CyberSecure Specialist

25 Mar

CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities

Attacks, Insights, Malware

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating SQL Injection Vulnerabilities in Software. This Alert was crafted in response to a recent, well-publicized exploitation of SQL injection (SQLi) defects in a managed file transfer application that impacted thousands of organizations. Additionally, the Alert highlights the prevalence of this class of vulnerability. Despite widespread knowledge and documentation of SQLi vulnerabilities over the past two decades, along with…

Read More
23 Mar

Rescoms rides waves of AceCryptor spam

Information

Last year ESET published a blogpost about AceCryptor – one of the most popular and prevalent cryptors-as-a-service (CaaS) operating since 2016. For H1 2023 we published statistics from our telemetry, according to which trends from previous periods continued without drastic changes. However, in H2 2023 we registered a significant change in how AceCryptor is used. Not only we have seen and blocked over double the attacks in H2 2023 in comparison with H1 2023, but…

Read More
23 Mar

AceCryptor attacks surge in Europe – Week in security with Tony Anscombe

Information

Video The second half of 2023 saw massive growth in AceCryptor-packed malware spreading in the wild, including courtesy of multiple spam campaigns where AceCryptor packed the Rescoms RAT 22 Mar 2024 This week, ESET researchers released an analysis showing a surge in the detections of AceCryptor, one of the most popular cryptors-as-a-service (CaaS) used to help malware stay under the radar. All along, ESET has observed that attackers spreading the Rescoms remote access tool (RAT)…

Read More
22 Mar

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Information, Insights

The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep’s CEO to admit that he has founded dozens of people-search networks over the years. Mozilla Monitor. Image Mozilla Monitor Plus video on Youtube. Mozilla only…

Read More
21 Mar

CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques

Attacks, Insights, Malware

Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, to address the specific needs and challenges faced by organizations in defending against DDoS attacks. The guidance now includes detailed insight into three different types of DDoS techniques:  Volumetric, attacks aiming to consume available bandwidth.  Protocol, attacks which exploit vulnerabilities in network protocols.  Application, attacks targeting…

Read More
21 Mar

Protecting Model Updates in Privacy-Preserving Federated Learning

Insights

In our second post we described attacks on models and the concepts of input privacy and output privacy. ln our last post, we described horizontal and vertical partitioning of data in privacy-preserving federated learning (PPFL) systems. In this post, we explore the problem of providing input privacy in PPFL systems for the horizontally-partitioned setting. Models, training, and aggregation To explore techniques for input privacy in PPFL, we first have to be more precise about the…

Read More
21 Mar

Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry

Attacks, Insights, Malware

Ivanti has released security advisories to address vulnerabilities in Ivanti Neurons for ITSM and Standalone Sentry. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Ivanti advisories and apply the necessary updates:  CVE-2023-46808 (Authenticated Remote File Write) for Ivanti Neurons for ITSM CVE-2023-41724 (Remote Code Execution) for Ivanti Standalone Sentry

Read More
20 Mar

The Not-so-True People-Search Network from China

Information, Insights

It’s not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it’s not every day you run across a US-focused people-search network based in China whose principal owners all appear to be completely fabricated identities. Responding to a reader inquiry concerning the trustworthiness…

Read More
20 Mar

A prescription for privacy protection: Exercise caution when using a mobile health app

Information

Privacy Given the unhealthy data-collection habits of some mHealth apps, you’re well advised to tread carefully when choosing with whom you share some of your most sensitive data Phil Muncaster 19 Mar 2024  •  , 5 min. read In today’s digital economy there’s an app for just about everything. One area that’s booming more than most is healthcare. From period and fertility trackers to mental health and mindfulness, there are mobile health (mHealth) applications available…

Read More
19 Mar

CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity

Attacks, Insights, Malware

Today, CISA, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other U.S. and international partners are issuing a joint fact sheet, People’s Republic of China State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders. Partners of this publication include:  U.S. Department of Energy (DOE)  U.S. Environmental Protection Agency (EPA)  U.S. Transportation Security Administration (TSA)  U.S. Department of Treasury   Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC)  Canadian Centre for Cyber Security (CCCS)…

Read More