CyberSecure Specialist

11 Nov

IOTW: Everything we know about the Medibank data leak

Attacks, Data Breaches

Note: this article was updated on November 11, 2022 to reflect a development in the Australian Federal Police’s investigation The hacker responsible for a data breach of Australian health insurance provider Medibank which affected 9.7 million people has released private medical information on the dark web. The hacker posted a file labelled “abortions” to a site backed by Russian ransomware group REvil on November 10, 2022. It apparently contains information on procedures that policyholders have…

Read More
11 Nov

GitHub Introduces Private Vulnerability Reporting for Public Repositories

Information, News

Microsoft-owned code hosting platform GitHub has announced the introduction of a direct channel for security researchers to report vulnerabilities in public repositories that allow it. The new private vulnerability reporting capability enables repository maintainers to allow security researchers to report to them any vulnerabilities identified in their code. Some repositories may contain specific instructions on how the maintainers can be contacted for vulnerability reporting, but for those that do not, researchers often report issues publicly.…

Read More
11 Nov

Chinese Spyware Targets Uyghurs Through Apps: Report

Information, News

Cybersecurity researchers said they have found evidence of Chinese spyware in Uyghur-language apps that can track the location and harvest the data of Uyghurs living in China and abroad. Uyghurs are a Turkic Muslim minority predominantly in China’s northwestern region of Xinjiang, where a recent UN report said Beijing may have committed crimes against humanity. The United States and lawmakers in other Western countries say China’s treatment of the Uyghurs amounts to genocide. A Thursday…

Read More
11 Nov

LiteSpeed Vulnerabilities Can Lead to Complete Web Server Takeover

Information, News

LiteSpeed Web Server vulnerabilities discovered by researchers at Palo Alto Networks can be exploited to take complete control of a targeted server. The security holes were discovered during an audit of OpenLiteSpeed, the open source version of the LiteSpeed performance-focused web server made by LiteSpeed Technologies. Both versions are impacted by the vulnerabilities and they have been patched with the release of OpenLiteSpeed 1.7.16.1 and LiteSpeed 6.0.12. LiteSpeed is a popular web server and an…

Read More
11 Nov

Cybersecurity startups to watch for in 2023

Data Breaches, Malware, Social Engineering

The problems cybersecurity startups attempt to solve are often a bit ahead of the mainstream. They can move faster than most established companies to fill gaps or emerging needs. Startups can often innovative faster because they are unfettered by an installed base. The downside, of course, is that startups often lack resources and maturity. It’s a risk for a company to commit to a startup’s product or platform, and it requires a different kind of customer/vendor…

Read More
11 Nov

Medibank hackers revealed to be in Russia

Data Breaches, Malware, Social Engineering

The Australian Federal Police has revealed that those responsible for the data breach of Australian private health insurer Medibank are in Russia. On October 13, Medibank paused trading in the Australian Securities Exchange and announced there had been a “cyber incident”. At the time the company believed no data had been accessed and that the main issue was at its ahm and international student policy management units. But what started as the second largest breach…

Read More
10 Nov

Lacework releases cloud-native application security service

Data Breaches, Malware, Social Engineering

Cloud security vendor Lacework this week announced the availability of a cloud-native application protection platform (CNAPP) for its broader Polygraph Data Platform offering, providing an agentless, low-touch option for organizations looking to improve their application security posture. There are two main components to the CNAPP release, according to Lacework, both of which require only that the user connect their cloud accounts with Lacework’s apparatus. The first is attack path analysis, which uses Lacework’s systems to…

Read More
10 Nov

Canadian Meat Giant Suffers Cyberattack

Attacks, Malware

To minimize the effect of ransomware attacks, organizations should regularly back up their data and keep secure copies offline. On top of that, keeping systems up to date with patches and keeping an up-to-date anti-virus software will help a considerable amount. A 24/7 monitoring solution like the one that is offered by Binary Defense and the Security Operations Center should be considered when determining a defense solution as well. Keeping eyes out for network intrusions…

Read More
10 Nov

New StrelaStealer Malware Steals Your Outlook, Thunderbird Accounts

Attacks, Malware

It is highly recommended to implement and maintain good email security controls, such as AV scanning and sandboxing, to help prevent phishing emails from being delivered to end users. Since the vast majority of malware is delivered via phishing emails, this step alone can help prevent a large number of malware campaigns from being unsuccessful in infecting an organization. It is also recommended to implement a blocklist of potentially suspicious email attachment file types, such…

Read More
10 Nov

Verified Mess — Twitter’s $8 Blue Tick Rollout Sees ‘Verified’ Fakes

Attacks, Malware

This issue is likely to get worse before it gets better. Threat actors will continue to use the new verified check marks as a means to spread misinformation as well as attempt social engineering tactics to take advantage of individuals. Users should be wary of “verified” twitter accounts and should validate any information received from a twitter account with a secondary reliable source. Individuals should also be cautious of direct messages from verified accounts enticing…

Read More