Continuous Monitoring and Protection
As with any crypto giveaway scam, the victim ends up sending the funds to the attacker’s wallet but never receives any amount back. Twitter accounts following famous personalities should be wary of suspicious messages and notifications heading their way. https://www.bleepingcomputer.com/news/security/elon-musks-twitter-followers-targeted-in-fake-crypto-giveaway-scam/
Read MoreAn IT managed service provider that supports a range of organizations across New Zealand including several within its government has suffered a cyber attack, compromising access to its data and systems. Those affected by the cyber security incident includes some providers contracted to Te Whatu Ora – Health New Zealand, although health service delivery has not been affected. The Ministry of Justice was also affected by the third-party data breach and confirmed the cyber attack…
Read MoreThreat actors observed using this technique have been able to utilize free file sharing services like Google Drive, Dropbox, or OneDrive to host their compressed filesystem containing their malware, making them readily accessible from victim devices. Organizations should be sure to monitor for connections to these file sharing services, especially ones that are not commonly used for an organization’s business processes.Organizations may also find it useful to monitor for the execution of the PRoot tool,…
Read MoreThis is the ninth high severity bug for which Chrome has released a patch during 2022. CISA has given three weeks to its agencies to patch their systems. Because of this timeline, it is likely we will not see technical details of this vulnerability until after this date. It is highly recommended that any organization with users running Google Chrome should use CISA’s requirements as a guideline for themselves, and endeavor to have all systems…
Read MoreMuch of the risk of these vulnerabilities can be mitigated by controlling access to remote management interfaces. Companies should endeavor to never leave these exposed to the internet, and further limit which devices or networks can access these interfaces. User behavior analysis can help identify exploitation of vulnerabilities like these; mass password reset requests and root-level activities that differ from baseline can be reliable indicators of a compromise. https://thehackernews.com/2022/12/new-bmc-supply-chain-vulnerabilities.html
Read MoreIntroduction to cyber security in 2022 Cyber security is central to operational success Cyber security practitioners entered 2022 under the shadow of the Log4Shell vulnerability. The vulnerability sent shockwaves throughout the cyber security world and has continued to be used by threat actors. Just months into 2022, statements from government organizations such as the Cybersecurity and Infrastructure Security Agency (CISA) in the US and the UK’s National Cyber Security Centre (NCSC) called on organizations, especially…
Read MoreAccording to researchers, ransom payment does not guarantee file recovery. CryWiper is the second retaliatory malware strain that targeted Russian companies after RURansom, a.NET-based wiper discovered in March. Numerous wipers have been launched in the current conflict between Russia and Ukraine, including WhisperGate, AcidRain, HermeticWiper, IsaacWiper, DoubleZero, Industroyer2, and CaddyWiper. “Wipers can be effective regardless of the technical skills of the attacker, as even the simplest wiper can wreak havoc on affected systems,” stated Max…
Read MoreCurry also discussed another flaw that affects Hyundai and Genesis vehicles manufactured after 2012. The vulnerability could be used to remotely control locks, engines, headlights, and trunks by using the registered email addresses. “By adding a CRLF character at the end of an already existing victim email address during registration, we could create an account that bypassed the JWT and email parameter comparison check,” stated Curry. However, since then, SiriusXM and Hyundai have released patches…
Read MorePrior to downloading any apps from the Play store, users should read reviews to help verify their legitimacy. It is important to make sure Play Protect is active and being used as well. If users identify any of the apps mentioned above on their devices, they should be deleted immediately. https://www.bleepingcomputer.com/news/security/android-malware-apps-with-2-million-installs-spotted-on-google-play/?&web_view=true
Read MoreOriginal release date: December 5, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates. Binding Operational Directive (BOD)…
Read More