CyberSecure Specialist

18 Jan

Trustwave relaunches Advanced Continual Threat Hunting with human-led methodology

Data Breaches, Malware, Social Engineering

Cybersecurity vendor Trustwave has announced the relaunch of its Advanced Continual Threat Hunting platform with new, patent-pending human-led threat hunting methodology. The firm claimed the enhancement will allow its SpiderLabs threat hunting teams to conduct increased human-led threat hunts and discover more behavior-based findings that could go undetected by traditional endpoint detection and response (EDR) tools. New method hunts for behaviors associated with known threat actors In a press release, Trustwave stated that its security…

Read More
18 Jan

Perception Point launches Advanced Threat Protection for Zendesk

Data Breaches, Malware, Social Engineering

Threat protection company Perception Point has launched Advanced Threat Protection for Zendesk to provide detection and remediation services for Zendesk customers. Perception Point said that customers can now protect customer service software Zendesk a single, consolidated platform alongside their email, web browsers and other cloud collaboration apps. Advanced Threat Protection for Zendesk has been built to help secure vulnerable help desks and customer support teams from external threats such as malicious content within tickets, the…

Read More
18 Jan

Why it’s time to review your on-premises Microsoft Exchange patch status

Data Breaches, Malware, Social Engineering

We start the patching year of 2023 looking at one of the largest releases of vulnerability fixes in Microsoft history. The January 10 Patch Tuesday update patched one actively exploited zero-day vulnerability and 98 security flaws. The update arrives at a time when short- and long-term technology and budget decisions need to be made. This is particularly true for organizations using on-premises Microsoft Exchange Servers. Start off 2023 by reviewing the most basic communication tool…

Read More
18 Jan

Hybrid commerce: Blurring the lines between business and pleasure

Information

It is now acceptable to find a job on a dating app! As we observed last week, many enterprises and small and medium businesses (SMBs) take advantage of solutions such as Slack, Zoom or Microsoft Teams for collaborative work. At the same time, these platforms are still trying to figure out better ways to create meaningful interactions between staff members. Put differently, while organizations prioritize workflow, there’s also a growing need to reinforce social connections…

Read More
18 Jan

Serious Security: Unravelling the LifeLock “hacked passwords” story

Information

by Paul Ducklin Earlier this month, the NortonLifeLock online identity protection service, owned by Arizona-based technology company Gen Digital, sent a security warning to many of its customers. The warning letter can be viewed online, for example on the website of the Office of the Vermont Attorney General, where it appears under the title NortonLifeLock – Gen Digital Data Breach Notice to Consumers. The letter starts with a dread-sounding salutation that says: We are writing…

Read More
17 Jan

Thinking of Hiring or Running a Booter Service? Think Again.

Information, Insights

Most people who operate DDoS-for-hire businesses attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. But until recently, their biggest concern wasn’t avoiding capture or shutdown by the feds: It was minimizing harassment from unhappy customers or victims, and insulating themselves against incessant attacks from competing DDoS-for-hire services.…

Read More
17 Jan

Remote.it takes steps toward zero trust with ‘single line of code’ provisioning

Data Breaches, Malware, Social Engineering

Network management company Remote.it today announced new features for its core SaaS-based service, including support for the Okta user identification platform and Docker containers, and what it’s describing as “programmatic deployment” of zero trust networks. Essentially, the company said, the idea is to provide automated provisioning and deployment of network access to managed assetts — using a small, 80KB daemon designed to run on almost any hardware to hook into the TCP/IP stack and create…

Read More
17 Jan

How attackers might use GitHub Codespaces to hide malware delivery

Data Breaches, Malware, Social Engineering

Attackers could start abusing GitHub Codespaces, a new service that allows developers to create and test applications inside development containers running on GitHub’s servers. Developers can make their applications accessible via public GitHub URLs for preview by others, a functionality that can be abused to distribute malware payloads in a stealthy way. “If the application port is shared privately, browser cookies are used and required for authentication,” researchers from security firm Trend Micro said in…

Read More
17 Jan

CISA Updates Best Practices for Mapping to MITRE ATT&CK®

Attacks, Insights, Malware

Original release date: January 17, 2023 Today, CISA updated Best Practices for MITRE ATT&CK® Mapping. The MITRE ATT&CK® framework is a lens through which network defenders can analyze adversary behavior and, as CISA Executive Assistant Director Eric Goldstein noted in his June 2021 blog post on the framework, it directly supports “robust, contextual bi-directional sharing of information to help strengthen the security of our systems, networks, and data.” CISA highly encourages the cybersecurity community to…

Read More
17 Jan

MSI Accidentally Breaks Secure Boot for Hundreds of Motherboards

Attacks, Malware

Organizations using an MSI motherboard in that list should check within BIOS settings that the “Image Execution Policy” is set to a safe option. Users should set the Execution Policy to “Deny Execute” for “Removable Media” and “Fixed Media,” which should only allow signed software to boot. It is highly recommended to upgraded motherboard firmware for any device that has not done so since January 2022. The introduction of a bad default shouldn’t be a…

Read More