CyberSecure Specialist

How AI chatbot ChatGPT changes the phishing game

ChatGPT, OpenAI’s free chatbot based on GPT-3.5, was released on 30 November 2022 and racked up a million users in five days. It is capable of writing emails, essays, code and phishing emails, if the user knows how to ask. By comparison, it took Twitter two years to reach a million users. Facebook took ten months, Dropbox seven months, Spotify five months, Instagram six weeks. Pokemon Go took ten hours, so don’t break out the…

Read More

APT group trojanizes Telegram app – Week in security with Tony Anscombe

StrongPity’s backdoor is fitted with various spying features and can record phone calls, collect texts, and gather call logs and contact lists This week, the ESET research team published their findings about an espionage campaign by the StrongPity APT group that spreads a fully functional, but trojanized version of the legitimate Telegram app for Android. The malicious app – which has various spying features, including recording phone calls and collecting SMS messages – is distributed…

Read More

Introducing IPyIDA: A Python plugin for your reverse‑engineering toolkit

ESET Research announces IPyIDA 2.0, a Python plugin integrating IPython and Jupyter Notebook into IDA IDA Pro from Hex-Rays is probably the most popular tool today for reverse-engineering software. For ESET researchers, this tool is a favorite disassembler and has inspired the development of the IPyIDA plugin that embeds an IPython kernel into IDA Pro. Under continuous development since 2014, we’re pleased to announce the release of version 2.0. IPyIDA serves a similar purpose as another…

Read More

Attackers deploy sophisticated Linux implant on Fortinet network security devices

In December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild. This week, after additional analysis, the company released more details about a sophisticated malware implant that those attackers deployed through the flaw. Based on currently available information, the original zero-day attack was highly targeted to government-related entities. However, since the vulnerability has been known for over a month, all customers should…

Read More

Gen Digital Warns of Norton Password Manager Account Breach

Credential stuffing attacks are a rather old method of breaching an account, but they are still relatively successful. These attacks rely on human error in the form of reusing passwords. From an organizational standpoint, this could lead to account compromise if an employee reuses one of their passwords from an external site that was breached for their work account. To detect credential stuffing attacks, organizations can monitor logon events for a spike in failed authentications…

Read More

San Francisco Transit Police Breached

Public sector entities tend to be at a higher risk for breach due to the lack of budget and ability to hire cyber security professionals. Because of this, many fall victim to cyber-attacks that affect systems with no way to easily mitigate. Customers who believe they may have been a victim of this breach should ensure they are taking the necessary precautions to protect themselves, such as looking out for phishing emails and monitoring credit…

Read More

Microsoft: Exchange Server 2013 Reaches End of Support in 90 days

Microsoft recommends upgrading on-premises Exchange Server 2013 servers to Exchange Server 2019 to keep receiving bug fixes and security updates for new flaws. However, before deploying new Exchange Server 2019 installations across servers running software quickly reaching EOS, admins should ensure that network, hardware, software, and clients meet the requirements. Redmond also advises admins to migrate to its hosted Exchange Online email and the calendaring client as an alternative option, available as an Office 365…

Read More

NSA Director Pushes Congress to Renew Surveillance Powers

A top U.S. intelligence official on Thursday urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying they were critical to stopping terrorism, cyberattacks and other threats. The remarks by Army Gen. Paul Nakasone, director of the National Security Agency, opened what’s expected to be a contentious debate over provisions of the Foreign Intelligence Surveillance Act that expire at year’s end. The bipartisan consensus in favor of expanded…

Read More

Most Cacti Installations Unpatched Against Exploited Vulnerability

Most internet-exposed Cacti installations have not been patched against a critical-severity command injection vulnerability that is being exploited in attacks. An open-source web-based network monitoring and graphing tool that offers an operational monitoring and fault management framework, Cacti is a front-end application for the data logging utility RRDtool. In early December 2022, the tool’s maintainers announced patches for CVE-2022-46169, a critical-severity (CVSS score 9.8) command injection flaw that could allow unauthenticated attackers to execute code…

Read More

Cyber attack against Royal Mail linked to Russian hackers

A cyber attack against the UK postal service Royal Mail which saw the company request that customers stop sending mail abroad via its services has been linked to Russian hackers. Royal Mail informed the public of the cyber attack on January 11, saying it had caused “severe disruption” to the computerized systems used to send mail abroad. The company “immediately launched an investigation into the [cyber] incident” and utilized the help of the UK’s National…

Read More