CyberSecure Specialist

30 Jan

Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability

Information, News

A researcher has disclosed the details of a two-factor authentication (2FA) vulnerability that earned him a $27,000 bug bounty from Facebook parent company Meta.  Gtm Manoz of Nepal discovered in September 2022 that a system designed by Meta for confirming a phone number and email address did not have any rate-limiting protection. A fix was rolled out by Meta in October 2022 and the company highlighted Manoz’s findings in its annual bug bounty program report.…

Read More
30 Jan

How to survive below the cybersecurity poverty line

Data Breaches, Malware, Social Engineering

The security poverty line broadly defines a divide between the organizations that have the means and resources to achieve and maintain mature security postures to protect data, and those that do not. It was first coined by cybersecurity expert Wendy Nather in 2011, and the concept is just as relevant today as it was then (if not more so). It has widely become the benchmark for acceptable cybersecurity, often associated with factors such as company…

Read More
30 Jan

Economic headwinds could deepen the cybersecurity skills shortage

Data Breaches, Malware, Social Engineering

According to the most recent research report from ESG and the Information System Security Association International (ISSA), 57% of organizations claim that they’ve been impacted by the global cybersecurity skills shortage, while 44% of organizations believe the skills shortage has gotten worse over the past few years. The result? Increasing workloads on existing cybersecurity staff, job requisitions open for weeks or months, and high burnout rates and attrition for cybersecurity professionals. (ESG and ISSA will update…

Read More
28 Jan

Are you in control of your personal data? – Week in security with Tony Anscombe

Information

Data Privacy Week is a reminder to protect your data – all year round. Here are three privacy-boosting habits you can start today. Every action we  take on the internet generates data that is shared with online services and other parties. It stands to reason, then, that we need to assert control over how much and what kind of personal information we hand over to online services and generally limit the amount of our data…

Read More
28 Jan

SwiftSlicer: New destructive wiper malware strikes Ukraine

Information

Sandworm continues to conduct attacks against carefully chosen targets in the war-torn country ESET researchers have uncovered a new wiper attack in Ukraine that they attribute to the Sandworm APT group. Dubbed SwiftSlicer, the destructive malware was spotted on the network of a targeted organization on January 25th. It was deployed through Group Policy, which suggests that the attackers had taken control of the victim’s Active Directory environment. Some of the wipers spotted by ESET in…

Read More
28 Jan

Hive ransomware servers shut down at last, says FBI

Information

by Naked Security writer Six months ago, according to the US Department of Justice (DOJ), the Federal Bureau of Investigation (FBI) infiltrated the Hive ransomware gang and started “stealing back” the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two associated groups of cybercriminals. These groups often “know” each other only by nicknames, and “meet” only online, using anonymity tools…

Read More
27 Jan

Killnet Targets German Entities with DDoS Attacks

Attacks, Malware

DDoS attacks can have devastating consequences if performed successfully. The use of the internet will not go away, and with the world increasingly going more digital, the likelihood of DDoS attempts will continue to grow. It is important to dedicate resources towards protecting against these types of attacks with a vigilant DDoS mitigation approach. Cyberattacks Target Websites of German Airports, Admin

Read More
27 Jan

Exploit Released for Critical Windows CryptoAPI Spoofing Bug

Attacks, Malware

It is highly recommended to install security patches on all Windows systems in an environment, particularly any that are exposed to the Internet. As vulnerabilities are discovered, maintaining a consistent patching cycle for devices can help reduce attack surface and prevent an environment from being breached. Threat actors have been known to still use fixed vulnerabilities that are months old, due to inconsistent patching among many systems around the world. It is also recommended to…

Read More
27 Jan

U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software

Attacks, Malware

The authoring organizations encourage network defenders to:• Implement best practices to block phishing emails.• Audit remote access tools on your network to identify currently used and/or authorized RMM software.• Review logs for execution of RMM software to detect abnormal use of programs running as a portable executable.• Use security software to detect instances of RMM software only being loaded in memory.• Implement application controls to manage and control execution of software, including allow listing RMM…

Read More
27 Jan

ISC Releases Security Advisories for Multiple Versions of BIND 9

Attacks, Insights, Malware

Original release date: January 27, 2023 The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures. CISA encourages users and administrators to review the following ISC advisories CVE-2022-3094, CVE-2022-3488, CVE-2022-3736, and CVE-2022-3924 and apply the necessary mitigations. This product is provided subject to this Notification and…

Read More