CyberSecure Specialist

09 Feb

#StopRansomware – Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities

Attacks, Insights, Malware

Original release date: February 9, 2023 CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Republic of Korea’s Defense Security Agency and National Intelligence Service have released a joint Cybersecurity Advisory (CSA), Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities, to provide information on ransomware activity used by North Korean state-sponsored cyber to target various critical infrastructure sectors, especially Healthcare and Public…

Read More
09 Feb

VulnCheck Raises $3.2M Seed Round for Threat Intel

Information, News

VulnCheck, a Massachusetts startup with ambitious plans in the vulnerability intelligence space, has attracted $3.2 million in seed-stage funding from several prominent investors. The early-stage financing round was led by Sorensen Ventures and included equity stakes for In-Q-Tel, Lux Capital, and Aviso Ventures. Based in Lexington, Mass., VulnCheck is building technology that promises exploit intelligence for vulnerability prioritization and an early-warning system for in-the-wild software exploitation activity. Founded in 2021, VulnCheck is the brainchild of…

Read More
09 Feb

VMware ESXi server ransomware evolves, after recovery script released

Data Breaches, Malware, Social Engineering

After the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released a recovery script for organizations affected by a massive ransomware attack targeting VMWare ESXi servers worldwide, reports surfaced that the malware evolved in a way that made earlier recovery procedures ineffective. The attacks, aimed at VMware’s ESXi bare metal hypervisor, were first made public February 3 by the French Computer Emergency Response Team (CERT-FR), and target ESXi instances running older versions…

Read More
09 Feb

UK/US cybercrime crackdown sees 7 ransomware criminals sanctioned

Data Breaches, Malware, Social Engineering

A UK/US campaign to tackle international cybercrime has seen Seven Russian cybercriminals linked to a notorious ransomware group exposed and sanctioned. The sanctions were announced today by the UK’s Foreign, Commonwealth and Development Office (FCDO) alongside the US Department of the Treasury’s Office of Foreign Assets Control (OFAC). This follows a lengthy investigation by the National Crime Agency (NCA) into the crime group behind Trickbot malware, as well as the Conti and RYUK ransomware strains,…

Read More
09 Feb

HTML smuggling campaigns impersonate well-known brands to deliver malware

Data Breaches, Malware, Social Engineering

Trustwave SpiderLabs researchers have cited an increased prevalence of HTML smuggling activity whereby cybercriminal groups abuse the versatility of HTML in combination with social engineering to distribute malware. The firm has detailed four recent HTML smuggling campaigns attempting to lure users into saving and opening malicious payloads, impersonating well-known brands such as Adobe Acrobat, Google Drive, and the US Postal Service to increase the chances of users falling victim. HTML smuggling uses HTML5 attributes that…

Read More
09 Feb

OpenSSL Releases Security Advisory

Attacks, Insights, Malware

Original release date: February 9, 2023 OpenSSL has released a security advisory to address multiple vulnerabilities affecting OpenSSL versions 3.0.0, 2.2.2, and 1.0.2. An attacker could exploit some of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review the OpenSSL advisory and make the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
09 Feb

What is business email compromise?

Attacks, Data Breaches

In this article, Cyber Security Hub explores how cyber attackers use threat vectors like phishing, social engineering and ransomware to enact business email compromise (BEC). Cybercrime is an ever-growing issue across virtually every industry. Expected to have a global cost as much as US$10trn by 2025, companies must fight to combat malicious actors seeking to gain from cyber attacks against them. Threat actors increasingly use multiple threat vectors during attacks to overwhelm companies and make…

Read More
09 Feb

Yes, CISOs should be concerned about the types of data spy balloons can intercept

Data Breaches, Malware, Social Engineering

The recent kerfuffle surrounding the Chinese surveillance balloon that sailed above Canada and the United States before meeting its demise off the southeastern coast of the United States has tongues wagging and heads scratching in equal measure. While some may write this off as geopolitical shenanigans by China and nothing to fret about, I submit that it is emblematic of a nation-state using all resources available to acquire pieces of information and fill in the…

Read More
09 Feb

How to unleash the power of an effective security engineering team

Data Breaches, Malware, Social Engineering

Security teams are comprised primarily of operations, compliance, and policy-related roles. Security engineering teams, on the other hand, are builders. They build services, automate processes, and streamline deployments to support the core security team and its stakeholders. Security engineering teams are typically made up of software and infrastructure engineers, architects, and product managers. The collective security/security engineering team mindset is also that of a builder, quite different from that of a penetration tester or third-party…

Read More
08 Feb

OpenSSL fixes High Severity data-stealing bug – patch now!

Information

by Paul Ducklin OpenSSL, probably the best-known if not the most widely-used encryption library in the world, has just release a trifecta of security updates. These patches cover the two current open-source versions that the organisation supports for everyone, plus the “old” 1.0.2-version series, where updates are only available to customers who pay for premium support. (Getting into a position where you no longer need to pay for support is probably better for you, even…

Read More