CyberSecure Specialist

24 Feb

A Year of Conflict: Cybersecurity Industry Assesses Impact of Russia-Ukraine War

Information, News

Marking the first anniversary of Russia’s war against Ukraine, several cybersecurity companies have published reports summarizing the impact of various types of cyber operations, just as the United States has issued a fresh warning for the West.  In the weeks before and immediately after Russia launched its war against Ukraine on February 24, 2022, Russia appeared to intensify its attacks in cyberspace, with distributed denial-of-service (DDoS) attacks, disruptive wiper malware, and misinformation campaigns.  While everyone…

Read More
24 Feb

11 Countries Take Part in Military Cyberwarfare Exercise

Information, News

The biggest military cyberwarfare exercise in Western Europe took place recently in Estonia. A total of 34 teams from 11 countries took part in a live-fire cyber battle.  Countries such as the US, UK, Japan, India, Italy, Estonia, Ukraine, Ghana, Kenya and Oman were represented by 750 experts at the Defence Cyber Marvel 2 (DCM2) exercise. Many of them participated remotely.  The seven-day event, led by the British Army, tested the response of participants to…

Read More
24 Feb

Edgio adds advanced DDoS protection with other WAAP enhancements

Data Breaches, Malware, Social Engineering

Content delivery network (CDN) service provider Edgio has added a new Distributed Denial of Service (DDoS) scrubbing ability along with improved Web Application and API Interface (WAAP) to its network security offering. Designed to reduce severe damages from sophisticated DDoS attacks, Edgio’s scrubbing solution impersonates the customer’s network by routing the customer’s IP traffic through its scrubbing point-of-presence (PoP) and only sending the “clean” traffic back to the customer’s infrastructure, according to Richard Yew, senior…

Read More
24 Feb

WinorDLL64: A backdoor from the vast Lazarus arsenal?

Information

The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous North Korea-aligned APT group ESET researchers have discovered one of the payloads of the Wslink downloader that we uncovered back in 2021. We named this payload WinorDLL64 based on its filename WinorDLL64.dll. Wslink, which had the filename WinorLoaderDLL64.dll, is a loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in…

Read More
24 Feb

S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]

Information, Malware

by Paul Ducklin LEARNING FROM OTHERS The first search warrant for computer storage. GoDaddy breach. Twitter surprise. Coinbase kerfuffle. The hidden cost of success. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or…

Read More
23 Feb

Companies urged to patch critical vulnerability in Fortinet FortiNAC

Data Breaches, Malware, Social Engineering

Proof-of-concept exploit code is now available for a critical vulnerability in Fortinet FortiNAC appliances and attackers have already started using it in the wild. Users are advised to patch their systems as soon as possible. FortiNAC is a zero-trust network access solution that can be deployed both as a hardware device or as a virtual machine appliance. It is used for network segmentation, visibility, and control of devices and users connected to the network. As…

Read More
23 Feb

At least one open source vulnerability found in 84% of code bases: Report

Data Breaches, Malware, Social Engineering

At a time when almost all software contains open source code, at least one known open source vulnerability was detected in 84% of all commercial and proprietary code bases examined by researchers at application security company Synopsys. In addition, 48% of all code bases analyzed by Synopsys researchers contained high-risk vulnerabilities, which are those that have been actively exploited, already have documented proof-of-concept exploits, or are classified as remote code execution vulnerabilities.  The vulnerability data…

Read More
23 Feb

Russian Authorities Claim Ukraine Hackers Are Behind Fake Missile Strike Alerts

Attacks, Malware

Although no one has claimed responsibility for the attack, if one actually took place, it is likely it was carried out by a pro-Ukrainian hacktivist group. Hacktivist groups have carried out multiple attacks on behalf of both Ukraine and Russia over the course of the conflict. Even though President Putin continues to erroneously blame the West and Ukraine for Russia’s invasion, multiple reports identified Russian backed cyber-attacks on Ukrainian organizations in the months leading up…

Read More
23 Feb

New S1deload Malware Hijacking Users’ Social Media Accounts and Mining Cryptocurrency

Attacks, Malware

Social media sites like Facebook are common vectors for threat actors to spread malware. Due to this, it is highly recommended to avoid downloading files from social media sites, particularly in cases where the source is unknown or untrusted. Even from known sources, it is recommended to carefully vet any links or files that are shared, as the source could be compromised. It is also recommended to maintain good endpoint security controls on all devices…

Read More
23 Feb

Ransomware Attack Affects Operations at Dole

Attacks, Malware

This situation highlights the potential impact of cyber attacks on the food supply chain, which is a critical infrastructure that requires secure and resilient systems. The disruption of food supplies can have severe consequences for public health and safety, as well as economic and social stability. The continuance of ransomware attacks against businesses that are part of critical infrastructure emphasizes the need for organizations to continue to invest in cybersecurity and risk management processes, people,…

Read More