CyberSecure Specialist

14 Sep

CosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony Anscombe

Information

Video, Ransomware ESET research also finds that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends 13 Sep 2024 This week, ESET researchers published a deep dive into the recent activities of the CosmicBeetle cybercrime group. Among other notable things, CosmicBeetle was found to abuse the infamy of the LockBit ransomware gang for its own ends. Also, the analysis revealed that CosmicBeetle is likely to be a new…

Read More
13 Sep

The Dark Nexus Between Harm Groups and ‘The Com’

Information, Insights

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023. It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that…

Read More
13 Sep

Ivanti Releases Security Update for Cloud Services Appliance

Attacks, Insights, Malware

Ivanti has released a security update addressing an OS command injection vulnerability (CVE-2024-8190) affecting Ivanti Cloud Services Appliance (CSA) 4.6 (all versions before patch 519). A cyber threat actor could exploit this vulnerability to take control of an affected system.   At this time, Ivanti has confirmed limited exploitation and urges its customers using the affected versions to upgrade to CSA version 5.0. Ivanti no longer supports CSA 4.6 (end-of-life).  CISA recommends users and administrators review…

Read More
13 Sep

CISA Releases Analysis of FY23 Risk and Vulnerability Assessments

Attacks, Insights, Malware

CISA has released an analysis and infographic detailing the findings from the 143 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2023 (FY23). The analysis details a sample attack path including tactics and steps a cyber threat actor could follow to compromise an organization with weaknesses representative of those CISA observed in FY23 RVAs. The infographic highlights the most successful techniques for each tactic that RVAs documented. Both the…

Read More
12 Sep

6 common Geek Squad scams and how to defend against them

Information

Scams Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks Phil Muncaster 11 Sep 2024  •  , 5 min. read For three decades, Geek Squad has been a trusted name in tech for anyone needing IT support. The Best Buy subsidiary dispenses diagnostics, repairs and advice to consumers across the US in-store and online – including 24-hour emergency support. But like many…

Read More
12 Sep

CISA Releases Twenty-Five Industrial Control Systems Advisories

Attacks, Insights, Malware

CISA released twenty-five Industrial Control Systems (ICS) advisories on September 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-256-01 Siemens SINEMA Remote Connect Server ICSA-24-256-02 Siemens SINUMERIK ONE, SINUMERIK 840D and SINUMERIK 828D ICSA-24-256-03 Siemens User Management Component (UMC) ICSA-24-256-04 Siemens SINUMERIK Systems ICSA-24-256-05 Siemens Mendix Runtime ICSA-24-256-06 Siemens Automation License Manager ICSA-24-256-07 Siemens SIMATIC RFID Readers ICSA-24-256-08 Siemens Industrial Products ICSA-24-256-09 Siemens SIMATIC, SIPLUS, and TIM…

Read More
11 Sep

CosmicBeetle steps up: Probation period at RansomHub

Information

ESET researchers have mapped the recent activities of the CosmicBeetle threat actor, documenting its new ScRansom ransomware and highlighting connections to other well-established ransomware gangs. CosmicBeetle actively deploys ScRansom to SMBs in various parts of the world. While not being top notch, the threat actor is able to compromise interesting targets. CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved. We have also observed the threat actor using the leaked LockBit…

Read More
10 Sep

Bug Left Some Windows PCs Dangerously Unpatched

Information, Insights

Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year. By far the most curious security weakness Microsoft disclosed today has the snappy name of CVE-2024-43491, which Microsoft…

Read More
10 Sep

Microsoft Releases September 2024 Security Updates

Attacks, Insights, Malware

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft Security Update Guide for September

Read More
10 Sep

Ivanti Releases Security Updates for Endpoint Manager, Cloud Service Application, and Workspace Control

Attacks, Insights, Malware

Ivanti released security updates to address multiple vulnerabilities in Ivanti Endpoint Manager, Cloud Service Application 4.6, and Workspace Control. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Ivanti advisories and apply the necessary guidance and updates:  Ivanti Endpoint Manager Ivanti Cloud Service Application 4.6 Ivanti Workspace Control

Read More