Information

14 Jun

Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes

Information

by Paul Ducklin No zero-days this month, if you ignore the Edge RCE hole patched last week (make sure you’ve got that update, by the way): For a full list of this month’s Microsoft Patch Tuesday fixes, take a look at our sister site Sophos News, where SophosLabs analysts have collated complete lists of the the numerous Microsoft CVEs that were fixed this month: Just the way you like it Helpfully, our researchers have created…

Read More
14 Jun

Microsoft Outs New Russian APT Linked to Wiper Attacks in Ukraine

Information, News

Security researchers at Microsoft are publicly outing a new APT group linked to Russia’s General Staff Main Intelligence Directorate (GRU), warning that the threat actor has worked on destructive wiper malware attacks that hit organizations in Ukraine. A new report from Redmond’s threat intelligence team tagged the group as ‘Cadet Blizzard’ and documented signs and evidence that adds clarity to the scope and usage of malware in a wartime environment. “[The] emergence of a novel…

Read More
13 Jun

Microsoft Patch Tuesday, June 2023 Edition

Information, Insights

Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products. June’s Patch Tuesday features updates to plug at least 70 security holes, and while none of…

Read More
13 Jun

Cyber insurance: What is it and does my company need it?

Information

While not a ‘get out of jail free card’ for your business, cyber insurance can help insulate it from the financial impact of a cyber-incident Cyber risk is on the rise as the combined impact of surging threat levels, expanding attack surfaces and security skills shortages are putting organizations at a disadvantage. Faced with an increased likelihood that they may suffer a damaging security breach, many may be looking to transfer liability onto a third-party…

Read More
13 Jun

Gozi banking malware “IT chief” finally jailed after more than 10 years

Information, Malware

by Paul Ducklin Yesterday, we wrote about cybercrime charges that were finally unsealed for a massive cryptocurrency heist that was allegedly conducted over a three-year period starting back in 2011. Today’s long-term cybercrime justice story concerns the last member of the so-called Gozi Troika, three men who were originally charged in January 2013 for malware-related crimes that apparently kicked off way back in the late 2000s: Those charges were publicised at that time under a…

Read More
13 Jun

Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks

Information, News

Microsoft’s security response team on Tuesday rolled out a massive batch of software updates to address major security gaps in its flagship Windows operating system and software components. Redmond’s monthly Patch Tuesday updates cover at least 70 documented vulnerabilities affecting the Windows ecosystem, including six critical issues that expose users to dangerous code execution attacks. According to Microsoft, none of the vulnerabilities have been publicly discussed or exploited in the wild. Windows network administrators are…

Read More
12 Jun

History revisited: US DOJ unseals Mt. Gox cybercrime charges

Information

by Naked Security writer Remember Mt. Gox? Originally, it was a card-trading site called MTGOX, short for Magic The Gathering Online Exchange (there was no sense of “Mountain” in the name at all), but the domain changed hands and purpose in the early days of cryptocurrency. Operated out of Japan by French expatriate Mark Karpelès, Mt. Gox rapidly became the biggest online Bitcoin exchange, but imploded in 2014 when the company was forced to admit…

Read More
12 Jun

US Government Provides Guidance on Software Security Guarantee Requirements

Information, News

The US Office of Management and Budget (OMB) has issued new guidance on when and how federal agencies should collect security guarantees from software vendors. Building on the cybersecurity executive order that President Joe Biden signed in May 2021, the OMB last year published a memorandum (M-22-18) requiring federal agencies to obtain from software vendors guarantees that the software they provide is secure. Per M-22-18, federal agencies are required to obtain attestation for all software…

Read More
10 Jun

Mixing cybercrime and cyberespionage – Week in security with Tony Anscombe

Information

A crimeware group that usually targets individuals and SMBs in North America and Europe adds cyberespionage to its activities It’s rather rare to find a cybercrime group that ventures into cyberespionage, which alone makes new ESET research all the more interesting. According to ESET experts, a cybercrime group known as Asylum Ambuscade – which usually targets individuals, SMBs, bank customers, and cryptocurrency traders in North America and Europe – has added cyberespionage to its activities.…

Read More
10 Jun

More MOVEit mitigations: new patches published for further protection

Information

by Paul Ducklin Even if you’re not a MOVEit customer, and even if you’d never heard of the MOVEit file sharing software before the end of last month… …we suspect you’ve heard of it now. That’s because the MOVEit brand name has been all over the IT and mainstream media for the last week or so, due to an unfortunate security hole dubbed CVE-2023-34362, which turned out to be what’s known in the jargon as…

Read More