Malware

15 Dec

MTTR “not a viable metric” for complex software system reliability and security

Data Breaches, Malware, Social Engineering

Mean time to resolve (MTTR) isn’t a viable metric for measuring the reliability or security of complex software systems and should be replaced by other, more trustworthy options. That’s according to a new report from Verica which argued that the use of MTTR to gauge software network failures and outages is not appropriate, partly due to the distribution of duration data and because failures in such systems don’t arrive uniformly over time. Site reliability engineering…

Read More
15 Dec

CISA Releases Forty-One Industrial Control Systems Advisories

Attacks, Insights, Malware

Original release date: December 15, 2022 CISA has released forty-one (41) Industrial Control Systems (ICS) advisories on 15 December 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-22-349-01 Prosys OPC UA Simulation ICSA-22-349-02 Siemens SCALANCE X-200RNA Switch Devices ICSA-22-349-03 Siemens Multiple Denial of Service Vulnerabilities in Industrial Products ICSA-22-349-04 Siemens Multiple…

Read More
15 Dec

Attackers Use SVG Files to Smuggle QBot Malware onto Windows Systems

Attacks, Malware

It is highly recommended to implement and maintain an email security tool to help prevent malicious emails from reaching end users mailboxes. These tools utilize AV scanning and sandboxing to help identify and quarantine malicious attachments in emails. It is also recommended to implement an inbound block on HTML attachments. HTML attachments on inbound external email are generally uncommon, so the feasibility of blocking them outright should be determined to help prevent the more evasive…

Read More
15 Dec

Federal Prosecutors Charge Six Defendants Linked to Denial-of-Service Attacks

Attacks, Malware

A DDoS attack is an attempt to disrupt the traffic of a targeted server, service, or network by overwhelming it with a flood of Internet traffic. Threat actors send a massive number of requests for information to a server, site, or network, effectively shutting down a server and disrupting normal operations. To protect from such attacks, the Cybersecurity and Infrastructure Security Agency recommends the following. • Enroll in a DoS protection service that detects abnormal…

Read More
15 Dec

California Hospital Suffers Data Breach

Attacks, Malware

The ever-increasing trend of threat actors targeting healthcare organizations will likely unfortunately continue into 2023. It is unclear if this instance is a ransomware attack, but data theft is a common tactic used by ransomware operators to force victims into paying a data extortion ransom. Any impacted patients should ensure that they follow mitigation steps to protect themselves. This includes setting up credit monitoring to ensure that if data gets leaked, fraudulent accounts can not…

Read More
15 Dec

Drupal Releases Security Updates to Address Vulnerabilities in H5P and File (Field) Paths

Attacks, Insights, Malware

Original release date: December 15, 2022 Drupal has released security updates to address vulnerabilities affecting H5P and the File (Field) Paths modules for Drupal 7.x. An attacker could exploit these vulnerabilities to access sensitive information and remotely execute code. CISA encourages users and administrators to review Drupal’s security advisories SA-CONTRIB-2022-064 and SA-CONTRIB-2022-065 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
15 Dec

CISA Consolidates Twitter Accounts

Attacks, Insights, Malware

Original release date: December 15, 2022 CISA has consolidated its social media presence on Twitter. Three accounts — @ICSCERT, @Cyber, and @CISAInfraSec — are no longer active. Additionally, the @USCERT_gov Twitter account is now renamed @CISACyber. The following current active Twitter accounts will include posts on content previously covered on the now-inactive accounts. @CISACyber will cover updates relevant to the industrial control systems community along with the latest vulnerability management info, threat analysis, and other…

Read More
15 Dec

F5 expands security portfolio with App Infrastructure Protection

Data Breaches, Malware, Social Engineering

F5 on Thursday announced the launch of F5 Distributed Cloud Services App Infrastructure Protection (AIP), expanding its SaaS-based security portfolio. The new release is a cloud workload protection solution that will provide application observability and protection to cloud-native infrastructures.  AIP is built using technology acquired with Threat Stack and will be a part of the F5 Distributed Cloud Services portfolio, launched earlier this year.  AIP will complement F5’s API Security F5 already has a service…

Read More
15 Dec

Dozens of cybersecurity efforts included in this year’s US NDAA

Data Breaches, Malware, Social Engineering

Last week, members of the US House of Representatives and Senate reconciled their versions of the annual must-pass National Defense Authorization Act (NDAA). Each year the NDAA contains a wealth of primarily military cybersecurity provisions, delivering hundreds of millions, if not billions, in new cybersecurity funding to the federal government. This year’s bill is no exception. Titled the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023, the legislation clocks in at over…

Read More
15 Dec

Microsoft’s EU data boundary plan to take effect Jan. 1

Data Breaches, Malware, Social Engineering

Microsoft on Thursday said it will begin rolling out the first phase of its European Union data boundary plan from January 1, 2023 that’ll allow customers to store and process their customer data within the EU. The move comes two days after the EU commission said it had officially begun the process of approving the EU-US Data Privacy Framework. Under the first phase of the plan, companies that use Microsoft products and services will be…

Read More