CyberSecure Specialist

29 Nov

TikTok Trend Abused to Lure Users Into Installing Malware

Attacks, Malware

The report released by Checkmarx in regards to this attack states: “These attacks demonstrate again that cyber attackers have started to focus their attention on the open-source package ecosystem; We believe this trend will only accelerate in 2023.”When installing any software from open-source resources such as PyPI or GitHub, it is crucial to be skeptical and to perform due diligence by doing things like reviewing the code base, ensuring proper spelling of packages to avoid…

Read More
29 Nov

Android App Being used to Power Account Creation Service

Attacks, Malware

Most websites have adopted a mandatory verification through SMS message for account creation and authentication. Because of these requirements, threat groups have had to become crafty, deploying new methods in order to bypass these security features. At first, criminal actors primarily relied upon Google Voice numbers and “burner phone” numbers. However, with websites also advancing, most of those options are no longer valid when setting up an account. Due to the current situation, the only…

Read More
29 Nov

CISA Adds Oracle Access Manager Exploit to Known Exploited Vulnerabilities Catalog

Attacks, Malware

A proof-of-concept (PoC) has existed as early as March 2022, so companies running vulnerable versions of OAM should patch as soon as their patch management program allows. Additionally, since the exploit has existed for so long, it is reasonable to assume active exploitation has been taking place since then, and all vulnerable OAM systems should be treated as such. https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html

Read More
29 Nov

CISA Releases Seven Industrial Control Systems Advisories

Attacks, Insights, Malware

Original release date: November 29, 2022 CISA released seven (7) Industrial Control Systems (ICS) advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-333-01 Mitsubishi Electric GOT2000 ICSA-22-333-02 Hitachi Energys IED Connectivity Packages and PCM600 Products ICSA-22-333-03 Hitachi Energys MicroSCADA ProX SYS600 Products ICSA-22-333-04 Moxa UC Series ICSA-22-333-05…

Read More
29 Nov

Ransomware Gang Takes Credit for Maple Leaf Foods Hack

Information, News

The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods. The cybercriminals have made public several screenshots of technical documents, financial information and other corporate files to demonstrate that they gained access to Maple Leaf Foods systems. Maple Leaf Foods announced in early November that it was experiencing an outage as a result of a cyberattack. The Mississauga, Ontario-based packaged meats company said it took…

Read More
29 Nov

How to build a public profile as a cybersecurity pro

Data Breaches, Malware, Social Engineering

Cybersecurity professionals interested in raising their profiles as subject matter experts can count on social media to become more visible. With everyone being online this may not be enough though. CSO spoke to Forrester analyst Jinan Budge and cybersecurity professionals Katie Moussouris, Troy Hunt, Rachel Tobac, and Christina Morillo about their journeys and their tips for those who want to build their public profile. Some of these professionals have been known for their work for…

Read More
29 Nov

Hacker attempts to sell data of 500 million WhatsApp users on dark web

Attacks, Data Breaches

A hacker has allegedly posted a dataset to the dark web containing the personal information of almost 500 million WhatsApp users. In the post, which was uploaded to hacking forum BreachForums on November 16, the hacker claimed to be selling up-to-date personal information of 487 million WhatsApp users from 84 countries. In the post, the alleged hacker said those who bought the datasets would recieve “very recent mobile numbers” of WhatsApp users. The leak was…

Read More
28 Nov

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Information, Insights

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.…

Read More
28 Nov

Financial services increasingly targeted for API-based cyberattacks

Data Breaches, Malware, Social Engineering

A report published Monday by cloud services and CDN (content delivery network) platform Akamai said that the financial services industry is an increasingly popular target for a wide range of cyberattacks, with application and API attacks against the vertical more than tripling in the past year. APIs are a core part of how financial services firms are changing their operations in the modern era, Akamai said, given the growing desire for more and more app-based…

Read More
28 Nov

Russia-Linked Sandworm Continues Launching Attacks

Attacks, Malware

According to ESET, the most recent cyberattacks have common indicators with attacks launched by Sandworm previously, including the use of PowerShell to distribute ransomware that is “almost identical to the one seen last April during the Industroyer2 attacks against the energy sector.” PowerShell, also known as PowerGap by Ukrainian cyber authorities, was used to introduce the CaddyWiper malware against Ukrainian infrastructure in April 2022, shortly after the Russian invasion. https://cybernews.com/news/sandworm-spawns-monstrous-offspring/ https://thehackernews.com/2022/11/russia-based-ransomboggs-ransomware.html

Read More