CyberSecure Specialist

14 Feb

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Attacks, Insights, Malware

Original release date: February 14, 2023 CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01:…

Read More
14 Feb

Microsoft Releases February 2023 Security Updates

Attacks, Insights, Malware

Original release date: February 14, 2023 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s February 2023 Security Update Guide and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
14 Feb

Apple Deploys Patch Fixing Actively-Exploited WebKit Vulnerability

Attacks, Malware

Companies are highly encouraged to patch as soon as their change management procedures allow. It’s possible that threat actors using this exploit currently will ramp up deployment in an effort to compromise devices before they get patched. Additionally, analysts should look for suspicious processes and activity stemming from Safari, pending further information from Apple about the specifics of the exploit, as far back as their logging allows. https://www.bleepingcomputer.com/news/security/apple-fixes-new-webkit-zero-day-exploited-to-hack-iphones-macs/

Read More
14 Feb

Mortal Kombat Ransomware Targeting US Victims

Attacks, Malware

This group is clearly financially motivated, using the ransomware as one way to target victims and encrypt files for extortion, in addition to exploiting the chance to steal cryptocurrency. Talos analysts assess that this particular ransomware isn’t very sophisticated as it will target system files and applications too, which are commonly avoided to prevent the system from becoming unstable. A victim will know they are infected because their wallpaper will change to a Mortal Kombat…

Read More
14 Feb

Stealthy ‘Beep’ Malware Discovered

Attacks, Malware

Although Beep’s functionality is currently limited, it’s clear that the developers have high ambitions for a variety of functionality. While the evasion tactics used in Beep are plentiful, they generally center around avoiding anti-virus, and being difficult to reverse engineer. Behavioral analysis can still provide great value in detecting threats such as this. It’s important to have a defense-in-depth program which includes proactive threat hunting of post compromise activities in order to combat emerging threats…

Read More
14 Feb

EnterpriseDB adds Transparent Data Encryption to PostgreSQL

Data Breaches, Malware, Social Engineering

Relational database provider EnterpriseDB on Tuesday said that it was adding Transparent Data Encryption (TDE) to its databases, which are based on open-source PostgreSQL.   TDE, which is used by Oracle and Microsoft, is a method of encrypting database files in order to ensure security of data while at rest and in motion. It helps ensure that  data on the hard drive as well as files on backup are encrypted, the company said in a…

Read More
14 Feb

We are less than a year away from a cyber attack credited to ChatGPT

Attacks, Data Breaches

Jonathan Jackson, director of sales engineering APJ at BlackBerry Cybersecurity, writes about why cyber attacks linked to artificial intelligence are inevitable. ChatGPT has answers for almost everything, but there is one answer we may not know for a while: will its unintended consequences for cyber security turn this tool into a genie that its creators regret taking out of the bottle? BlackBerry surveyed 1,500 IT decision makers across North America, the UK and Australia and…

Read More
14 Feb

Open Systems launches Ontinue MDR division, new MXDR service Ontinue ION

Data Breaches, Malware, Social Engineering

Managed security services provider Open Systems has announced the launch of Ontinue, a new managed detection and response (MDR) division. It has also unveiled a new managed extended detection and response (MXDR) service, Ontinue ION, along with a new add-on service called Managed Vulnerability Mitigation (MVM). Ontinue ION offers advanced capabilities that enable faster detection and response, a deeper understanding of a customer’s environment and the ability to maximize Microsoft security investments for greater efficiency,…

Read More
14 Feb

Expel announces MDR for Kubernetes with MITRE ATT&CK framework alignment

Data Breaches, Malware, Social Engineering

Security operations provider Expel has announced the general availability of Expel managed detection and response (MDR) for Kubernetes. The firm said the product enables customers to secure their business across their Kubernetes environment and adopt new technologies at scale without being hindered by security concerns. It has also been designed to align with the MITRE ATT&CK framework to help teams remediate threats and improve resilience, Expel added. Kubernetes is an open-source orchestration system that relies…

Read More
14 Feb

Measuring cybersecurity: The what, why, and how

Data Breaches, Malware, Social Engineering

A core pillar of a mature cyber risk program is the ability to measure, analyze, and report cybersecurity threats and performance. That said, measuring cybersecurity is not easy. On one hand business leaders struggle to understand information risk (because they usually are from a non-cyber background), while on the other, security practitioners get caught up in too much technical detail which ends up confusing, misinforming, or misleading stakeholders. In an ideal scenario, security practitioners must…

Read More