CyberSecure Specialist

25 Sep

ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises

Attacks, Insights, Malware

Today, the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), the Cybersecurity and Infrastructure Security Agency (CISA), and other U.S. and international partners released the joint guide Detecting and Mitigating Active Directory Compromises. This guide informs organizations of recommended strategies to mitigate common techniques used by malicious actors to compromise Active Directory. Active Directory is the most widely used authentication and authorization solution in enterprise information technology (IT) networks globally. Malicious actors routinely target…

Read More
25 Sep

Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means

Attacks, Insights, Malware

CISA continues to respond to active exploitation of internet-accessible operational technology (OT) and industrial control systems (ICS) devices, including those in the Water and Wastewater Systems (WWS) Sector. Exposed and vulnerable OT/ICS systems may allow cyber threat actors to use default credentials, conduct brute force attacks, or use other unsophisticated methods to access these devices and cause harm.    CISA urges OT/ICS operators in critical infrastructure sectors to apply the recommendations listed in Defending OT Operations…

Read More
21 Sep

FBI, CISA warning over false claims of hacked voter data – Week in security with Tony Anscombe

Information

Video With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process 20 Sep 2024 With just weeks to go before the US presidential election, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are urging the public to ignore claims of stolen voter information. The agencies emphasize that “having access to voter registration data…

Read More
20 Sep

Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6)

Information

Video How do analyst relations professionals ‘sort through the noise’ and help deliver the not-so-secret sauce for a company’s success? We spoke with ESET’s expert to find out. 19 Sep 2024 The sixth episode of ESET’s Unlocked 403 cybersecurity podcast has host Alžbeta Kovaľová picking the brains of Zuzana Legáthová, ESET’s Senior Manager of Analyst and Tester Relations, about topics that run the gamut: Zuzana’s role at ESET and the importance of analyst relations programs…

Read More
20 Sep

Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229

Attacks, Insights, Malware

Versa Networks has released an advisory for a vulnerability (CVE-2024-45229) affecting Versa Director. A cyber threat actor could exploit this vulnerability to exercise unauthorized REST APIs. CISA urges organizations to apply necessary updates, hunt for any malicious activity, report any positive findings to CISA, and review the following for more information: Versa Advisory

Read More
19 Sep

This Windows PowerShell Phish Has Scary Potential

Information, Insights

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it’s unlikely that many programmers fell for this scam, it’s notable because less targeted versions of it are likely to be far more successful against the average…

Read More
19 Sep

ESET Research Podcast: EvilVideo

Information

ESET Research ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos ESET Research 17 Sep 2024  •  , 1 min. read Telegram, with nearly a billion monthly users, is a juicy target for cybercriminals, especially if they can exploit a zero-day vulnerability to spread malicious code. ESET malware researcher Lukáš Štefanko ran into one such exploit – which ESET named EvilVideo –…

Read More
19 Sep

Understanding cyber-incident disclosure

Information

Business Security Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help Tony Anscombe 18 Sep 2024  •  , 4 min. read ‘Seek legal advice’, this has to be my top recommendation if you have suffered a cyber-incident that could be deemed material, involves personally identifiable information, or if your business is classed as critical infrastructure. Cybersecurity teams around the globe are…

Read More
19 Sep

Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance

Attacks, Insights, Malware

Ivanti has released a security update to address an admin bypass vulnerability (CVE-2024-8963) affecting Ivanti Cloud Services Appliance (CSA) version 4.6.  A cyber threat actor could exploit this vulnerability in conjunction with CVE-2024-8190–detailed in a Sept. 13 Ivanti security advisory–to take control of an affected system. This vulnerability impacts all versions prior to patch 519. Ivanti has confirmed limited exploitation and recommends that users upgrade to CSA version 5.0, as version 4.6 is end-of-life and…

Read More
19 Sep

Managing Cybersecurity and Privacy Risks in the Age of Artificial Intelligence: Launching a New Program at NIST

Insights

The rapid proliferation of Artificial Intelligence (AI) promises significant value for industry, consumers, and broader society, but as with many technologies, new risks  from these advancements in AI must be managed to realize it’s full potential. The NIST AI Risk Management Framework  (AI RMF) was developed to manage the benefits and risks to individuals, organizations, and society associated with AI and covers a wide range of risk ranging from safety to lack of transparency and accountability.…

Read More