CyberSecure Specialist

05 Jan

The doctor will see you now … virtually: Tips for a safe telehealth visit

Information

Are your virtual doctor visits private and secure? Here’s what to know about, and how to prepare for, connecting with a doctor from the comfort of your home. Telehealth services were one of the tech success stories of the COVID-19 pandemic. Just as cloud-based services helped suddenly locked-down workers to stay productive, telemedicine consultations ensured doctors could still provide essential healthcare and advice without endangering their patients or staff. In fact, telehealth consultations accounted for…

Read More
05 Jan

S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]

Information

by Paul Ducklin LAST STRAW FOR LASTPASS? IS CRYPTO DOOMED? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE…

Read More
05 Jan

Banking Trojan apocalypse: how hackers are stealing millions

Malware

Several weeks ago, I received a phone call from my friend who is a business owner and works in the cargo industry. He informed me that US$24,000 had vanished from his bank account during the previous night. The bank customer care team could not assist and suggested that my friend file a report with the police. The funds were transferred using a mobile app. The transaction was verified via a text message and appeared to…

Read More
05 Jan

Attackers create 130K fake accounts to abuse limited-time cloud computing resources

Data Breaches, Malware, Social Engineering

A group of attackers is running a cryptomining operation that leverages the free or trial-based cloud computing resources and platforms offered by several service providers including GitHub,  Heroku, and Togglebox. The operation is highly automated using CI/CD processes and involves the creation of tens of thousands of fake accounts and the use of stolen or fake credit cards to activate time-limited trials. Researchers from Palo Alto Networks’ Unit 42 have dubbed the group Automated Libra…

Read More
05 Jan

Toyota Customers’ Personal Information Potentially Exposed in GitHub Repository

Attacks, Malware

Although Toyota does not believe data was accessed by an unauthorized party, it is still recommended that those customers remain vigilant for the time being. Since email addresses were included with other exposed data, affected individuals are more vulnerable to scams and phishing attempts. If emails from unknown senders are received, they should not be interacted with. Unusual emails, emails involving payments, or emails involving sign-in links to high value accounts from trusted counterparties should…

Read More
05 Jan

Hackers Abuse Windows Error Reporting Tool to Deploy Malware

Attacks, Malware

It is highly recommended to implement and maintain email security controls, including the ability to block certain file attachments. ISO files have become extremely popular among threat actors as a way to initially get malware on to the system while also evading defenses. In this campaign, the threat actors attach the ISO directly to a phishing email received by the end user. By being able to block incoming emails that contain ISO (or IMG) attachments,…

Read More
05 Jan

Cyberattack on Records Vendor Affects Scores of U.S. Counties

Attacks, Malware

To protect against similar cyber-attacks, organizations should: • Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.• Implement network segmentation.• Implement a recovery plan• Install updates/patch operating systems, software, and firmware as soon as practical after they are released.• Implement monitoring of security events on employee workstations and servers, with a 24/7 Security…

Read More
05 Jan

IOTW: Almost 50,000 UK government ministers vulnerable to cyber attacks

Attacks, Data Breaches

A large number of UK government ministers and civil servants have been warned that they are vulnerable to hackers after their personal information was posted online and remained visible for months. The personal information for more than 45,000 civil servants was available until March 2020 via the Government Communication Service (GCS) website. The information included names, email addresses, phone numbers and job titles as well as links to social media profiles including Twitter and LinkedIn.…

Read More
05 Jan

Predictions 2023: Big Tech’s Coming Security Shopping Spree

Information, News

The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a shiny crystal ball to find the cybersecurity narratives that will dominate this year’s headlines. For the most part, not much will change. Organizations large and small will continue to acknowledge major data breaches, zero-days and ransomware crises will spread to new targets and a skills shortage in an uncertain economy will…

Read More
05 Jan

CISA Releases Three Industrial Systems Control Advisories

Attacks, Insights, Malware

Original release date: January 5, 2023 CISA released three Industrial Control Systems (ICS) advisories on January 5 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-005-01 Hitachi Energy UNEM ICSA-23-005-02 Hitachi Energy FOXMAN-UN ICSA-23-005-03 Hitachi Energy Lumada Asset Performance Management This product is provided subject to this Notification and this Privacy…

Read More