CyberSecure Specialist

10 Mar

APT attacks taking aim at Tibetans – Week in security with Tony Anscombe

Information

Video Evasive Panda has been spotted targeting Tibetans in several countries and territories with payloads that included a previously undocumented backdoor ESET has named Nightdoor 08 Mar 2024 This week, ESET researchers released their analysis of how an Advanced Persistent Threat (APT) group targeted Tibetans via watering hole and supply-chain attacks. The cyberespionage campaign – which ESET attributed with high confidence to the China-aligned Evasive Panda group – leveraged a religious gathering known as the…

Read More
09 Mar

Evasive Panda leverages Monlam Festival to target Tibetans

Information

ESET researchers discovered a cyberespionage campaign that, since at least September 2023, has been victimizing Tibetans through a targeted watering hole (also known as a strategic web compromise), and a supply-chain compromise to deliver trojanized installers of Tibetan language translation software. The attackers aimed to deploy malicious downloaders for Windows and macOS to compromise website visitors with MgBot and a backdoor that, to the best of our knowledge, has not been publicly documented yet; we…

Read More
08 Mar

A Close Up Look at the Consumer Data Broker Radaris

Information, Insights

If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the co-founders of Radaris operate multiple Russian-language dating services and affiliate programs. It also appears many of their businesses have ties to a…

Read More
08 Mar

Apple Released Security Updates for Multiple Products

Attacks, Insights, Malware

Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply the necessary updates:  Safari 17.4  macOS Sonoma 14.4  macOS Ventura 13.6.5  macOS Monterey 12.7.4  watchOS 10.4  tvOS 17.4  visionOS 1.1 

Read More
08 Mar

Top 10 scams targeting seniors – and how to keep your money safe

Information

Scams The internet can be a wonderful place. But it’s also awash with fraudsters targeting people who are susceptible to fraud. Phil Muncaster 06 Mar 2024  •  , 5 min. read We’re all getting older. That’s good news for digital fraudsters, who see rich pickings to be had in a rapidly ageing society. They’re increasingly targeting senior citizens because they suspect these targets to have more money to steal, but potentially less digital savvy to…

Read More
07 Mar

CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog

Attacks, Insights, Malware

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27198 JetBrains TeamCity Authentication Bypass Vulnerability CISA urges organizations to review the following JetBrains blog post and apply the necessary updates: Additional Critical Security Issues Affecting TeamCity On-Premises (CVE-2024-27198 and CVE-2024-27199) – Update to 2023.11.4 Now. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational…

Read More
07 Mar

Cisco Releases Security Updates for Secure Client

Attacks, Insights, Malware

Cisco released security updates to address vulnerabilities in Cisco Secure Client and Secure Client for Linux. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following security releases and apply the necessary updates:  Cisco Secure Client Carriage Return Line Feed Injection Vulnerability  Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation Vulnerability

Read More
07 Mar

CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices

Attacks, Insights, Malware

Today, CISA and the National Security Agency (NSA) released five joint Cybersecurity Information Sheets (CSIs) to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environment(s). Use Secure Cloud Identity and Access Management Practices Use Secure Cloud Key Management Practices Implement Network Segmentation and Encryption in Cloud Environments Secure Data in the Cloud Mitigate Risks from Managed Service Providers in Cloud Environments CISA and NSA encourage all organizations to…

Read More
07 Mar

Irresistible: Hooks, habits and why you can’t put down your phone

Information

How often do you go somewhere without your phone? And how do you feel when you go somewhere with no signal? Let’s be honest, the majority of us would admit that going without our beloved devices close at hand causes a lot of stress. And the stats show it: studies show that nomophobia, the fear of being without our digital devices, impacts over 90% of us! But why have our smartphones become our constant companions?…

Read More
06 Mar

VMware Releases Security Advisory for Multiple Products

Attacks, Insights, Malware

VMware released a security advisory to address multiple vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following VMware security advisory and apply the necessary updates: VMSA-2024-0006

Read More