CyberSecure Specialist

30 Dec

US Congress funds cybersecurity initiatives in FY2023 spending bill

Data Breaches, Malware, Social Engineering

On December 23, the House and Senate Appropriations Committee agreed to a $1.7 trillion omnibus spending bill that funds government operations through the fiscal year 2023. On December 29, President Biden signed it. The 4,155-page bill reflects an already agreed-upon $858 billion for defense spending and an additional $800 billion for non-defense spending, including several prominent cybersecurity items. US Senator Chris Murphy (D-CT), chair of the Subcommittee on Homeland Security, said, “This bill is a…

Read More
29 Dec

Happy 13th Birthday, KrebsOnSecurity!

Information, Insights

KrebsOnSecurity turns 13 years old today. That’s a crazy long time for an independent media outlet these days, but then again I’m bound to keep doing this as long as they keep letting me. Heck, I’ve been doing this so long I briefly forgot which birthday this was! Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with…

Read More
29 Dec

S3 Ep115: True crime stories – A day in the life of a cybercrime fighter [Audio + Text]

Information, Malware

by Paul Ducklin A DAY IN THE LIFE OF A CYBERCRIME FIGHTER Once more unto the breach, dear friends, once more! Paul Ducklin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. Intro and outro music by Edith Mudge. You can listen…

Read More
29 Dec

The horror! The horror! NOTEPAD gets tabbed editing (very briefly)

Information, Uncategorized

by Paul Ducklin These days, almost every decent app, along with some that are half-decent (as well as a few that aren’t very good at all) will offer you tabbed whateveritis. Even command windows, which used to be just what they said (windows in which one – and only one – command shell was running), went “tabbed” somewhere in the 1990s, and have been ever since. If you want two command windows these days, you…

Read More
29 Dec

US passes the Quantum Computing Cybersecurity Preparedness Act – and why not?

Information

by Paul Ducklin Remember quantum computing, and the quantum computers that make it possible? Along with superstrings, dark matter, gravitons and controlled fusion (hot or cold), quantum computing is a concept that many people have heard of, even if they know little more about any of these topics than their names. Some us are vaguely better informed, or think we are, because we have an idea why they’re important, can recite short but inconclusive paragraphs…

Read More
29 Dec

Thousands of Citrix Servers Vulnerable to Patched Critical Flaws

Attacks, Malware

It is highly recommended to patch any Citrix devices in an organization’s environment as soon as possible if they are vulnerable to either of these vulnerabilities. Since at least one of them is known to have threat actors actively exploiting it, the sooner the devices can be patched, the less chance that a threat actor will be able to compromise it and spread throughout an organization. It is recommended that organizations update their Citrix applications…

Read More
29 Dec

Royal Ransomware Claims Attack on Intrado Telecom Provider

Attacks, Malware

To protect against ransomware attacks, organizations should: · Regularly back up data, air gap backups, and password-protect backup copies offline. · Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides. · Implement network segmentation. · Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location · Install updates/patches operating systems, software,…

Read More
29 Dec

Google Ads Used to Spread Malware

Attacks, Malware

Companies with well-known brand names should continuously monitor domain name registrations to identify potential typo-squatting attacks impersonating their brand name. The Uniform Domain-Name Dispute Resolution Policy can be used by companies to reclaim brand-infringing domains. If the infringing domain is being used to deliver malware, most domain registrars will honor a request for an immediate take-down of the offending domain. Binary Defense Counterintelligence services include monitoring of typo-squatting domain names and review of impersonating websites.…

Read More
29 Dec

The Five Stories That Shaped Cybersecurity in 2022

Information, News

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem As we looked back at the security incidents, events and stories that demanded attention over the past year, it became crystal clear that high-profile data breaches and zero-day attacks would continue to dominate the headlines. It seemed that hardly a week went by without some sort of cybersecurity incident making headlines, stretching spending budgets to the limits as CISOs and…

Read More
29 Dec

Several DoS, Code Execution Vulnerabilities Found in Rockwell Automation Controllers

Information, News

Organizations using controllers made by Rockwell Automation have been informed recently about several potentially serious vulnerabilities. The US Cybersecurity and Infrastructure Security Agency (CISA) last week published three advisories to describe a total of four high-severity vulnerabilities. Rockwell Automation has published individual advisories for each security hole. One flaw is CVE-2022-3156, which impacts the Studio 5000 Logix Emulate controller emulation software. The vulnerability is caused by a misconfiguration that results in users being granted elevated…

Read More