CyberSecure Specialist

19 Jan

Many ICS flaws remain unpatched as attacks against critical infrastructure rise

Data Breaches, Malware, Social Engineering

Patching vulnerabilities in industrial environments has always been challenging due to interoperability concerns, strict uptime requirements, and sometimes the age of devices. According to a recent analysis, a third of vulnerabilities don’t even have patches or remediations available. Out of 926 CVEs — unique vulnerability identifiers — that were included in ICS advisories from the US Cybersecurity and Infrastructure Security Agency (CISA) during the second half of 2022, 35% had no patch or remediation available…

Read More
19 Jan

IOTW: Mailchimp suffers another social engineering attack

Attacks, Data Breaches

Marketing automation company Mailchimp has reported that it has been the victim of a social engineering attack-related data breach. This marks the second attack of this kind the company has suffered in less than a year.  The breach took place on January 11 and, according to Mailchimp, involved an “unauthorized actor accessing one of [the] tools used by Mailchimp customer-facing teams for customer support and account administration”.   Following this, the malicious actor launched social engineering…

Read More
19 Jan

Chinese hackers targeted Iranian government entities for months: Report

Data Breaches, Malware, Social Engineering

Chinese advanced persistent threat actor, Playful Taurus, targeted several Iranian government entities between July and December 2022, according to a Palo Alto Networks report.  The Chinese threat actor also known as APT15, KeChang, NICKEL, BackdoorDiplomacy, and Vixen Panda, was observed attempting to connect government domains to malware infrastructure previously associated with the APT group, according to the report. “Playful Taurus continues to evolve their tactics and their tooling. Recent upgrades to the Turian backdoor and…

Read More
19 Jan

How CISOs can manage the cybersecurity of high-level executives

Data Breaches, Malware, Social Engineering

High-level executives, including board members and C-level executives, often have access to sensitive information, making them prime targets for bad actors looking to penetrate corporate defenses. Their personal devices, among other points of entry, are glaring attack vectors for cybercriminals looking to get in on the top floor. As CISOs know, cyber incidents all too often include the human element—and executives are all too human. According to the Verizon 2022 Data Breach Investigations Report, 82% of…

Read More
19 Jan

Top 10 Venmo scams – and how to stay safe

Information

Don’t be the next victim – here’s what to know about some of the most common tricks that scammers use on the payment app Today’s consumers have a wealth of choice when it comes to paying and sending money online. A range of slick digital payment apps have emerged over recent years to make the whole process as seamless as possible for end users. But they’re not the only ones who are winning. Unfortunately, scammers…

Read More
18 Jan

QuSecure launches quantum-computing based security for endpoints

Data Breaches, Malware, Social Engineering

QuSecure, a quantum-computing technology company based in Silicon Valley, today announced the latest version of its security platform, called QuEverywhere — designed to allow organizations to extend quantum-safe security all the way to endpoints like laptops and smartphones, the company said in a statement. QuEverywhere, according to the company, is an app- or browser-based method of applying quantum cryptography to connections or transactions on a given platform. It’s based largely on the company’s proxy server…

Read More
18 Jan

Severe Git RCE Vulnerabilities Receive Patch

Attacks, Malware

The most effective way of mitigating these vulnerabilities is by upgrading to the latest Git release. In the event that upgrading Git is not possible, CVE-2022-41903 can be mitigated by: • Disabling ‘git archive’ in untrusted repositories or avoid running the command on untrusted repos• If ‘git archive’ is exposed via ‘git daemon,’ disable it when working with untrusted repositories by running the ‘git config –global daemon.uploadArch false’ command https://www.bleepingcomputer.com/news/security/git-patches-two-critical-remote-code-execution-security-flaws/

Read More
18 Jan

Avast Releases Free BianLian Ransomware Decryptor

Attacks, Malware

The BianLian ransomware decryptor is available for free and the program is a standalone executable that doesn’t require installation. Users can select the location they wish to decrypt and provide the software with a pair of original/encrypted files. There’s also an option for users with a valid decryption password, but if the victim doesn’t have one, the software can still attempt to figure it out by iterating through all known BianLian passwords. The decryptor also…

Read More
18 Jan

Threat Campaigns Utilizing Google Search Ads to Push Information-Stealing Malware

Attacks, Malware

While this combination of phishing/typosquatting isn’t necessarily novel or unique, it could still be detrimental to an organization if an employee was to fall for it. Additionally, the use of Google search advertisements makes it more likely that an employee would fall for a campaign such as this, as the fake site often appears before the legitimate site. As with most types of phishing attacks, the best defense against campaigns utilizing these techniques is user…

Read More
18 Jan

Vendors Actively Bypass Security Patch for Year-Old Magento Vulnerability

Information, Malware, News

Vendors and agencies are actively bypassing the security patch that Adobe released in February 2022 to address CVE-2022-24086, a critical mail template vulnerability in Adobe Commerce and Magento stores, ecommerce security firm Sansec warns. The CVE-2022-24086 bug (CVSS score of 9.8) is described as an improper input validation bug in the checkout process. It could be exploited to achieve arbitrary code execution, with in-the-wild exploitation observed roughly one week after patches were made available for…

Read More