CyberSecure Specialist

Malware Analysis Strives To Outpace Enterprise Digitalization

An increase in enterprise phishing threats and malware delivery has boosted demand for malware analysis. Malware analysis is the process by which the purpose and functionality of malware samples are analyzed and determined. The information gathered from the malware analysis provides insights into developing an effective detection technique for the malicious code. In addition, it is an essential element for developing the efficient removal tools that can ultimately eliminate malware from an infected system. Mobile…

Read More

#StopRansomware: Daixin Team

Original release date: October 21, 2022 CISA, the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Daixin Team to provide information on the “Daixin Team,” a cybercrime group actively targeting U.S. businesses, predominantly in the Healthcare and Public Health (HPH) Sector, with ransomware and data extortion operations. This joint CSA provides Daixin actors’ tactics, techniques, and procedures (TTPs) and indicators of…

Read More

New Variant of FurBall Android Malware Seen from Iranian Domestic Kitten (APT-C-50)

The latest campaign by Domestic Kitten not only highlights the rise of using phishing as an initial attack vector, but also the growing mobile malware market. This form of malware should be on the radar of every enterprise, especially ones with Bring-Your-Own-Device (BYOD) policies, as there are limited ways for an employer to monitor their employees’ mobile devices. With the growing threat of malware targeting mobile devices, it is becoming more and more likely that…

Read More

Detained Iranian Protester Phones Infected with I3mon Malware

Installing a strong mobile antivirus solution is advised. Vetting apps before downloading them and monitoring application permissions are highly suggested as well. Unused apps that are given unnecessary permissions should be deleted as a preventative measure. If a device is believed to have been infected, getting a new device, or running a hard factory reset should be considered. Smartphones of Iran’s protest detainees targeted with spyware

Read More

Health System Data Breach Due to Meta Pixel Hits 3 million Patients

AAH reported that the breach affected 3 million people to the U.S. Department of Health, which listed it on its breach report portal. Analysts Notes: The healthcare provider has disabled the Pixel tracker on all systems and is implementing safeguards to prevent a similar exposure from happening again. Patients are advised to use their web browsers’ tracker-blocking features or use incognito mode when logging in on medical portals. Those with a Facebook or Google account…

Read More

Cisco Releases Security Update for Cisco Identity Services Engine 

Original release date: October 21, 2022 Cisco has released a security update to address vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page.  CISA encourages users and administrators to review Cisco Advisory cisco-sa-ise-path-trav-Dz5dpzyM and apply the necessary updates. This product is provided subject to this Notification and this Privacy &…

Read More

FBI Warns of Iranian Cyber Firm’s Hack-and-Leak Operations

The Federal Bureau of Investigation on Thursday issued an alert to warn that Iranian cyber group Emennet Pasargad is targeting organizations to steal their data and leak it online. Previously known as Eeleyanet Gostar and Net Peygard Samavat, Emennet Pasargad is an organization that often changes its name to avoid US sanctions, and which is known for providing cybersecurity services to government entities in Iran. In November 2020, the US warned that Iranian hackers exploited…

Read More

Data of 3 Million Advocate Aurora Health Patients Exposed via Malformed Pixel

Non-profit healthcare provider Advocate Aurora Health is informing 3 million individuals that a malformed tracking pixel has inadvertently exposed protected health information (PHI) to Facebook or Google. Headquartered in Milwaukee, Wisconsin, and Downers Grove, Illinois, Advocate Aurora Health operates 26 hospitals and over 500 sites of care, and has more than 75,000 employees. In a data breach notification on its website, the healthcare system is informing patients that an incorrectly configured tracking pixel – placed…

Read More

It’s time to prioritize SaaS security

We’ve made a point of shoring up security for infrastructure-as-a-service clouds since they are so complex and have so many moving parts. Unfortunately, the many software-as-a-service systems in use for more than 20 years now have fallen down the cloud security priority list. Organizations are making a lot of assumptions about SaaS security. At their essence, SaaS systems are applications that run remotely, with data stored on back-end systems that the SaaS provider encrypts on…

Read More

IoT security strategy from enterprises using connected devices

Freeman Health System has around 8,000 connected medical devices in its 30 facilities in Missouri, Oklahoma, and Kansas. Many of these devices have the potential to turn deadly at any moment. “That’s the doomsday scenario that everyone is afraid of,” says Skip Rollins, the hospital chain’s CIO and CISO. Rollins would love to be able to scan the devices for vulnerabilities and install security software on them to ensure that they aren’t being hacked. But…

Read More