CyberSecure Specialist

Chrome issues urgent zero-day fix – update now!

by Paul Ducklin Google pushed out a bunch of security fixes for the Chrome and Chromium browser code earlier this week… …only to receive a vulnerability report from researchers at cybersecurity company Avast on the very same day. Google’s response was to push out another update as soon as it could: a one-bug fix dealing with CVE-2022-3723, described with Google’s customary we-can-neither-confirm-nor-deny legalism saying: Google is aware of reports that an exploit for CVE-2022-3723 exists…

Read More

Third‑party cookies: How they work and how to stop them from tracking you across the web

Cross-site tracking cookies have a bleak future but can still cause privacy woes to unwary users For many years, privacy advocates have been sounding the alarm on the use of cookies to track, profile, and serve personalized ads to web users. The discussion has been especially acute over cookies used for cross-site tracking, in which a website leaks or offers visitor data to third-party services included in the site. In response, some of the major…

Read More

Rising to the challenges of secure coding – Week in security with Tony Anscombe

The news seems awash this week with reports of both Microsoft and Apple scrambling to patch security flaws in their products The news seems awash this week with tech companies scrambling to patch security vulnerabilities in their software. This month’s Patch Tuesday saw Microsoft plug 64 security holes, including a zero-day that is being actively exploited in the wild. Apple also joined the party, issuing security updates for both iOS and macOS and also plugging…

Read More

Courts vs. cybercrime – Week in security with Tony Anscombe

A look at a recent string of law enforcement actions directed against (in some cases suspected) perpetrators of various types of cybercrime A Canadian, a Nigerian, a Brit and a Ukrainian – what’s the connection? As Cybersecurity Awareness Month draws to a close, we look at a recent string of law enforcement actions directed against (in some cases alleged) perpetrators of various types of cybercrime. Watch the video to learn more about: a court sentence handed…

Read More

Updates to Apple’s zero-day update story – iPhone and iPad users read this!

by Paul Ducklin Regular readers will know two things about our attitude to Apple’s security patches: We like to get them as soon as we can. Whether it’s a full version upgrade that also includes a bunch of security fixes, or a point release (one where the leftmost verion number doesn’t change) with the primary purpose of patching bugs rather than adding new features, we’d rather err on the side of applying known security fixes…

Read More

Apple Fixes Recently Disclosed Zero-day on Older iPhones, iPads

Even though this zero-day was most likely only used in targeted attacks, it’s strongly suggested to patch even older devices as soon as possible to block potential attack attempts. The impacted devices include iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). Apple disclosed the security flaw “may have been actively exploited” in the wild but…

Read More

Raspberry Robin Operators Selling Access To Companies

This switch in tactics by the Clop threat group is not uncommon amongst these groups. Rapidly changing tactics and leveraging dark web Malware-as-a-Service (MaaS) offerings allows threat groups to infect companies at a faster rate since they do not have to wait on a successful phishing campaign. Illicit access is frequently brokered in the underground economy. To mitigate the risks of attacks similar to Raspberry Robin, a good rule amongst organizations is to never use…

Read More

CraneFly Hacking Group using Microsoft IIS Web Server Logs to Control Malware

As time progresses, threat actors continue to discover novel ways to evade detection. Now that this technique has been discovered, it seems to be quite simple to detect; modify any preexisting IIS monitoring detections to search for keywords such as “wrde”, “exo”, and “cllo”. In this case, it may be better to search IIS log files being written to temp folders, since it would be relatively easy for malware operators to change these keywords. This…

Read More

Phishing attacks increase by over 31% in third quarter: Report

Email security and threat detection company Vade has found that phishing emails in the third quarter this year increased by more than 31% quarter on quarter, with the number of emails containing malware in the first three quarters surpassing the 2021 level by 55.8 million. Malware emails in the third quarter of 2022 alone increased by 217% compared to same period in 2021. Malware email volume peaked in July, reaching 19.2 million, before month-over-month declines…

Read More

Indianapolis Low-Income Housing Agency Hit by Ransomware

The federal agency that provides low-income housing in Indianapolis is facing a ransomware attack that’s delayed its ability to send out rent payments to landlords, a top agency official says. All employees of the Indianapolis Housing Agency lost access to their email during the attack, which began weeks ago. That includes its executive director, Marcia Lewis, who lost access to her email for days but regained access to it Tuesday, The Indianapolis Star reported, citing…

Read More