Attacks

13 Jan

Cyber attack against Royal Mail linked to Russian hackers

Attacks, Data Breaches

A cyber attack against the UK postal service Royal Mail which saw the company request that customers stop sending mail abroad via its services has been linked to Russian hackers. Royal Mail informed the public of the cyber attack on January 11, saying it had caused “severe disruption” to the computerized systems used to send mail abroad. The company “immediately launched an investigation into the [cyber] incident” and utilized the help of the UK’s National…

Read More
12 Jan

Juniper Networks Releases Security Updates for Multiple Products

Attacks, Insights, Malware

Original release date: January 12, 2023 Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.

Read More
12 Jan

Third-Party Benefits Administrator Suffers Data Breach

Attacks, Malware

Affected parties are being notified by BBA and should not refrain from asking BBA how they plan to remediate the issue. Staying vigilant after becoming a victim of a data breach is extremely important. Refraining from interacting with unfamiliar senders who request payment or other personal information is a crucial element of such vigilance. Since Social Security numbers were part of the impacted data in this case, affected parties should reach out to credit bureaus…

Read More
12 Jan

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

Attacks, Malware

Since the initial infection vector relates to a phishing email containing a malicious ZIP file, it is recommended to implement and maintain proper email security controls. Email security controls, such as AV scanning and sandboxing, can help prevent phishing emails from reaching end users, thus potentially preventing the malware from infecting a workstation, to begin with. It is also recommended to maintain appropriate endpoint security controls. Most of the behaviors exhibited by this attack post-compromise…

Read More
12 Jan

House Lawmakers Introduce Bill to Create National Digital Reserve Corps

Attacks, Malware

This legislation aligns with the current administration’s whole government approach to improving the nation’s cyber security posture. The government and the private sector have looked for creative ways to fill critical information technology and cyber security roles. At a time when the U.S. military is struggling to reach its recruitment goals, incentivizing reservist roles may be the best option for the government. Source: https://www.fedscoop.com/house-lawmakers-introduce-bill-to-create-national-digital-reserve-corps/

Read More
12 Jan

Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms

Attacks, Insights, Malware

Original release date: January 12, 2023 Drupal has released a security update to address a vulnerability affecting private vocabulary modules for Drupal 8.x. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms. CISA encourages users and administrators to review Drupal’s security advisory SA-CONTRIB-2023-001 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
12 Jan

IOTW: LastPass facing class action lawsuit following data breach

Attacks, Data Breaches

An anonymous plaintiff has filed a class action lawsuit against password management company LastPass after the company suffered two data breaches within four months in 2022. The suit, which was filed by an anonymous plaintiff referred to as ‘John Doe’ with the United States District Court of Massachusetts, alleges that LastPass failed to “exercise reasonable care in securing and safeguarding highly sensitive consumer data”. The lawsuit also alleges that bad actors could “wreak financial havoc…

Read More
12 Jan

CISA Releases Twelve Industrial Control Systems Advisories

Attacks, Insights, Malware

Original release date: January 12, 2023 CISA released twelve Industrial Control Systems (ICS) advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-012-01 Sewio RTLS Studio ICSA-23-012-02 RONDS Equipment Predictive Maintenance Solution ICSA-23-012-03 InHand Networks InRouter ICSA-23-012-04 Panasonic Sanyo CCTV Network Camera ICSA-23-012-05 SAUTER Controls Nova 200 – 220…

Read More
11 Jan

NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services

Attacks, Insights, Malware

Original release date: January 11, 2023 The United Kingdom’s National Cyber Security Centre (NCSC-UK) has released a blog post, Using MSPs to administer your cloud services, that provides organizations security considerations for using a third party, such as a managed service provider (MSP), to administer cloud services. Contracting with an MSP for cloud service management has become an increasingly appealing option for organizations. The post discusses the trade-offs involved as well as specific security checks…

Read More
11 Jan

StrongPity APT Group Distributing Fake Shagle App

Attacks, Malware

Binary Defense strongly recommends that Android users source their apps from a trusted source such as the Google Play store. Extreme caution should be used when installing an APK from any other source. https://www.bleepingcomputer.com/news/security/hackers-target-android-users-with-fake-shagle-video-chat-app/

Read More