CyberSecure Specialist

How Cisco keeps its APIs secure throughout the software development process

Software developers know not to reinvent the wheel. So, they lean on reusable micro-services – and their corresponding application programming interfaces (APIs) – as building blocks for application components. “Developers want to focus on the added value they can bring instead of rebuilding things that have great solutions out there already,” says Grace Francisco, vice president of developer relations, strategy, and experience at Cisco. “APIs make that easy for developers to consume.” And they have been consuming:…

Read More

FIFA World Cup 2022 scams: Beware of fake lotteries, ticket fraud and other cons

When in doubt, kick it out, plus other tips for hardening your cyber-defenses against World Cup-themed phishing and other scams The FIFA World Cup 2022 in Qatar is just about to kick off! From November 20th through December 18th, one of this year’s most important global events will attract hundreds of millions of football (or soccer if you prefer) fans from all over the world. But as we’ve seen before, online fraudsters invariably use the…

Read More

Security challenges facing SMBs – Week in security with Tony Anscombe

New ESET report shows how ever-growing threats impact SMB sentiment and why many SMBs are underprepared to defend against attacks Three in four SMBs believe that they are more vulnerable to cyberattacks than enterprises, ESET’s 2022 SMB Digital Security Sentiment Report published this week has found. This doesn’t always seem to be reflected in their spending, however, as a similar share of the businesses admitted that their investment in cybersecurity has not kept pace with…

Read More

Dangerous SIM-swap lockscreen bypass – update Android now!

by Paul Ducklin A bug bounty hunter called David Schütz has just published a detailed report describing how he crossed swords with Google for several months over what he considered a dangerous Android security hole. According to Schütz, he stumbled on a total Android lockscreen bypass bug entirely by accident in June 2022, under real-life conditions that could easily have happened to anyone. In other words, it was reasonable to assume that other people might…

Read More

Multiple High-Severity Flaws Affect Widely Used OpenLiteSpeed Web Server Software

It is recommended to update all instances of OpenLightSpeed Server to the latest version as that reportedly addresses these issues. It is always advised to patch systems with the latest updates whenever they become available. Patches should only be downloaded directly from the manufactures’ websites, never from a third party as they could have nefarious software added to them. https://thehackernews.com/2022/11/multiple-high-severity-flaw-affect.html

Read More

IceXLoader Being Shared Through Phishing

It is important for companies to properly train employees on how to spot phishing emails. Organizations should also have detections in place to identify when malware has been downloaded. Binary Defense’s Managed Detection and Response service is an excellent asset to assist with these types of detection needs. https://www.bleepingcomputer.com/news/security/phishing-drops-icexloader-malware-on-thousands-of-home-corporate-devices/

Read More

BadBazaar Android Malware Tied to Chinese Cyberspies

This campaign highlights the difficulty of attribution in relation to threat campaigns. While the BadBazaar malware was previously tied to a campaign taking place in the Middle East in 2017, it was later tied to APT15 in 2020, and now Xi’an Tian He Defense Technology in 2022. This is likely due to this specific tool being sold as a service rather than one of the groups developing this malware themselves, which is becoming more and…

Read More

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

by Paul Ducklin THREE BILLION DOLLARS IN A POPCORN TIN? Radio waves so mysterious they’re known only as X-Rays. Were there six 0-days or only four? The cops who found $3 billion in a popcorn tin. Blue badge confusion. When URL scanning goes wrong. Tracking down every last unpatched file. Why even unlikely exploits can earn “high” severity levels. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on…

Read More

IOTW: Everything we know about the Medibank data leak

Note: this article was updated on November 11, 2022 to reflect a development in the Australian Federal Police’s investigation The hacker responsible for a data breach of Australian health insurance provider Medibank which affected 9.7 million people has released private medical information on the dark web. The hacker posted a file labelled “abortions” to a site backed by Russian ransomware group REvil on November 10, 2022. It apparently contains information on procedures that policyholders have…

Read More

GitHub Introduces Private Vulnerability Reporting for Public Repositories

Microsoft-owned code hosting platform GitHub has announced the introduction of a direct channel for security researchers to report vulnerabilities in public repositories that allow it. The new private vulnerability reporting capability enables repository maintainers to allow security researchers to report to them any vulnerabilities identified in their code. Some repositories may contain specific instructions on how the maintainers can be contacted for vulnerability reporting, but for those that do not, researchers often report issues publicly.…

Read More