CyberSecure Specialist

10 common security mistakes and how to avoid them

Do you put yourself at greater risk for successful attacks by making one of these security mistakes? How much of your personal time do you spend online? The answer may be a lot more than you think. One recent study estimated that Brits spend five hours on average each day glued to their screens, not including work time. It found that those aged 16-24 spend over 2,500 hours per year on Instagram alone. In fact,…

Read More

Toward the cutting edge: SMBs contemplating enterprise security

Survey finds SMBs, weary of security failures, curious about detection and response How a company sees its digital security preparedness is critical. Conservative companies might follow the crowd, implementing a necessary minimum to ensure nominal security, and perhaps that’s the right choice for their business. Margins could be tight, or growth might not call for an outsized security budget. Maybe digitization has spared their business segment or processes more than others. In contrast, perhaps growth…

Read More

Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

by Paul Ducklin Remember those Exchange zero-days that emerged in a blaze of publicity back in September 2022? Those flaws, and attacks based on them, were wittily but misleadingly dubbed ProxyNotShell because the vulnerabilities involved were reminiscent of the ProxyShell security flaw in Exchange that hit the news in August 2021. Fortunately, unlike ProxyShell, the new bugs weren’t directly exploitable by anyone with an internet connection and a misguided sense of cybersecurity adventure. This time,…

Read More

Emergency code execution patch from Apple – but not an 0-day

by Paul Ducklin No sooner had we stopped to catch our breath after reviewing the latest 62 patches (or 64, depending on how you count) dropped by Microsoft on Patch Tuesday… …than Apple’s latest security bulletins landed in our inbox. This time there were just two reported fixes: for mobile devices running the latest iOS or iPadOS, and for Macs running the latest macOS incarnation, version 13, better known as Ventura. To summarise what are…

Read More

CISA Releases Twenty Industrial Control Systems Advisories

Original release date: November 10, 2022 CISA has released twenty (20) Industrial Control Systems (ICS) advisories on November 10, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-314-01 Siemens Parasolid ICSA-22-314-02 Siemens Missing Web Server Login Page of Industrial Controllers ICSA-22-314-03 Siemens SINEC Network Management System Logback Component ICSA-22-314-04 Siemens SINUMERIK…

Read More

Analysis of Russian Cyberspy Attacks Leads to Discovery of Windows Vulnerability

An analysis of the numerous LDAP queries that Russian cyberespionage group APT29 had made to the Active Directory system has led to the discovery of a vulnerability in Windows’ ‘credential roaming’ functionality. Also referred to as Cozy Bear, the Dukes, and Yttrium, APT29 is a Russian cyberespionage group likely sponsored by the Russian Foreign Intelligence Service (SVR). The group is believed to be responsible for multiple high-profile attacks, including the 2016 targeting of the Democratic…

Read More

PCI DSS 4.0 is coming: how to prepare for the looming changes to credit card payment rules

For enterprises that handle credit card data, which means just about every consumer-facing company, payment processing is a mission-critical system that requires the highest levels of security. The volume of transactions conducted with general purpose credit cards (American Express, Discover, Mastercard, Visa, UnionPay in China, and JCB in Japan) totaled $581 billion in 2021, up 24.5% year-over-year, according to the Nilson Report. However, credit card issuers, merchants, banks, and third-party transaction processors lost $28.58 billion…

Read More

Microsoft Releases November 2022 Security Updates

Original release date: November 9, 2022 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s November 2022 Security Update Guide and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More

Okta streamlines IAM portfolio with consumer identity management cloud

Potential access management customers got a new option from Okta Wednesday, as the identity and access management (IAM) provider announced a newly streamlined Consumer Identity Cloud system designed to simplify the deployment and use of its various products. Okta said that the new cloud program is split into two main components—those aimed at providing identity validation services for consumers, and those aimed at enterprise customers. The former is focused on providing high-security options for online…

Read More

Researchers show techniques for malware persistence on F5 and Citrix load balancers

Over the past several years, hackers have targeted public-facing network devices such as routers, VPN concentrators, and load balancers to gain a foothold into corporate networks. While finding remote code execution vulnerabilities in such devices is not uncommon, incidents where attackers were able to deploy malware on them that can survive restarts or firmware upgrades have been rare and generally attributed with sophisticated APT groups. Because they use flash memory that degrades over time if…

Read More