CyberSecure Specialist

Avast Releases Free BianLian Ransomware Decryptor

The BianLian ransomware decryptor is available for free and the program is a standalone executable that doesn’t require installation. Users can select the location they wish to decrypt and provide the software with a pair of original/encrypted files. There’s also an option for users with a valid decryption password, but if the victim doesn’t have one, the software can still attempt to figure it out by iterating through all known BianLian passwords. The decryptor also…

Read More

Threat Campaigns Utilizing Google Search Ads to Push Information-Stealing Malware

While this combination of phishing/typosquatting isn’t necessarily novel or unique, it could still be detrimental to an organization if an employee was to fall for it. Additionally, the use of Google search advertisements makes it more likely that an employee would fall for a campaign such as this, as the fake site often appears before the legitimate site. As with most types of phishing attacks, the best defense against campaigns utilizing these techniques is user…

Read More

Vendors Actively Bypass Security Patch for Year-Old Magento Vulnerability

Vendors and agencies are actively bypassing the security patch that Adobe released in February 2022 to address CVE-2022-24086, a critical mail template vulnerability in Adobe Commerce and Magento stores, ecommerce security firm Sansec warns. The CVE-2022-24086 bug (CVSS score of 9.8) is described as an improper input validation bug in the checkout process. It could be exploited to achieve arbitrary code execution, with in-the-wild exploitation observed roughly one week after patches were made available for…

Read More

Trustwave relaunches Advanced Continual Threat Hunting with human-led methodology

Cybersecurity vendor Trustwave has announced the relaunch of its Advanced Continual Threat Hunting platform with new, patent-pending human-led threat hunting methodology. The firm claimed the enhancement will allow its SpiderLabs threat hunting teams to conduct increased human-led threat hunts and discover more behavior-based findings that could go undetected by traditional endpoint detection and response (EDR) tools. New method hunts for behaviors associated with known threat actors In a press release, Trustwave stated that its security…

Read More

Perception Point launches Advanced Threat Protection for Zendesk

Threat protection company Perception Point has launched Advanced Threat Protection for Zendesk to provide detection and remediation services for Zendesk customers. Perception Point said that customers can now protect customer service software Zendesk a single, consolidated platform alongside their email, web browsers and other cloud collaboration apps. Advanced Threat Protection for Zendesk has been built to help secure vulnerable help desks and customer support teams from external threats such as malicious content within tickets, the…

Read More

Why it’s time to review your on-premises Microsoft Exchange patch status

We start the patching year of 2023 looking at one of the largest releases of vulnerability fixes in Microsoft history. The January 10 Patch Tuesday update patched one actively exploited zero-day vulnerability and 98 security flaws. The update arrives at a time when short- and long-term technology and budget decisions need to be made. This is particularly true for organizations using on-premises Microsoft Exchange Servers. Start off 2023 by reviewing the most basic communication tool…

Read More

Hybrid commerce: Blurring the lines between business and pleasure

It is now acceptable to find a job on a dating app! As we observed last week, many enterprises and small and medium businesses (SMBs) take advantage of solutions such as Slack, Zoom or Microsoft Teams for collaborative work. At the same time, these platforms are still trying to figure out better ways to create meaningful interactions between staff members. Put differently, while organizations prioritize workflow, there’s also a growing need to reinforce social connections…

Read More

Serious Security: Unravelling the LifeLock “hacked passwords” story

by Paul Ducklin Earlier this month, the NortonLifeLock online identity protection service, owned by Arizona-based technology company Gen Digital, sent a security warning to many of its customers. The warning letter can be viewed online, for example on the website of the Office of the Vermont Attorney General, where it appears under the title NortonLifeLock – Gen Digital Data Breach Notice to Consumers. The letter starts with a dread-sounding salutation that says: We are writing…

Read More

Thinking of Hiring or Running a Booter Service? Think Again.

Most people who operate DDoS-for-hire businesses attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. But until recently, their biggest concern wasn’t avoiding capture or shutdown by the feds: It was minimizing harassment from unhappy customers or victims, and insulating themselves against incessant attacks from competing DDoS-for-hire services.…

Read More

Remote.it takes steps toward zero trust with ‘single line of code’ provisioning

Network management company Remote.it today announced new features for its core SaaS-based service, including support for the Okta user identification platform and Docker containers, and what it’s describing as “programmatic deployment” of zero trust networks. Essentially, the company said, the idea is to provide automated provisioning and deployment of network access to managed assetts — using a small, 80KB daemon designed to run on almost any hardware to hook into the TCP/IP stack and create…

Read More