Attacks

03 Mar

Hatch Bank Suffers Data Breach After Third Party Vulnerability Exploited

Attacks, Malware

Hatch Bank has offered to provide free access to credit monitoring services for 12 months to any affected individuals. This attack is just one example of an incident involving a third-party service. Whenever an organization is looking to do business with a third-party company, they should go through their own security audit of the company before signing a contract. This can include paying for a penetration test or requesting recent penetration test results, as well…

Read More
03 Mar

Chinese Threat Actor Deploying New Custom “MQsTTang” Backdoor to Evade Detection

Attacks, Malware

The Message Queuing Telemetry Transport (MQTT) protocol is a protocol that is known as the standard for IoT messaging and occurs over port 1883. As IoT devices become more and more prevalent in an environment, this typically opens a greater number of potential vulnerabilities to be exploited as IoT devices are often more insecure. From an organizational standpoint, the best way to protect against this campaign would be to limit IoT devices in the environment…

Read More
03 Mar

IOTW: US Marshals Service suffers ransomware attack

Attacks, Data Breaches

The US Marshals Service (USMS), a federal law enforcement agency within the US Department of Justice (DoJ) has announced that it was the victim of a ransomware attack that compromised confidential information held by the agency.  The attack, which took place on February 17, saw “a ransomware and data exfiltration” attack launched against a “stand-alone USMS system”.  The system compromised in the attack held a number of sensitive documents, including “returns from legal process, administrative…

Read More
03 Mar

Today, the Federal Bureau of…

Attacks, Insights, Malware

Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as January 2023. Royal ransomware attacks have spread across numerous critical infrastructure sectors including, but not limited to, manufacturing, communications, healthcare and public healthcare (HPH),…

Read More
03 Mar

Cisco has released a security…

Attacks, Insights, Malware

Cisco has released a security advisory for vulnerabilities affecting the 6800, 7800, 7900, and 8800 Series of Cisco IP Phones. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following advisory and apply the necessary updates. Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities cisco-sa-ip-phone-cmd-inj-KMFynVcP…

Read More
03 Mar

CISA released five Industrial…

Attacks, Insights, Malware

CISA released five Industrial Control Systems (ICS) advisories on March 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.      CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:   ICSA-23-061-01 Mitsubishi Electric MELSEC Series ICSA-23-061-02 Baicells Nova ICSA-23-061-03 Rittal CMC III Access systems ICSMA-23-061-01 Medtronic Micro Clinician and InterStim Apps ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update…

Read More
02 Mar

Leaky Database puts Animaker Consumers at Risk

Attacks, Malware

Users of Animaker are advised to be vigilant of any suspicious activity related to their accounts. It is also recommended that users enable two-factor authentication and use unique passwords for their various online accounts to mitigate the risk of further data breaches. Companies who use storage buckets should be aware that security controls typically need to be created after the creation of the bucket. Video Marketing Software Animker Leaking Trove of User Data

Read More
02 Mar

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

Attacks, Malware

PyPI and other language-based repositories are increasingly being used by threat actors to distribute malware. Due to this, it is important to make sure that package installations are being done in a secure manner, to prevent an incidental infection within an organization. It is recommended that all imported libraries into an application are verified by developers, to make sure that there are no accidental typos in library names. Threat actors rely on accidental typos when…

Read More
02 Mar

Russia Bans Foreign Messaging Apps In Government Organizations

Attacks, Malware

Although it remains unknown as to why they did not ban Signal and Zoom, Russia has long attempted to control social media within its borders. Russia has been attempting to ban telegram since 2018; Telegram’s CEO claimed the Russian government planned to ban Telegram unless they handed over sensitive data and access to encrypted messages. The problem has become a larger issue for Russia since they invaded Ukraine in February of last year. The invasion…

Read More
02 Mar

Why healthcare providers are focusing on cyber resilience

Attacks, Data Breaches

The healthcare industry, especially within the Asia-Pacific region, has been the victim of a number of cyber attacks and data breaches within the last six months alone. In just one attack against Australian healthcare and insurance provider Medibank, the personal information of 9.7 million people was stolen and thousands had their private medical details posted online. In this exclusive interview, Cyber Security Hub speaks with Jojo Nufable, group IT infrastructure and cyber security head at…

Read More