CyberSecure Specialist

01 Feb

JD Sports data breach affects 10 million customers

Attacks, Data Breaches

British sports clothing retailer JD Sports has reported a data breach that has affected more than 10 million customers. The retailer said on January 30 that the data breach occurred after a malicious party gained unauthorized access to a system containing customer data relating to orders placed between November 2018 and October 2020. This included orders from other JD Sports group companies including JD, Blacks, Size?, Scotts, Millets and MilletSport. JD Sports told the London…

Read More
01 Feb

Dutch, European Hospitals ‘Hit by Pro-Russian Hackers’

Information, News

Dutch cyber authorities said Wednesday that several hospital websites in the Netherlands and Europe were likely targeted by a pro-Kremlin hacking group because of their countries’ support for Ukraine. The UMCG hospital in the northern Dutch city of Groningen, one of the largest in the country, saw its website crash in a cyberattack on Saturday. “European hospitals including in the Netherlands have most likely been hit by the pro-Russian hacking group Killnet,” said the Dutch…

Read More
01 Feb

Misconfiguration and vulnerabilities biggest risks in cloud security: Report

Data Breaches, Malware, Social Engineering

The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig.  While zero trust is a top priority, data showed that least privilege access rights, an underpinning of zero trust architecture, are not properly enforced. Almost 90% of granted permissions are not used, which leaves many opportunities for attackers who steal credentials, the report noted.  The data…

Read More
01 Feb

Phishing Resistance – Protecting the Keys to Your Kingdom

Insights

Credit: Shutterstock If you own a computer, watch the news, or spend virtually any time online these days you have probably heard the term “phishing.” Never in a positive context…and possibly because you have been a victim yourself. Phishing refers to a variety of attacks that are intended to convince you to forfeit sensitive data to an imposter. These attacks can take a number of different forms; from spear-phishing (which targets a specific individual within…

Read More
01 Feb

US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy

Data Breaches, Malware, Social Engineering

The US Department of Justice (DOJ) has taken a carrot-and-stick approach to its corporate enforcement policy in regard to the Foreign Corrupt Practices Act (FCPA) in an effort to entice companies to self-report when in violation of the FCPA. Assistant Attorney General Kenneth A. Polite, Jr., shared the 2022 success of the Criminal Division of the DOJ in its pursuit of corrupt and criminal activities within corporations that “threaten the public safety and national security, [and] wrongfully…

Read More
01 Feb

Why you might not be done with your January Microsoft security patches

Data Breaches, Malware, Social Engineering

The January patching window for your firm has probably come and gone. But has it? While January included a huge release of patches, several releases in other months have provided more than one headache for the patch management community. These are the patches and updates you need to evaluate if you haven’t already done so. BitLocker Security Feature Bypass Vulnerability In January, additional information came out about CVE-2022-41099, the BitLocker Security Feature Bypass Vulnerability. If…

Read More
31 Jan

United States No Fly List Shared on Hacking Forum

Attacks, Malware

This list has always been kept away from the public eye. Now that it has been posted publicly and released, the U.S. government and TSA have all began investigation into the leak and into the threat actor behind the leak. The threat actor took their attack one step further by claiming to have pivoted from the AWS server into gaining access to more critical systems that would allow them to delay or cancel flights. Air…

Read More
31 Jan

Copycat Group Mimicking LockBit in Northern Europe

Attacks, Malware

To protect against ransomware attacks, organizations should:• Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion• Implement network segmentation.• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location.• Install updates/patch operating systems, software, and firmware as soon as possible.• Implement monitoring of security events on…

Read More
31 Jan

Exploit for VMware vRealize to be Released

Attacks, Malware

The VMware patch for vRealize is available now, and system administrators should update the software as soon as possible. Ensuring that vRealize is not exposed to the internet is also an important factor to consider. Below are the version details for the software patch: • VMware vRealize Log Insight◦ Fixed version: 8.10.2• VMware Cloud Foundation (VMware vRealize Log Insight)◦ Fixed Version: KB90668IOCs for potential exploitation of this vulnerability can be found here: https://www.horizon3.ai/vmware-vrealize-cve-2022-31706-iocs/ https://www.bleepingcomputer.com/news/security/researchers-to-release-vmware-vrealize-log-rce-exploit-patch-now/

Read More
31 Jan

Serious Security: The Samba logon bug caused by outdated crypto

Information

by Paul Ducklin Samba, simply put, is a super-useful, mega-popular, open-source reimplementation of the networking protocols used in Microsoft Windows, and its historical importance in internetworking (connecting two different sorts of network together) cannot be underestimated. In the late 1990s, Microsoft networking shed its opaque, proprietary nature and became an open standard known as CIFS, short for common internet file system. But there was nothing “common” or “open” about it in the early 1990s, when…

Read More