CyberSecure Specialist

Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium

ESET researchers have discovered Lazarus attacks against targets in the Netherlands and Belgium that use spearphishing emails connected to fake job offers ESET researchers uncovered and analyzed a set of malicious tools that were used by the infamous Lazarus APT group in attacks during the autumn of 2021. The campaign started with spearphishing emails containing malicious Amazon-themed documents and targeted an employee of an aerospace company in the Netherlands, and a political journalist in Belgium.…

Read More

Clearview AI image-scraping face recognition service hit with €20m fine in France

by Paul Ducklin The Clearview AI saga continues! If you haven’t heard of this company before, here’s a very clear and concise recap from the French privacy regulator, CNIL (Commission Nationale de l’Informatique et des Libertés), which has very handily been publishing its findings and rulings in this long-running story in both French and English: Clearview AI collects photographs from many websites, including social media. It collects all the photographs that are directly accessible on…

Read More

US Charges Ukrainian ‘Raccoon Infostealer’ With Cybercrimes

A Ukrainian man has been charged with computer fraud for allegedly infecting millions of computers with malware in a cybercrime operation known as “Raccoon Infostealer,” the US Justice Department said Tuesday. Mark Sokolovsky, 26, is being held in the Netherlands and the United States is seeking his extradition, the department said in a statement. It said Raccoon Infostealer malware was leased to cybercriminals for $200 a month, payable in cryptocurrency. The malware was then installed…

Read More

LogCrusher and OverLog Vulnerabilities Impacting Windows Event Log Disclosed

Since both vulnerabilities were addressed in this month’s Patch Tuesday, companies should look to patching all their Windows devices as soon as their patch management procedure allows. Additionally, it can be a good idea to implement file system and service monitoring on workstations and servers. Tools such as osquery can do this; in general, such tools can empower Administrators to more effectively understand the activity occurring on the systems for which they are responsible. https://thehackernews.com/2022/10/researchers-detail-windows-event-log.html

Read More

Cryptomining Campaign Abuses Free DevOps solutions

While this campaign targets free services, Binary Defense researchers have observed an uptick in the number of compromises of cloud services like AWS or Azure to mine cryptocurrency. These attacks are effectively theft and can leave organizations with a large bill.For example, a developer in Seattle incurred a bill for over $53,000 which was normally a $100-$150 per month. In another case, a California College student was sent a bill for $55,000.It is highly recommended…

Read More

Google Chrome Announces End of Support for Windows 7 and 8.1

Ensuring that systems are up to date and stay up to date is a key component of staying protected from cyber threats. When notices such as end of support are released, it is important that anyone running affected systems ensure that they are aware of the timeframe they face and begin the proper steps in upgrading affected systems to newer versions. Anyone that keeps running outdated and unsupported versions maintains a higher risk for becoming…

Read More

CISA Has Added One Known Exploited Vulnerability to Catalog    

Original release date: October 25, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.       Binding Operational Directive…

Read More

CISA Releases Eight Industrial Control Systems Advisories

Original release date: October 25, 2022 CISA has released eight (8) Industrial Control Systems (ICS) advisories on October 25, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: •    ICSMA-22-298-01 AliveCor KardiaMobile •    ICSA-22-298-01 Haas Controller •    ICSA-22-298-02 HEIDENHAIN Controller TNC •    ICSA-22-298-03 Siemens Siveillance Video Mobile Server •    ICSA-22-298-04 Hitachi Energy…

Read More

CISA Upgrades to Version 2.0 of Traffic Light Protocol in One Week – Join Us!

Original release date: October 25, 2022 On Nov. 1, 2022, CISA will upgrade from Traffic Light Protocol (TLP) 1.0 to TLP 2.0 in accordance with the recommendation by the Forum of Incident Response Security Teams (FIRST) that organizations move to 2.0 by the end of 2022. TLP Version 2.0 brings the following key updates: TLP:CLEAR replaces TLP:WHITE for publicly releasable information. TLP:AMBER+STRICT supplements TLP:AMBER, clarifying when information  may be shared with the recipient’s organization only. CISA…

Read More

Why Employers Should Embrace Competency-Based Learning in Cybersecurity

Credit: Shutterstock/EtiAmmos There is a growing movement toward increasing the use of competency and skills-based education and hiring practices in both the public and private sectors. For example, the Executive Order on Modernizing and Reforming the Assessment and Hiring of Federal Job Candidates calls upon the Federal Government to “ensure that the individuals most capable of performing the roles and responsibilities required of a specific position are those hired for that position”—resulting in “merit-based reforms…

Read More