CyberSecure Specialist

27 Feb

White House: No More TikTok on Gov’t Devices Within 30 Days

Information, News

The White House is giving all federal agencies 30 days to wipe TikTok off all government devices, as the Chinese-owned social media app comes under increasing scrutiny in Washington over security concerns. The Office of Management and Budget calls the guidance, issued Monday, a “critical step forward in addressing the risks presented by the app to sensitive government data.” Some agencies, including the Departments of Defense, Homeland Security and State, already have restrictions in place;…

Read More
27 Feb

PureCrypter Malware Hits Government Orgs with Ransomware, Info-Stealers

Attacks, Malware

To protect against attacks such as this, organizations should:• Configure email clients to notify users when emails originate from outside the organization.• Focus on cyber security awareness and training.• Regularly provide users with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities.• Ensure Office applications are configured to disable all macros without notification.• Pay special attention to warning notifications in email clients and Office applications.• Implement monitoring of…

Read More
27 Feb

Stanford University Suffers Data Breach

Attacks, Malware

Individuals who were affected by this incident should consider following these steps: 1. Take advantage of the identity theft protection services offered by the university. This will help monitor any suspicious activity related to personal information.2. Monitor financial accounts and credit reports regularly. Look for any unauthorized activity or changes to credit reports that aren’t recognized.3. Change passwords for any accounts that use the same password as the Stanford University account. Use strong, unique passwords…

Read More
27 Feb

PlugX Trojan Masked as Legitimate Windows Debugger Tool

Attacks, Malware

The hijacking of x64dbg to load PlugX was discovered last month by Palo Alto Networks Unit 42, which discovered a new variant of the malware that hides malicious files on removable USB devices to propagate the infection to other Windows hosts. Persistence is achieved by changing the Windows Registry and setting up scheduled processes to maintain access. Trend Micro’s analysis also revealed the use of x32dbg.exe to deploy a backdoor, a User Datagram Protocol (UDP)…

Read More
27 Feb

Cybersecurity in wartime: how Ukraine’s infosec community is coping

Data Breaches, Malware, Social Engineering

Whenever shells rain down on Ukraine, Yuriy Gatupov’s colleagues put a ‘+’ sign in a chat room. Then, the pluses are counted. “We check if everybody is alive,” he says. Gatupov, the owner of two cybersecurity companies, says it is vital to stay connected during a time of war. With Russia now controlling around 18% of Ukraine’s territory including Donbas and Crimea, tech workers face formidable challenges. Air raid sirens blast all the time. Explosions…

Read More
27 Feb

Beware rogue 2FA apps in App Store and Google Play – don’t get hacked!

Information, Malware

by Paul Ducklin Thanks to Tommy Mysk and Talal Haj Bakry of @mysk_co for the impetus and information behind this article. The duo describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not taking application or operating system security features for granted, but keeping their own eyes on how those features work in…

Read More
26 Feb

When Low-Tech Hacks Cause High-Impact Breaches

Information, Insights

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group.  But it’s worth revisiting how this group typically got in to targeted companies: By calling employees…

Read More
25 Feb

A year of wiper attacks in Ukraine

Information

ESET Research has compiled a timeline of cyberattacks that used wiper malware and have occurred since Russia’s invasion of Ukraine in 2022 This blogpost presents a compiled overview of the disruptive wiper attacks that we have observed in Ukraine since the beginning of 2022, shortly before the Russian military invasion started. We were able to attribute the majority of these attacks to Sandworm, with varying degrees of confidence. The compilation includes attacks seen by ESET,…

Read More
25 Feb

One year on, how is the war playing out in cyberspace? – Week in security with Tony Anscombe

Information

With the conflict in Ukraine passing the one-year mark, have its cyber-war elements turned out as expected? It’s been twelve months since Russia invaded Ukraine, and it’s a good time to pause and reflect on a few pertinent issues, including: How is the war playing out in cyberspace? Have the cyber-elements turned out as expected? More broadly, why is cyber a significant component of modern warfare? Importantly, make sure to check out our timeline of…

Read More
24 Feb

US warns of cyberattacks by Russia on anniversary of Ukraine war

Data Breaches, Malware, Social Engineering

The US Cybersecurity and Infrastructure Security Agency has issued an advisory urging organizations to increase cybersecurity vigilance today, the anniversary of Russia’s invasion of Ukraine, in the wake of a cyberattack against several Ukrainian government websites. “The United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord,” the CISA advisory said. The cyberattack in Ukraine, detected yesterday, hit the websites of a number…

Read More