CyberSecure Specialist

25 Jan

Emotet Evolving with New Attack and Evasion Techniques

Attacks, Malware

Keeping Endpoint Detection and Response (EDR) systems up-to-date and properly tuned can help companies identify process injection attacks. To help prevent the macro bypass, companies should limit write access to the default Templates directories for Microsoft Office. The SMB spreader can be detected by collecting a baseline of standard SMB netflow traffic and alerting against deviations from that, though this requires a well-staffed security team. https://thehackernews.com/2023/01/emotet-malware-makes-comeback-with-new.html

Read More
25 Jan

CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software

Attacks, Insights, Malware

Original release date: January 25, 2023 Today, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) Protecting Against Malicious Use of Remote Monitoring and Management Software. The advisory describes a phishing scam in which cyber threat actors maliciously use legitimate remote monitoring and management (RMM) software to steal money from victim bank accounts. CISA encourages network defenders to…

Read More
25 Jan

Top tips for employee cyber security training

Attacks, Data Breaches

In this article, Cyber Security Hub explores the best ways to educate employees on email-based cyber attacks and how to ensure they follow cyber security safety practices.  When surveyed by Cyber Security Hub for its Mid-Year Market report 2022, three in four cyber security experts said email-based threat vectors social engineering and phishing attacks were ‘the most dangerous threat’ to cyber security.  One of the reasons why these threats are so dangerous is because of…

Read More
25 Jan

VMware Releases Security Updates for VMware vRealize Log Insight

Attacks, Insights, Malware

Original release date: January 25, 2023 VMware released security updates to address multiple vulnerabilities in VMware vRealize Log Insight. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0001 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
25 Jan

Chinese threat actor DragonSpark targets East Asian businesses

Data Breaches, Malware, Social Engineering

Organizations in Taiwan, Hong Kong, Singapore, and China have been recently facing attacks from Chinese threat actor DragonSpark. The threat actor was observed using the open-source tool SparkRAT for its attacks, according to a report by SentinelOne.  SparkRAT is multi-platform, feature-rich, and frequently updated with new features, making the remote access Trojan (RAT) attractive to threat actors. DragonSpark was observed using Golang malware that interprets embedded GoLang source code at runtime as a technique for hindering static analysis…

Read More
25 Jan

5 valuable skills your children can learn by playing video games

Information

Gaming can help your children build and sharpen a range of life skills that will stand them in good stead in the future Videogames are now so popular that the number of players worldwide topped 3 billion last year! The boom goes far beyond gaming consoles and the most recognized gaming platforms, such as PlayStation, Xbox or Nintendo, as it reaches across PCs and right into our pockets via our smartphones. From casual gaming to…

Read More
25 Jan

GoTo admits: Customer cloud backups stolen together with decryption key

Information

by Paul Ducklin GoTo is a well-known brand that owns a range of products, including technologies for teleconferencing and webinars, remote access, and password management. If you’ve ever used GoTo Webinar (online meetings and seminars), GoToMyPC (connect and control someone else’s computer for management and support), or LastPass (a password manangement service), you’ve used a product from the GoTo stable. You’ve probably not forgotten the big cybersecurity story over the 2022 Christmas holiday season, when…

Read More
25 Jan

Veterans bring high-value, real-life experience as potential cybersecurity employees

Data Breaches, Malware, Social Engineering

Johanna Wood was an armored crewman with Lord Strathcona’s Horse, a Canadian Army regiment. At first glance, Wood’s military role may seem incompatible with civilian work; there’s not a lot of call for tank operators in private companies. But Wood believes her experience working in tanks gives her a significant edge as she enters the cybersecurity profession. “I was trained in reconnaissance, so I’m already trained to look for threats, I’m already trained to look…

Read More
24 Jan

Learning to Lie: AI Tools Adept at Creating Disinformation

Information, News

Artificial intelligence is writing fiction, making images inspired by Van Gogh and fighting wildfires. Now it’s competing in another endeavor once limited to humans — creating propaganda and disinformation. When researchers asked the online AI chatbot ChatGPT to compose a blog post, news story or essay making the case for a widely debunked claim — that COVID-19 vaccines are unsafe, for example — the site often complied, with results that were regularly indistinguishable from similar…

Read More
24 Jan

CYGNVS exits stealth, trumpeting its cyberattack recovery platform

Data Breaches, Malware, Social Engineering

Cyber recovery startup CYGNVS announced its emergence from stealth today, having raised $55 million in series A funding and created a highly functional “cyber crisis” platform which promises to help organizations recover from major breaches. The company’s product is in its name – CYGNVS says it’s an acronym for Cyber GuidaNce Virtual Space. It’s effectively an all-in-one disaster recovery system for cyberattacks. It provides out-of-band communications between key team members, since corporate networks may become…

Read More