CyberSecure Specialist

22 Jan

FBI Chief Says He’s ‘Deeply concerned’ by China’s AI Program

Information, News

FBI Director Christopher Wray said Thursday that he was “deeply concerned” about the Chinese government’s artificial intelligence program, asserting that it was “not constrained by the rule of law.” Speaking during a panel session at the World Economic Forum in Davos, Switzerland, Wray said Beijing’s AI ambitions were “built on top of massive troves of intellectual property and sensitive data that they’ve stolen over the years.” He said that left unchecked, China could use artificial…

Read More
21 Jan

Ransomware payments down 40% in 2022 – Week in security with Tony Anscombe

Information

Ransomware revenue plunges to $456 million in 2022 as more victims refuse to pay up. Here’s what to make of the trend. Ransomware gangs extorted at least $456 million from victims in 2022, which represents a drop of 40 percent from$765 million the year prior, according to research by Chainalysis. Couple this with a fall of 24 percent in ransomware detections between May and August of 2022 as recorded by ESET Threat Report T2 2022.…

Read More
21 Jan

T-Mobile admits to 37,000,000 customer records stolen by “bad actor”

Information

by Paul Ducklin US mobile phone provider T-Mobile has just admitted to getting hacked, in a filing known as an 8-K that was submitted to the Securities and Exchange Commission (SEC) yesterday, 2023-01-19. The 8-K form is described by the SEC itself as “the ‘current report’ companies must file […] to announce major events that shareholders should know about.” These major events include issues such as bankruptcy or receivership (item 1.03), mine safety violations (item…

Read More
20 Jan

Drupal Releases Security Advisories to Address Multiple Vulnerabilities

Attacks, Insights, Malware

Original release date: January 20, 2023 Drupal has released security advisories to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to access sensitive information. CISA encourages users and administrators to review Drupal’s security advisories SA-CORE-2023-001, SA-CONTRIB-2023-002, SA-CONTRIB-2023-003, and SA-CONTRIB-2023-004 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
20 Jan

Wallarm touts API leak protection with new scanning feature

Data Breaches, Malware, Social Engineering

API security company Wallarm announced Frdiay that it had opened a preview period for its newest offering — an active scanning system that checks through public sources of compromised API data, alerts users, and provides automated responses if a compromise is detected. The API Leak Protection feature, which will be deployed via Wallarm’s existing End-to-End API Security platform, takes advantage of that platform’s inventory of a given organization’s APIs. The system checks those APIs against…

Read More
20 Jan

Cisco Releases Security Advisory for Unified CM and Unified CM SME

Attacks, Insights, Malware

Original release date: January 20, 2023 Cisco released a security advisory for a vulnerability affecting Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the advisories and apply the necessary updates. This product is provided subject to…

Read More
20 Jan

New ‘Hook’ Android Malware Lets Hackers Remotely Control Devices

Attacks, Malware

Android apps are constantly being used by threat actors because of the availability of third-party app stores and the lack of strict app guidelines for apps published within those stores. Android users should only download apps through the official Google Play Store and only from trusted developers. https://www.bleepingcomputer.com/news/security/new-hook-android-malware-lets-hackers-remotely-control-your-phone/

Read More
20 Jan

T-Mobile Reports Another Data breach

Attacks, Malware

Even though the data stolen in the breach did not include sensitive information, the stolen data could still be used to carry out attacks if used in conjunction with other publicly available data. The company has stated that the malicious activity has been contained at this point for this attack. Whenever a customer is notified by a company of a data breach, they should ensure they are taking the proper steps to protect themselves including…

Read More
20 Jan

New Boldmove Malware Used to Backdoor Fortinet Devices

Attacks, Malware

BOLDMOVE demonstrates the value of two key things – patching and a defense in depth strategy. As this malware spreads primarily through FortiOS devices, which contain minimal logging capabilities, it can go undetected for large periods of time. Patching, however, would mitigate the threat as the systems would not be vulnerable in the first place. With up to date patching, this malware cannot spread unchecked throughout the environment, making it the best defense against this…

Read More
20 Jan

In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences

Information, News

Cloud risk management and threat detection firm Rapid7 warns that it has seen organizations being compromised in attacks exploiting a recently patched Zoho ManageEngine vulnerability. Tracked as CVE-2022-47966, the security defect exists in a third-party dependency (Apache xmlsec, also known as XML Security for Java, version 1.4.1), allowing attackers to execute arbitrary code remotely without authentication. Deemed ‘critical severity’, the issue was brought to light in November 2022, when Zoho announced that patches were released…

Read More