CyberSecure Specialist

Android security: Which smartphones can enterprises trust?

Google’s Android operating system dominates smartphone usage throughout the world — in every region except North America and Oceania, in fact. Thus, businesses in many regions are likely to support and issue Android devices to employees as their mainstay mobile devices. Even in areas where Apple’s iPhone dominates or is comparable in market share, businesses are likely to support or issue Android devices at least as a secondary option. But Android security has long been…

Read More

Cisco Releases Security Updates for Identity Services Engine

Original release date: November 16, 2022 Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to bypass authorization and access system files. For updates addressing vulnerabilities, see the Cisco Security Advisories page.    CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco Identity Services Engine Insufficient Access Control Vulnerability Cisco Identity Services Engine Cross-Site Scripting…

Read More

Firefox fixes fullscreen fakery flaw – get the update now!

by Paul Ducklin Firefox’s latest once-every-four-weeks security update is out, bringing the popular alternative browser to version 107.0, or Extended Support Release (ESR) 102.5 if you prefer not to get new feature releases every month. (As we’ve explained before, the ESR version number tells you which feature set you have, plus the number of times it’s had security updates since then, which you can reocncile this month by noticing that 102+5 = 107.) Fortunately, there…

Read More

Euro Authorities Warn World Cup Fans Over Qatari Apps

Neil Jones, director of cybersecurity evangelism at Egnyte, argued that the data collected by the apps could also be a treasure trove for would-be cyber-criminals. “If you plan to travel to the event, I would strongly recommend the purchase of a burner phone, if the privacy-limiting capabilities cannot be disabled,” he added. “If prompted, allow only the minimum permissions for the application to function on your device. Strongly consider limiting other users’ access to view…

Read More

SQL Injection Vulnerability and Logical Access Flaw Found in Zendesk Explore

The Zendesk team did an exceptional job at patching this vulnerability in a timely manner. If this vulnerability was discovered by threat actors before the Varonis team, or if this vulnerability was left unpatched, the flaw would have been considered a critical vulnerability in the Zendesk application; attackers would have the capabiilty to steal any information from the database that they wanted. Since many organizations have external user registration enabled by default and any user…

Read More

Spotify Backstage Development Portal Builder Vulnerable to RCE

Bleeping Computer reporter Bill Toulas notes that “While this number isn’t large, Backstage is used by many large firms, including Spotify, Netflix, Epic Games, Jaguar/Land Rover, Mercedes Benz, American Airlines, Splunk, TUI, Oriflame, Twilio, SoundCloud, HBO Max, HP Inc, Siemens, VMware, and IKEA”.It is highly recommended that systems administrators update Backstage to the latest version, version 1.7.2. It is also recommended to use logic-less template engines whenever possible, as they don’t introduce the opportunity for…

Read More

US Gov Warning: Start Hunting for Iranian APTs That Exploited Log4j

The U.S. government on Wednesday issued a blunt recommendation for organizations running VMWare Horizon servers: Initiate threat-hunting activities to find and expel Iranian APT actors that used the Log4j crisis to slip undetected into corporate networks. According to a joint advisory from CISA and the FBI, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server.  From the advisory…

Read More

Offboarding processes pose security risks as job turnover increases: Report

Organizations across multiple industries are struggling to mitigate potential risks—including loss of end-user and storage devices as well as unauthorized use of SaaS applications—during their offboarding process, according to new research conducted by YouGov in partnership with Enterprise Technology Management (ETM) firm Oomnitza. Over the last 18 months, employee turnover has increased, with the US Department of Labor estimating that by the end of 2021, a total of 69 million people—more than 20% of Americans—had…

Read More

Disneyland Malware Team: It’s a Puny World After All

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites. The Disneyland Team uses common misspellings for top…

Read More

Mozilla Releases Security Updates for Multiple Products

Original release date: November 16, 2022 Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox ESR, and Firefox. An attacker could exploit these vulnerabilities to cause user confusion or conduct spoofing attacks. CISA encourages users and administrators to review Mozilla’s security advisories for Thunderbird 102.5, Firefox ESR 102.5, and Firefox 107 for mitigations and updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More