CyberSecure Specialist

22 May

Untangling the hiring dilemma: How security solutions free up HR processes

Information

Business Security The prerequisites for becoming a security elite create a skills ceiling that is tough to break through – especially when it comes to hiring skilled EDR or XDR operators. How can businesses crack this conundrum? Márk Szabó 21 May 2024  •  , 4 min. read Human resource professionals know that the market price for a skilled operator can go beyond what a company would want to allocate for such a hire. Simply, HR…

Read More
22 May

Check Your Wallet? How Mobile Driver’s Licenses are Changing Online Transactions

Insights

Can you recall the last time you opened a bank account? It’s likely you walked into a local bank branch and spoke to a representative who asked for your driver’s license and social security card to verify your identity. Now imagine you want to create a bank account online. The process is likely similar—type in your social security number, take a picture of your driver’s license, and submit both to the bank via their webpage.…

Read More
21 May

Why Your Wi-Fi Router Doubles as an Apple AirTag

Information, Insights

Image: Shutterstock. Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza,…

Read More
21 May

Rockwell Automation Encourages Customers to Assess and Secure Public-Internet-Exposed Assets

Attacks, Insights, Malware

Rockwell Automation has released guidance encouraging users to remove connectivity on all Industrial Control Systems (ICS) devices connected to the public-facing internet to reduce exposure to unauthorized or malicious cyber activity.  Users and administrators are encouraged review the following Rockwell Automation notice for more information:  SD1672: Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet to Protect from Cyber Threats 

Read More
18 May

The who, where, and how of APT attacks – Week in security with Tony Anscombe

Information

Video This week, ESET experts released several research publications that shine the spotlight on a number of notable campaigns and broader developments on the threat landscape 17 May 2024 This week, ESET experts released several research publications that shone the spotlight on a number of notable attacks and broader developments on the threat landscape. First, their new APT Activity Report reviewed the key aspects of sophisticated attacks as investigated by ESET researchers from October 2023…

Read More
17 May

To the Moon and back(doors): Lunar landing in diplomatic missions

Information

ESET researchers discovered two previously unknown backdoors – which we named LunarWeb and LunarMail – compromising a European ministry of foreign affairs (MFA) and its diplomatic missions abroad. We believe that the Lunar toolset has been used since at least 2020 and, given the similarities between the tools’ tactics, techniques, and procedures (TTPs) and past activities, we attribute these compromises to the infamous Russia-aligned cyberespionage group Turla, with medium confidence. We recently presented our insights…

Read More
16 May

Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain

Information

ESET Research One of the most advanced server-side malware campaigns is still growing, with hundreds of thousands of compromised servers, and it has diversified to include credit card and cryptocurrency theft Marc-Etienne M.Léveillé 14 May 2024  •  , 3 min. read Ten years ago we raised awareness of Ebury by publishing a white paper we called Operation Windigo, which documented a campaign that leveraged Linux malware for financial gain. Today we publish a follow-up paper…

Read More
16 May

ESET APT Activity Report Q4 2023–Q1 2024

Information

ESET Research, Threat Reports An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2023 and Q1 2024 Jean-Ian Boutin 14 May 2024  •  , 2 min. read ESET APT Activity Report Q4 2023–Q1 2024 summarizes notable activities of selected advanced persistent threat (APT) groups that were documented by ESET researchers from October 2023 until the end of March 2024. The highlighted operations are representative of the broader…

Read More
14 May

Patch Tuesday, May 2024 Edition

Information, Insights

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw. First, the zero-days. CVE-2024-30051 is an “elevation of privilege” bug in a core Windows library. Satnam Narang at Tenable…

Read More
14 May

CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources

Attacks, Insights, Malware

CISA, in partnership with the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with recommended actions and mitigations to reduce the risk of cyber intrusions. Additionally, the guide encourages software manufactures to actively implement and publicly commit to Secure by Design practices that are necessary to help protect vulnerable…

Read More