Malware

16 Dec

US Food Companies Warned of BEC Attacks Stealing Food Product Shipments

Information, Malware, News

The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are raising alarm on business email compromise (BEC) attacks leading to the theft of shipments of food products and ingredients. Typically used to steal money, BEC involves threat actors compromising email accounts at target companies and then targeting employees in charge of making payments with fraudulent emails that instruct them to…

Read More
16 Dec

Ukrainian Government Networks Breached via Trojanized Windows 10 Installers

Attacks, Malware

In this campaign, the initial access using the trojanized ISO file was facilitated through phishing and relied on human error to infiltrate these organizations. A look back at campaigns over the past year have shown that many threat actors have turned to phishing tactics, likely because a human operator is often one of the weakest points in an organization’s security infrastructure. General recommendations for mitigation of phishing attacks are largely policy and user education based,…

Read More
16 Dec

FuboTV Suffers Outage During World Cup

Attacks, Malware

Anyone that is a customer of FuboTV should be monitoring for any change in account activity including password or email changes. They should also be on the lookout for an update from FuboTV regarding what, if any, information was stolen and how to mitigate the attack from a customer standpoint. https://www.bleepingcomputer.com/news/security/fubotv-says-world-cup-streaming-outage-caused-by-a-cyberattack/?&web_view=true

Read More
16 Dec

Attackers Leak Personal Info Allegedly Stolen From 5.7M Gemini Users

Attacks, Malware

Gemini advises its customers to rely on strong authentication methods and recommends activating two-factor authentication (2FA) protection and/or the use of hardware security keys to access their accounts. The company also provides the steps necessary for changing the email address associated with the Gemini account. https://www.bleepingcomputer.com/news/security/hackers-leak-personal-info-allegedly-stolen-from-57m-gemini-users/

Read More
16 Dec

S3 Ep113: Pwning the Windows kernel – the crooks who hoodwinked Microsoft [Audio + Text]

Information, Malware

by Paul Ducklin PWNING THE WINDOWS KERNEL Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Wireless spyware,…

Read More
16 Dec

FBI, FDA OCI, and USDA Release Joint Cybersecurity Advisory Regarding Business Email Compromise Schemes Used to Steal Food

Attacks, Insights, Malware

Original release date: December 16, 2022 The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the U.S. Department of Agriculture (USDA) have released a joint Cybersecurity Advisory (CSA) detailing recently observed incidents of criminal actors using business email compromise (BEC) to steal shipments of food products and ingredients valued at hundreds of thousands of dollars. The joint CSA analyzes the common tactics, techniques, and procedures (TTPs)…

Read More
15 Dec

MTTR “not a viable metric” for complex software system reliability and security

Data Breaches, Malware, Social Engineering

Mean time to resolve (MTTR) isn’t a viable metric for measuring the reliability or security of complex software systems and should be replaced by other, more trustworthy options. That’s according to a new report from Verica which argued that the use of MTTR to gauge software network failures and outages is not appropriate, partly due to the distribution of duration data and because failures in such systems don’t arrive uniformly over time. Site reliability engineering…

Read More
15 Dec

CISA Releases Forty-One Industrial Control Systems Advisories

Attacks, Insights, Malware

Original release date: December 15, 2022 CISA has released forty-one (41) Industrial Control Systems (ICS) advisories on 15 December 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-349-01 Prosys OPC UA Simulation ICSA-22-349-02 Siemens SCALANCE X-200RNA Switch Devices ICSA-22-349-03 Siemens Multiple Denial of Service Vulnerabilities in Industrial Products ICSA-22-349-04 Siemens Multiple…

Read More
15 Dec

Attackers Use SVG Files to Smuggle QBot Malware onto Windows Systems

Attacks, Malware

It is highly recommended to implement and maintain an email security tool to help prevent malicious emails from reaching end users mailboxes. These tools utilize AV scanning and sandboxing to help identify and quarantine malicious attachments in emails. It is also recommended to implement an inbound block on HTML attachments. HTML attachments on inbound external email are generally uncommon, so the feasibility of blocking them outright should be determined to help prevent the more evasive…

Read More
15 Dec

Federal Prosecutors Charge Six Defendants Linked to Denial-of-Service Attacks

Attacks, Malware

A DDoS attack is an attempt to disrupt the traffic of a targeted server, service, or network by overwhelming it with a flood of Internet traffic. Threat actors send a massive number of requests for information to a server, site, or network, effectively shutting down a server and disrupting normal operations. To protect from such attacks, the Cybersecurity and Infrastructure Security Agency recommends the following. • Enroll in a DoS protection service that detects abnormal…

Read More