 Mar

Top 10 open source software risks for 2023

Data Breaches, Malware, Social Engineering

Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. The other major open source software risks, according to the report, include unmaintained software, outdated software, untracked dependencies, license risk, immature software, unapproved changes, and under/oversized dependency. Almost 80% of code in modern applications is code that relies on open source packages. While open…

Read More
01 Mar

How security leaders can effectively manage Gen Z staff

Data Breaches, Malware, Social Engineering

In 2022, I started a podcast aimed at converting more Gen Z to seek careers in cybersecurity. In doing so, I had to educate myself on what they value and realized the many differences between Gen Z and previous generations. Gen Z refers to those born between mid-to-late 1990s and 2010, making them between the ages of 11 and 28. This means they grew up experiencing a much faster rate in which technology evolves. The…

Read More