CyberSecure Specialist

13 Feb

Serious Security: GnuTLS follows OpenSSL, fixes timing attack bug

Information

by Paul Ducklin Last week, we wrote about a bunch of memory management bugs that were fixed in the latest security update of the popular OpenSSL encryption library. Along with those memory bugs, we also reported on a bug dubbed CVE-2022-4304: Timing Oracle in RSA Decryption. In this bug, firing the same encrypted message over and over again at a server, but modifying the padding at the end of the data to make the data…

Read More
13 Feb

PLC vulnerabilities can enable deep lateral movement inside OT networks

Data Breaches, Malware, Social Engineering

Threat groups who target operational technology (OT) networks have so far focused their efforts on defeating segmentation layers to reach field controllers such as programmable logic controllers (PLCs) and alter the programs (ladder logic) running on them. However, researchers warn that these controllers should themselves be treated as perimeter devices and flaws in their firmware could enable deep lateral movement through the point-to-point and other non-routable connections they maintain to other low-level devices. To exemplify…

Read More
13 Feb

Play Ransomware Claims A10 Networks as Latest Victim

Attacks, Malware

The full scope of this attack is not yet known, but it is always important to be reminded of some ways to protect against ransomware in the future. Some measures that can be used to reduce the impact or likelihood of an attack include: • Regularly back up data, air gap, and password-protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.•…

Read More
13 Feb

Ransomware Hits Technion Israel Institute of Technology

Attacks, Malware

The previously unknown DarkBit gang appeared only this week, and its location is unknown. However, the attackers gave some indicators about their intentions in the ransom note and on their Telegram and Twitter channels. At first look, DarkBit’s operations appear to be hacktivism because of their opposition to “racism, fascism, and apartheid,” but the group’s goals are more complex. Hackers seek to hold Israel accountable for “war crimes against humanity” and “firing high-skilled experts” while…

Read More
13 Feb

Pepsi Bottling Ventures Suffers Data Breach

Attacks, Malware

The company has added more network security measures in reaction to this event, including changing all company passwords and notifying law enforcement. The organization’s routine activities have been paused for all affected systems while an assessment of potentially impacted documents and procedures is ongoing. The recipients of the breach notices are being offered a one-year free-of-charge identity monitoring service through Kroll to help them prevent identity theft that may occur as a result of the…

Read More
13 Feb

The Lessons From Cyberwar, Cyber-in-War and Ukraine

Information, News

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question the nature of modern warfare and the role of cyber in its operation. Here we will look at the use of cyber in the years leading to the kinetic war, and the use of cyber technology on the modern kinetic battlefield. We need to understand the meaning of cyber and the…

Read More
13 Feb

Hackers attack Israel’s Technion university, demand over $1.7 million in ransom

Data Breaches, Malware, Social Engineering

Israel’s Technion university on Sunday suffered a ransomware attack, which has forced the university to proactively block all communication networks. A new group calling itself DarkBit has claimed responsibility for the attack.   “The Technion is under cyberattack. The scope and nature of the attack are under investigation,” Technion, one of Israel’s top universities, wrote in a Tweet.   Established in 1912, Haifa-based Technion — otherwise known as the Israel Institute of Technology — has become a global pioneer…

Read More
13 Feb

Plan now to avoid a communications failure after a cyberattack

Data Breaches, Malware, Social Engineering

Responses to recent cyber breaches suggest organizations can struggle to get the message right in the midst of an incident. While managing the communications around an incident is outside the direct purview of the CISO, having an existing communications plan in place is an essential element of cyber preparedness. “Communications are a critical component of a good cyber strategy, and it should be prepared and practiced in organizations before an incident occurs,” says Eden Winokur,…

Read More
11 Feb

Key findings from the latest ESET Threat Report – Week in security with Tony Anscombe

Information

What is behind the drop in ransomware and what should still be done for containing the ransomware scourge? Ransomware detections fell by 20% between 2021 and 2022, according to ESET’s latest Threat Report. What is behind the drop, why is ransomware still a huge problem, and what has yet to be done before the ransomware scourge is contained? Watch the video to learn not just about the latest trends in ransomware, but also about, for…

Read More
11 Feb

US Blacklists 6 Chinese Entities Over Balloon Program

Information, News

The United States on Friday blacklisted six Chinese entities it said were linked to Beijing’s aerospace programs as part of its retaliation over an alleged Chinese spy balloon that traversed U.S. airspace. The economic restrictions followed the Biden administration’s pledge to consider broader efforts to address Chinese surveillance activities and will make it more difficult for the five companies and one research institute to obtain American technology exports. The move is likely to further escalate…

Read More