CyberSecure Specialist

13 Aug

Ivanti Releases Security Updates for Avalanche, Neurons for ITSM, and Virtual Traffic Manager

Attacks, Insights, Malware

Ivanti released security updates to address multiple vulnerabilities in Ivanti Avalanche, Neurons for ITSM, and Virtual Traffic Manager (vTM).  A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Ivanti advises users to reduce their attack surface and follow industry best practices by adhering to Ivanti’s network configuration guidance to restrict access to the management interface.  CISA encourages users and administrators to review the following Ivanti advisories and…

Read More
13 Aug

Microsoft Releases August 2024 Security Updates

Attacks, Insights, Malware

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft Security Update Guide for August

Read More
13 Aug

CISA Releases Ten Industrial Control Systems Advisories

Attacks, Insights, Malware

CISA released ten Industrial Control Systems (ICS) advisories on August 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-226-01 AVEVA SuiteLink Server ICSA-24-226-02 Rockwell Automation AADvance Standalone OPC-DA Server ICSA-24-226-03 Rockwell Automation GuardLogix/ControlLogix 5580 Controller  ICSA-24-226-04 Rockwell Automation Pavilion8 ICSA-24-226-05 Rockwell Automation DataMosaix Private Cloud ICSA-24-226-06 Rockwell Automation FactoryTalk View Site Edition ICSA-24-226-07 Rockwell Automation Micro850/870 ICSA-24-226-08 Ocean Data Systems Dream Report ICSA-24-226-09 Rockwell Automation ControlLogix, GuardLogix…

Read More
11 Aug

Black Hat USA 2024: All eyes on election security

Information

Critical Infrastructure In this high-stakes year for democracy, the importance of robust election safeguards and national cybersecurity strategies cannot be understated Tony Anscombe 09 Aug 2024  •  , 3 min. read The mention of election security, especially in a year where the majority of the world is destined to vote, brings to mind images of a voting machine or even some form of subversion of online voting or counting processes. So it was not a…

Read More
11 Aug

Black Hat USA 2024 recap – Week in security with Tony Anscombe

Information

Video Unsurprisingly, many discussions focused on the implications of the recent CrowdStrike outage, including the lessons it may have offered for bad actors 09 Aug 2024 This week was that time of the year when thousands of cybersecurity experts descended on Las Vegas to attend Black Hat USA, one of the world’s top cybersecurity conferences. With a large proportion of the world’s population going to the polls this year, one of the keynotes focused on…

Read More
09 Aug

Black Hat USA 2024: How cyber insurance is shaping cybersecurity strategies

Information

Business Security Cyber insurance is not only a safety net, but it can also be a catalyst for advancing security practices and standards Tony Anscombe 08 Aug 2024  •  , 3 min. read If there was ever any doubt about the relationship between cybersecurity and the cyber insurance industry, then Black Hat USA 2024 dispelled it. A full afternoon on a main stage was dedicated to the cyber insurance industry, allowing them to share their…

Read More
08 Aug

Why tech-savvy leadership is key to cyber insurance readiness

Information

Business Security Having knowledgeable leaders at the helm is crucial for protecting the organization and securing the best possible cyber insurance coverage Tony Anscombe 07 Aug 2024  •  , 4 min. read The board does not understand cybersecurity – that’s not so anymore. Prior to the pandemic, the CISO and cybersecurity team were seen as the geeks in the room down the hall who always said no. Even post-pandemic, while there is appreciation that cybersecurity…

Read More
08 Aug

Best Practices for Cisco Device Configuration

Attacks, Insights, Malware

In recent incidents, CISA has seen malicious cyber actors acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature. CISA recommends organizations disable Smart Install and review NSA’s Smart Install Protocol Misuse advisory and Network Infrastructure Security Guide for configuration guidance.  CISA also continues to see weak password types used on Cisco network devices. A Cisco password type is the type of algorithm used…

Read More
07 Aug

Cybercrime Rapper Sues Bank over Fraud Investigation

Information, Insights

A partial selfie posted by Puchmade Dev to his Twitter account. Yes, that is a functioning handheld card skimming device, encrusted in diamonds. Underneath that are more medallions, including a diamond-studded bitcoin and payment card. In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. The subject of…

Read More
07 Aug

Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory

Attacks, Insights, Malware

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI)—released an update to joint Cybersecurity Advisory #StopRansomware: Royal Ransomware, #StopRansomware: BlackSuit (Royal) Ransomware. The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit and legacy Royal activity. FBI investigations identified these TTPs and IOCs as recently as July 2024. BlackSuit ransomware attacks have spread across numerous critical infrastructure sectors including, but…

Read More