CyberSecure Specialist

20 Dec

CISA Releases Six Industrial Control Systems Advisories

Attacks, Insights, Malware

Original release date: December 20, 2022 CISA released six Industrial Control Systems (ICS) advisories on December 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-354-01 Fuji Electric Tellus Lite V-Simulator ICSA-22-354-02 Rockwell Automation GuardLogix and ControlLogix ICSA-22-354-03 ARC Informatique PcVue ICSA-22-354-04 Rockwell Automation MicroLogix 1100 and 1400 ICSA-22-354-05 Delta 4G…

Read More
20 Dec

DraftKings Data Breach Impacts Personal Information of 68,000 Customers

Information, News

Sports betting firm DraftKings says the personal data of 68,000 individuals has been compromised in a recent data breach. The incident, initially disclosed in November, was the result of a credential stuffing attack and not a breach of DraftKings’ systems, the company says. Credential stuffing involves the use of leaked credentials (usernames, email addresses, and passwords) obtained from a third-party source to access an account on a different service. Such attacks are successful only because…

Read More
20 Dec

How to enable event collection in Windows Server

Data Breaches, Malware, Social Engineering

Event logs register information about software and hardware events that occur in a system, and they are a key weapon in the arsenal of computer security teams. Windows Server has offered Windows Event Forwarding (WEF) for aggregating system event logs from disparate systems to a central event log server for several versions now. High end security information and event management (SIEM) or security, orchestration, automation, and response (SOAR) systems are the ideal in an enterprise…

Read More
19 Dec

Hacked Ring Cams Used to Record Swatting Victims

Information, Insights

Photo: BrandonKleinPhoto / Shutterstock.com Two U.S. men have been charged with hacking into the Ring home security cameras of a dozen random people and then “swatting” them — falsely reporting a violent incident at the target’s address to trick local police into responding with force. Prosecutors say the duo used the compromised Ring devices to stream live video footage on social media of police raiding their targets’ homes, and to taunt authorities when they arrived.…

Read More
19 Dec

DarkTortilla Used on Grammarly and Cisco Phishing Sites

Attacks, Malware

Some recommendations from the source article include: • Do not open suspicious links in emails.• Do not download the software from untrusted sources.• Use a reputed anti-virus and Internet security software package on your connected devices, including PC, laptop, and mobile.• Refrain from opening untrusted links and email attachments without verifying their authenticity. It is worth noting that if a link is visited and seems suspicious, it is recommended to navigate directly to the legitimate…

Read More
19 Dec

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

Attacks, Malware

To protect against ransomware attacks, organizations should:• Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.• Implement network segmentation.• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location• Install updates/patch operating systems, software, and firmware as soon as…

Read More
19 Dec

Google Has Improved Gmail Security via Client-Side Encryption

Attacks, Malware

On the contrary, End-to-End Encryption (E2EE) is a communication technique in which data is encrypted on the sender’s device and can only be unlocked by the recipient’s device using a secret key that is shared between the sender and receiver. Other Google products outside of Gmail also have client-side encryption enabled. Earlier this year, the tech giant made the same feature available for Google Meet, Drive, and Calendar. Google Drive apps also support client-side encryption…

Read More
19 Dec

US consumers seriously concerned over their personal data

Data Breaches, Malware, Social Engineering

A report released today by Big Four accounting firm KPMG found that large majorities of the American public are highly concerned about the security of their personal data, and that US companies aren’t helping matters by ramping up their collection of that data. Fully 92% of respondents to KPMG’s survey said that they were concerned to some extent about how personal data that they provide to companies is handled, and nearly nine in 10 said…

Read More
19 Dec

Google Workspace Gets Client-Side Encryption in Gmail

Information, News

Google on Friday announced the beta availability of client-side encryption in Gmail for some of its Google Workspace customers. The feature is meant to improve the confidentiality of emails when they rest on Google’s servers, by applying encryption to the email body and attachments while providing Workspace customers with control over the encryption keys and the identity service used to access the keys. “Google Workspace already uses the latest cryptographic standards to encrypt all data…

Read More
17 Dec

MirrorFace aims for high‑value targets in Japan – Week in security with Tony Anscombe

Information

The group’s proprietary backdoor LODEINFO delivers additional malware, exfiltrates credentials, and steals documents and emails This week, the ESET research team published their findings about a spearphishing campaign that the Chinese-speaking threat actor MirrorFace launched in Japan and that mainly focused on members of a specific Japanese political party. The campaign – which ESET Research has named Operation LiberalFace and which occurred in the lead-up to the House of Councillors elections in July 2022 –…

Read More