CyberSecure Specialist

21 Nov

Luna Moth callback phishing campaign leverages extortion without malware

Data Breaches, Malware, Social Engineering

Palo Alto’s Unit 42 has investigated several incidents linked to the Luna Moth group callback phishing extortion campaign targeting businesses in multiple sectors, including legal and retail. The analysis discovered that the threat actors behind the campaign leverage extortion without malware-based encryption, have significantly invested in call centers and infrastructure unique to attack targets, and are evolving their tactics over time. Unit 42 stated that the campaign has cost victims hundreds of thousands of dollars…

Read More
21 Nov

How remote working impacts security incident reporting

Data Breaches, Malware, Social Engineering

The ability for employees to work remotely comes with many benefits, from better work-life balance to lower expenses to higher productivity. But a widely dispersed workforce can pose some great challenges for security teams, not least of which is how remote work affects security incident reporting. With companies growing more accustomed to implementing security technologies and processes better attuned to mass remote working, incident reporting has the potential to become a major stumbling block. Along…

Read More
19 Nov

Latest insights on APT activity – Week in security with Tony Anscombe

Information

What have some of the world’s most notorious APT groups been up to lately? A new ESET report released this week has the answers. What have advanced persistent threat (APT) groups been up to lately? This week, the ESET Research team published their inaugural APT Activity Report, which reviews the activities of selected APT threat actors as observed, investigated, and analyzed by ESET’s experts from May to August of this year. The report specifically looks…

Read More
18 Nov

Tor vs. VPN: Which should you choose?

Information

Both Tor and a VPN can greatly help you keep prying eyes away from your online life, but they’re also two very different beasts. Which suits your needs better? People who want to keep their online activities private are often faced with the question – should I use a virtual private network (VPN) or the Tor anonymity network? What are the advantages and downsides of each? There’s definitely a lot to go through before making a choice. Wait…

Read More
18 Nov

Almost half of customers have left a vendor due to poor digital trust: Report

Data Breaches, Malware, Social Engineering

Forty-seven percent of consumers have stopped doing business with a company after losing trust in that company’s digital security, according to new research from certificate authority and cybersecurity vendor DigiCert. The findings, which have been compiled in the company’s 2022 State of Digital Trust Survey, also revealed that 84% of customers would consider switching if they were to lose trust in a company, with 57% saying switching would be likely. The survey was administered as…

Read More
18 Nov

Novel ARCrypter Ransomware Expanding Operations Worlwide

Attacks, Malware

As time goes one, more and more novel ransomware families are surfacing, each with a variety of their own tactics. While this is a new family of ransomware, the techniques used by this ransomware are relatively standard. Numerous detection capabilities around this ransomware exist, many of which are likely already employed by organizations. For one, many organizations already employ queries to detect the “.crypt” file extension. Other detection capabilities around this ransomware include monitoring value…

Read More
18 Nov

Iranian APT Breaches Sector of U.S. Government

Attacks, Malware

As a general rule, whenever security patches are released for any vulnerability, the patch should be tested and implemented as soon as possible. With vulnerabilities such as Log4Shell, which presented a high risk due to the extensive use of on-prem and hybrid Exchange servers and the extensive exploitation in the wild, it is extremely important to get these patches pushed to all affected systems. Often times, threat actors will prey on victims by using old…

Read More
18 Nov

Microsoft Fixes Windows Kerberos Auth Issues in Emergency Updates

Attacks, Malware

Today, Microsoft has released OOB emergency updates that Windows admins must install on all Domain Controllers (DCs) in affected environments. “You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them,” Microsoft advised. The OOB updates released today are available…

Read More
18 Nov

India drafts new privacy bill for transfer of personal data internationally

Data Breaches, Malware, Social Engineering

The Indian federal government on Friday published a new draft of data privacy laws that would allow personal data transfer to other nations under certain conditions, and impose fines for breaches of data-transfer and data-collection regulations. The proposed legislation has been in the works for about four years. Up until now, the Reserve Bank of India has enacted regulations that make businesses keep transaction data within the country. The government, though, has not issued more…

Read More
18 Nov

Atlassian Patches Critical Vulnerabilities in Bitbucket, Crowd

Information, News

Atlassian informed customers this week that it has patched critical vulnerabilities in its Crowd and Bitbucket products. In the Bitbucket source code repository hosting service, Atlassian fixed CVE-2022-43781, a critical command injection vulnerability that affects Bitbucket Server and Data Center version 7 and, in some cases, version 8. “There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue…

Read More