Malware

27 Dec

RisePro Infostealer Being Distributed Via Pay-Per-Install Service PrivateLoader

Attacks, Malware

Pay-per-install services aren’t new, but their presence usually indicates a reasonable degree of confidence by the service provider that their malware will provide the desired end state to their client. Primarily, companies should keep any Detection and Response systems (EDR/MDR/XDR/etc.) and Anti-Virus (AV) up-to-date to identify the latest detected malware campaigns. Additionally, netflow analysis and DNS monitoring can help detect command and control (C2) and data exfiltration, which requires an understanding of baseline user behavior…

Read More
27 Dec

EarSpy Attack Uses Speaker to Eavesdrop on Android Users

Attacks, Malware

Although this proof of concept (PoC) was crafted for academic proposes, it does establish that if an attacker were to trick a victim into downloading the right application, these types of data could be extracted from the victim’s phone calls. The researchers suggest that phone manufacturers should ensure sound pressure stays stable during calls and place the motion sensors in a position where internally originating vibrations are either leaving motion sensors unaffected, or at the…

Read More
27 Dec

CPRA explained: New California privacy law ramps up restrictions on data use

Data Breaches, Malware, Social Engineering

On January 1, 2023, 20, the California Privacy Rights Act (CPRA) will go into effect. Approved by ballot measure as Proposition 24 in November 2020, it created a new consumer data privacy agency and put California another step ahead of other states in terms of privacy productions for consumers—and data security requirements for enterprises. California already had a privacy law in place, the California Consumer Privacy Act (CCPA), adopted in 2018. It went into effect in…

Read More
26 Dec

The top 12 tech stories of 2022

Data Breaches, Malware, Social Engineering

The technology sector’s vulnerability to the vagaries of geopolitics and the macroeconomy became clearer than ever in 2022, as IT giants laid off workers en masse, regulators cracked down on tech rule-breakers, nations negotiated data privacy, the EU-China chip war widened, and the Ukraine war disrupted business as usual. Through it all the classic tech themes—including innovation, constant change, and the fight to bolster cybersecurity—continued as ChatGPT was released, Broadcom sought to purchase VMWare, a…

Read More
23 Dec

S3 Ep114: Preventing cyberthreats – stop them before they stop you! [Audio + Text]

Information, Malware

by Paul Ducklin STOP THE CROOKS BEFORE THEY STOP YOU! Paul Ducklin talks to world-renowned cybersecurity expert Fraser Howard, Director of Research at SophosLabs, in this fascinating episode, recorded during our recent Security SOS Week 2022. When it comes to fighting cybercrime, Fraser truly is a “specialist in everything”, and he also has the knack of explaining this tricky and treacherous subject in plain English. Click-and-drag on the soundwaves below to skip to any point.…

Read More
23 Dec

Microsoft Patches Azure Cross-Tenant Data Access Flaw

Information, Malware, News

Microsoft has silently fixed an important-severity security flaw in its Azure Container Service (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks. The vulnerability, documented by researchers at Mnemonic, effectively removed the entire network and identity perimeter around  internet-isolated Azure Cognitive Search instances and allowed cross-tenant access to the data plane of ACS instances from any location, including instances without any explicit network exposure. According to Mnemonic researcher Emilien…

Read More
22 Dec

Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities

Attacks, Malware

The main methods that Zerobot uses to infect a system, via brute-force or vulnerability exploitation, can easily be prevented by following a few recommended steps. The first recommendation would be to make sure all devices on a network are up-to-date on their patches, particularly any Internet-facing devices. The threat actors rely on devices remaining unpatched to infect systems and grow their botnet, so by making sure all devices are up-to-date and not vulnerable, an organization…

Read More
22 Dec

FIN7 Cybercrime Syndicate Emerges as Major Player in Ransomware Landscape

Attacks, Malware

To protect against ransomware attacks, organizations should: • Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.• Implement network segmentation.• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location• Install updates/patch operating systems, software, and firmware as soon…

Read More
22 Dec

The Guardian Media Group Hit by Ransomware Attack

Attacks, Malware

Companies looking to defend against ransomware should consider adopting a defense-in-depth strategy. Network segmentation, backups, regular patching, and vulnerability assessments are just a few of the measures that should be taken when attempting to lessen the likelihood of an attack. Promoting healthy cyber habits within a company is also crucial. https://www.infosecurity-magazine.com/news/ransomware-attack-guardian

Read More
22 Dec

Zerobot IoT Botnet Adds More Exploits, DDoS Capabilities

Information, Malware, News

The recently detailed Internet of Things (IoT) botnet Zerobot has been updated with an expanded list of exploits and distributed denial-of-service (DDoS) capabilities. Initially detailed two weeks ago, Zerobot is a self-replicating and self-propagating piece of malware written in the Golang (Go) programming language, which can target twelve device architectures. Fortinet, which first warned of the threat’s capabilities, analyzed two variants of the malware, one of which contained exploits targeting 21 known vulnerabilities, including the…

Read More