CyberSecure Specialist

15 Dec

Microsoft’s EU data boundary plan to take effect Jan. 1

Data Breaches, Malware, Social Engineering

Microsoft on Thursday said it will begin rolling out the first phase of its European Union data boundary plan from January 1, 2023 that’ll allow customers to store and process their customer data within the EU. The move comes two days after the EU commission said it had officially begun the process of approving the EU-US Data Privacy Framework. Under the first phase of the plan, companies that use Microsoft products and services will be…

Read More
15 Dec

GAO warns government agencies: focus on IoT and OT within critical infrastructure

Data Breaches, Malware, Social Engineering

The US Government Accounting Office (GAO) continues to highlight shortcomings in the cybersecurity posture of government entities responsible for the protection of United States infrastructure when it comes to internet of things (IoT) and operational technology (OT) devices and systems. In a recent report, the GAO shone a light on the Departments of Energy, Health and Human Services, Homeland Security, and Transportation. How each of these entities reacted and responded to its recommendations was telling.…

Read More
15 Dec

Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it

Data Breaches, Malware, Social Engineering

Last year, two high severity, easily exploitable Microsoft Exchange vulnerabilities dubbed ProxyLogon and ProxyShell made waves in the infosec sphere. Nearly a year later, Exchange Server admins are met with another threat: ProxyNotShell, which in fact is a vulnerability chain comprising two actively exploited flaws: CVE-2022-41040 is a server-side request forgery (SSRF) vulnerability that an authenticated attacker can exploit for privilege escalation. This vulnerability occurs because the root cause of ProxyShell’s path confusion flaw remains,…

Read More
14 Dec

Cuba ransomware group used Microsoft developer accounts to sign malicious drivers

Data Breaches, Malware, Social Engineering

Microsoft suspended several accounts on its hardware developer program that signed malicious drivers used by a ransomware group called Cuba to disable endpoint security tools. The driver certificates have been revoked and the drivers will be added to a blocklist that Windows users can optionally deploy. “In most ransomware incidents, attackers kill the target’s security software in an essential precursor step before deploying the ransomware itself,” researchers from security firm Sophos said in a new…

Read More
14 Dec

Six Charged in Mass Takedown of DDoS-for-Hire Sites

Information, Insights

The U.S. Department of Justice (DOJ) today seized four-dozen domains that sold “booter” or “stresser” services — businesses that make it easy and cheap for even non-technical users to launch powerful Distributed Denial of Service (DDoS) attacks designed knock targets offline. The DOJ also charged six U.S. men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services. The booter service OrphicSecurityTeam[.]com was one of the 48 DDoS-for-hire domains seized by the…

Read More
14 Dec

Go-based Botnet GoTrim Targeting WordPress Sites

Attacks, Malware

GoTrim employs several anti-bot checks to avoid some of the less complex botnet mitigations. It uses a Mozilla Firefox user-agent with the same gzip, deflate, and Brotil content encoding algorithms. The malware also attempts to detect CAPTCHA security plugins and has the capability of solving the challenges for some of them. If it cannot bypass a security plugin, the botnet is globally updated with a “skip” for that domain. Interestingly, any website containing “1gb.ru” in…

Read More
14 Dec

Apple Security Update Fixes New iOS Zero-Day

Attacks, Malware

Even though this zero-day flaw was likely used in highly-targeted attacks, it is still suggested to install the security updates as soon as possible. https://www.bleepingcomputer.com/news/apple/apple-security-update-fixes-new-ios-zero-day-used-to-hack-iphones/

Read More
14 Dec

Open-Source Repositories Flooded by +144,000 Phishing Packages

Attacks, Malware

This campaign highlights two problems for the cybersecurity space – the increase in the frequency and sophistication of phishing as well as the increase in automated attacks. As time has gone on, the sophistication of phishing campaigns has increased significantly, with the interactive chat dialogue being an example from this campaign. This sophistication has allowed phishing campaigns to be much more successful, and in turn has led to an increase in the frequency of phishing…

Read More
14 Dec

Microsoft Patch Tuesday, December 2022 Edition

Information, Insights

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday. The security updates include…

Read More
14 Dec

Cybersecurity Trends 2023: Securing our hybrid lives

Information

ESET experts offer their reflections on what the continued blurring of boundaries between different spheres of life means for our human and social experience – and especially our cybersecurity and privacy The future isn’t what it used to be. This adage, if a little trite, has taken on a whole new meaning after our lives turned on a dime with the outbreak of the COVID-19 pandemic. And as the world was bouncing back from the…

Read More