Malware

31 Oct

CISA releases cybersecurity performance goals to reduce risk and impact of adversarial threats

Data Breaches, Malware, Social Engineering

Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) released voluntary cross-sector Cybersecurity Performance Goals (CPGs). CISA was required to produce the CPGs under a national security memo on improving cybersecurity for critical infrastructure control systems issued by President Biden in July 2021. Working in coordination with the National Institute of Standards and Technology (NIST) and the interagency community, CISA developed “baseline cybersecurity performance goals that are consistent across all critical infrastructure sectors.” CISA…

Read More
31 Oct

CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication 

Attacks, Insights, Malware

Original release date: October 31, 2022 CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication (MFA). CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber threats. If an organization using mobile push-notification-based MFA is unable to implement phishing-resistant MFA, CISA recommends using number matching to mitigate MFA fatigue. Although number matching is not as strong as phishing-resistant…

Read More
31 Oct

Data capture by border agencies can and will happen – are your on-the-road employees prepared?

Data Breaches, Malware, Social Engineering

Does your company have a travel policy that instructs and supports employees traveling internationally for business with direction regarding comportment and cooperation? This isn’t a trick question. To have a travel program that provides employees with anticipated scenarios, and to provide them with unique devices for international travel, is a significant investment of resources both physical and monetary. The revelation that U.S. Customs and Border Protection (CBP) routinely downloads the content of devices of individuals…

Read More
28 Oct

Apple Fixes Recently Disclosed Zero-day on Older iPhones, iPads

Attacks, Malware

Even though this zero-day was most likely only used in targeted attacks, it’s strongly suggested to patch even older devices as soon as possible to block potential attack attempts. The impacted devices include iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). Apple disclosed the security flaw “may have been actively exploited” in the wild but…

Read More
28 Oct

Raspberry Robin Operators Selling Access To Companies

Attacks, Malware

This switch in tactics by the Clop threat group is not uncommon amongst these groups. Rapidly changing tactics and leveraging dark web Malware-as-a-Service (MaaS) offerings allows threat groups to infect companies at a faster rate since they do not have to wait on a successful phishing campaign. Illicit access is frequently brokered in the underground economy. To mitigate the risks of attacks similar to Raspberry Robin, a good rule amongst organizations is to never use…

Read More
28 Oct

CraneFly Hacking Group using Microsoft IIS Web Server Logs to Control Malware

Attacks, Malware

As time progresses, threat actors continue to discover novel ways to evade detection. Now that this technique has been discovered, it seems to be quite simple to detect; modify any preexisting IIS monitoring detections to search for keywords such as “wrde”, “exo”, and “cllo”. In this case, it may be better to search IIS log files being written to temp folders, since it would be relatively easy for malware operators to change these keywords. This…

Read More
28 Oct

Phishing attacks increase by over 31% in third quarter: Report

Data Breaches, Malware, Social Engineering

Email security and threat detection company Vade has found that phishing emails in the third quarter this year increased by more than 31% quarter on quarter, with the number of emails containing malware in the first three quarters surpassing the 2021 level by 55.8 million. Malware emails in the third quarter of 2022 alone increased by 217% compared to same period in 2021. Malware email volume peaked in July, reaching 19.2 million, before month-over-month declines…

Read More
28 Oct

Joint CISA FBI MS-ISAC Guide on Responding to DDoS Attacks and DDoS Guidance for Federal Agencies

Attacks, Insights, Malware

Original release date: October 28, 2022 CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released Understanding and Responding to Distributed Denial-of-Service Attacks to provide organizations proactive steps to reduce the likelihood and impact of distributed denial-of-service (DDoS) attacks. The guidance is for both network defenders and leaders to help them understand and respond to DDoS attacks, which can cost an organization time, money, and reputational damage.…

Read More
28 Oct

VMware Releases Security Updates

Attacks, Insights, Malware

Original release date: October 28, 2022 VMware has released security updates to address multiple vulnerabilities in VMware Cloud Foundation. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-002 and apply the necessary updates and workarounds. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
28 Oct

Top cybersecurity M&A deals for 2022

Data Breaches, Malware, Social Engineering

The number of cybersecurity mergers and acquisitions deals in 2021 set a record pace. The first three quarters of the year saw 151 transactions in the industry, according to 451 Research. That’s up from 94 for the same period in 2020. That trend is likely to continue in 2022. Many of the 2021 transactions CSO reported were in the identity and cloud security markets, especially toward the end of the year. This trend is likely…

Read More