CyberSecure Specialist

21 Dec

Threat Actors Continue to Deploy Raspberry Robin

Attacks, Malware

The primary attack vector has been infected USB drives which download a malicious MSI installer file that deploys the primary payload. Either msiexec.exe or wmic.exe are utilized as trusted installers. Some UBS drives have a configured autorun.inf file that will automatically run the payload, whereas others rely on social engineering to invite a targeted user to click on an associated .LNK file. The payload loader now deploys a decoy adware named BrowserAssistant in order to…

Read More
21 Dec

Microsoft dishes the dirt on Apple’s “Achilles heel” shortly after fixing similar Windows bug

Information

by Paul Ducklin When we woke up this morning, our cybersecurity infofeed was awash with “news” that Apple had just patched a security hole variously described a “gnarly bug”, a “critical flaw” that could leave your Macs “defenceless”, and the “Achilles’ heel of macOS”. Given that we usually check our various security bulletin mailing lists before even looking outside to check the weather, primarily to see if Apple has secretly unleashed a new advisory overnight……

Read More
21 Dec

Microsoft Pushes Emergency Fix for Windows Server Hyper-V VM Issues

Attacks, Malware

These updates are not delivered through Windows Updates and will not install automatically on impacted servers. To get the standalone package, admins must search for the KB number in the Microsoft Update Catalog, download it, and install it manually. They can also be manually imported into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. Microsoft also provides instructions on importing updates into WSUS and Configuration Manager from the Microsoft Update Catalog. “You do…

Read More
21 Dec

Ukraine’s DELTA Military System Users Targeted by Info-Stealing Malware

Attacks, Malware

Phishing has continued to be one of the most common means of initial access for threat actors of all skill levels. In this instance, the actor was likely trying to steal credentials and information concerning the DELTA program in order to assist with counterintelligence. Protecting against phishing campaigns is often difficult as it takes just one user to fall victim to the campaign to be successful – it is even more difficult with advanced phishing…

Read More
21 Dec

Cyber Insurance Analytics Firm CyberCube Raises $50 Million

Information, News

CyberCube, a provider of cyber risk analytics for insurance companies, this week announced that it has raised $50 million in a new funding round that brings the total raised by the firm to $105 million. The new investment round was led by Morgan Stanley, with participation from Forgepoint Capital, Hudson Structured Capital Management (Bermuda) Ltd., MTech Capital, and angel investors. Founded in 2015, the San Francisco-based CyberCube helps insurers and brokers understand their portfolios’ exposure…

Read More
21 Dec

Social media use can put companies at risk: Here are some ways to mitigate the danger

Data Breaches, Malware, Social Engineering

We live in a social world, but should our businesses? For many, the answer to that is increasingly no—that’s why laws and regulations have recently been put in place restricting access to some social media in certain situations because of the hidden risks of these seemingly innocuous platforms. The United States federal government and some US states, for example, have barred government-issued devices from the use of Chinese-owned TikTok, which allows users to create and…

Read More
20 Dec

The Equifax Breach Settlement Offer is Real, For Now

Data Breaches, Information, Insights

Millions of people likely just received an email or snail mail notice saying they’re eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this particular offer is legit (if paltry), scammers are likely to soon capitalize on public attention to the settlement money. One reader’s copy of their Equifax Breach…

Read More
20 Dec

How to set up parental controls on your child’s new smartphone

Information

Give yourself peace of mind and help create a safe online space for your child using Android or iOS parental controls So you’re about to give your kid their first smartphone. While your child will be over the moon with their shiny new device, you begin to wonder how to stop the kid from spending every waking hour glued to the gadget. Chances are that somewhere along the way, you’ll start to discover the world…

Read More
20 Dec

OneCoin scammer Sebastian Greenwood pleads guilty, “Cryptoqueen” still missing

Information

by Paul Ducklin The “Missing Cryptoqueen” saga has made long-term headlines since co-founders Ruja Ignatova and Karl Sebastian Greenwood started a cryptocurrency scam known as OneCoin, way back in 2014. Ignatova, who hails from Bulgaria, and who apparently liked to be known as The Cryptoqueen (her charge sheet even shows that name as an alias), has been wanted in the US on various wire fraud, money laundering and securities fraud charges since October 2017. According…

Read More
20 Dec

McGraw Hill Exposed 100,000 Students’ Grades Through Misconfigured S3 Bucket

Attacks, Malware

Researchers verified a small sample of the data and reached out to McGraw Hill, who did not initially respond. Finally, the company announced on September 21st that they had removed all sensitive data out of the public buckets. Due to the growing regulatory burden, it is highly recommended that organizations store sensitive customers data securely, and utilize third party cybersecurity services to verify the security of such data in order to avoid liability, regulatory fines,…

Read More