Attacks

26 Oct

Apple Releases Security Updates for Multiple Products 

Attacks, Insights, Malware

Original release date: October 26, 2022 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device.    CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:  •    Safari 16.1  •    iOS 16.1 and iPadOS 16  •    macOS Big Sur 11.7.1  •    macOS Monterey 12.6.1…

Read More
26 Oct

Samba Releases Security Updates 

Attacks, Insights, Malware

Original release date: October 26, 2022 The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Samba Security Announcements and apply the necessary updates and workarounds.  •    CVE-2022-3437   •    CVE-2022-3592 This product is provided subject to this Notification and this Privacy & Use policy.

Read More
25 Oct

LogCrusher and OverLog Vulnerabilities Impacting Windows Event Log Disclosed

Attacks, Malware

Since both vulnerabilities were addressed in this month’s Patch Tuesday, companies should look to patching all their Windows devices as soon as their patch management procedure allows. Additionally, it can be a good idea to implement file system and service monitoring on workstations and servers. Tools such as osquery can do this; in general, such tools can empower Administrators to more effectively understand the activity occurring on the systems for which they are responsible. https://thehackernews.com/2022/10/researchers-detail-windows-event-log.html

Read More
25 Oct

Cryptomining Campaign Abuses Free DevOps solutions

Attacks, Malware

While this campaign targets free services, Binary Defense researchers have observed an uptick in the number of compromises of cloud services like AWS or Azure to mine cryptocurrency. These attacks are effectively theft and can leave organizations with a large bill.For example, a developer in Seattle incurred a bill for over $53,000 which was normally a $100-$150 per month. In another case, a California College student was sent a bill for $55,000.It is highly recommended…

Read More
25 Oct

Google Chrome Announces End of Support for Windows 7 and 8.1

Attacks, Malware

Ensuring that systems are up to date and stay up to date is a key component of staying protected from cyber threats. When notices such as end of support are released, it is important that anyone running affected systems ensure that they are aware of the timeframe they face and begin the proper steps in upgrading affected systems to newer versions. Anyone that keeps running outdated and unsupported versions maintains a higher risk for becoming…

Read More
25 Oct

CISA Has Added One Known Exploited Vulnerability to Catalog    

Attacks, Insights, Malware

Original release date: October 25, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.       Binding Operational Directive…

Read More
25 Oct

CISA Releases Eight Industrial Control Systems Advisories

Attacks, Insights, Malware

Original release date: October 25, 2022 CISA has released eight (8) Industrial Control Systems (ICS) advisories on October 25, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: •    ICSMA-22-298-01 AliveCor KardiaMobile •    ICSA-22-298-01 Haas Controller •    ICSA-22-298-02 HEIDENHAIN Controller TNC •    ICSA-22-298-03 Siemens Siveillance Video Mobile Server •    ICSA-22-298-04 Hitachi Energy…

Read More
25 Oct

CISA Upgrades to Version 2.0 of Traffic Light Protocol in One Week – Join Us!

Attacks, Insights, Malware

Original release date: October 25, 2022 On Nov. 1, 2022, CISA will upgrade from Traffic Light Protocol (TLP) 1.0 to TLP 2.0 in accordance with the recommendation by the Forum of Incident Response Security Teams (FIRST) that organizations move to 2.0 by the end of 2022. TLP Version 2.0 brings the following key updates: TLP:CLEAR replaces TLP:WHITE for publicly releasable information. TLP:AMBER+STRICT supplements TLP:AMBER, clarifying when information  may be shared with the recipient’s organization only. CISA…

Read More
24 Oct

Typosquatting Campaign Impersonates Brand-Name Websites

Attacks, Malware

It is recommended that organizations focus on cybersecurity awareness training for its personnel as one security control to avoid typosquatting attacks. Users should only navigate to trusted sites from their own links or by identifying a reputable site from a search engine. In addition, users should be aware that they cannot trust links in advertisements or in email from untrusted parties. Due to the proliferation of Business Email Compromise (BEC), users should also be cautious…

Read More
24 Oct

Iranian Nuclear Energy Agency Becomes Target of Hacktivist Group

Attacks, Malware

Black Reward’s intention is not to have any type of monetary gain, but rather to expose corrupt activity. Being at the center of world controversy has opened Iran up to the possibility of more attacks of this style. Binary Defense analysts will continue to monitor this situation and provide updates as necessary. https://www.theregister.com/2022/10/24/black_reward_iran_nuclear_leak/?&web_view=true

Read More