Malware

21 Oct

Cisco Releases Security Update for Cisco Identity Services Engine 

Attacks, Insights, Malware

Original release date: October 21, 2022 Cisco has released a security update to address vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page.  CISA encourages users and administrators to review Cisco Advisory cisco-sa-ise-path-trav-Dz5dpzyM and apply the necessary updates. This product is provided subject to this Notification and this Privacy &…

Read More
21 Oct

It’s time to prioritize SaaS security

Data Breaches, Malware, Social Engineering

We’ve made a point of shoring up security for infrastructure-as-a-service clouds since they are so complex and have so many moving parts. Unfortunately, the many software-as-a-service systems in use for more than 20 years now have fallen down the cloud security priority list. Organizations are making a lot of assumptions about SaaS security. At their essence, SaaS systems are applications that run remotely, with data stored on back-end systems that the SaaS provider encrypts on…

Read More
21 Oct

IoT security strategy from enterprises using connected devices

Data Breaches, Malware, Social Engineering

Freeman Health System has around 8,000 connected medical devices in its 30 facilities in Missouri, Oklahoma, and Kansas. Many of these devices have the potential to turn deadly at any moment. “That’s the doomsday scenario that everyone is afraid of,” says Skip Rollins, the hospital chain’s CIO and CISO. Rollins would love to be able to scan the devices for vulnerabilities and install security software on them to ensure that they aren’t being hacked. But…

Read More
21 Oct

Security Recruiter Directory

Data Breaches, Malware, Social Engineering

Looking for a qualified candidate or new job? CSO’s security recruiter directory is your one-stop shop. The recruiters listed below can help you find your next chief information security officer (CISO) or VP of security and fill hard-to-hire positions in risk management, security operations, security engineering, compliance, application security, penetration testers, and computer forensics, among many others. If you’re a security recruiting firm, we want your information! Our goal is to provide the most complete…

Read More
20 Oct

96% of companies report insufficient security for sensitive cloud data

Data Breaches, Malware, Social Engineering

The vast majority of organizations lack confidence in securing their data in cloud, while many companies acknowledge they lack sufficient security even for their most sensitive data, according to a new report by the Cloud Security Alliance (CSA). The CSA report surveyed 1,663 IT and security professionals from organizations of various sizes and in various locations. “Only 4% report sufficient security for 100% of their data in the cloud. This means that 96% of organizations…

Read More
20 Oct

CISA Adds Two Known Exploited Vulnerabilities to Catalog   

Attacks, Insights, Malware

Original release date: October 20, 2022 CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.       Binding Operational Directive (BOD)…

Read More
20 Oct

Hackers Use New Stealthy PowerShell Backdoor to Target 60+ Victims

Attacks, Malware

It is highly recommended to implement and maintain good email security products to help detect phishing emails and malicious attachments. It is also recommended to implement an attachment file type block list, if possible, to help prevent attachments with specific file extensions from being delivered to end users. In this scenario, the threat actors used “.docm” files to deliver their malicious payload, which for most organizations would likely be considered an abnormal or suspicious attachment…

Read More
20 Oct

Brazilian Federal Police Arrested a Lapsus$ Gang Member

Attacks, Malware

After hacking well-known tech businesses worldwide — including Microsoft, Nvidia, Samsung, Ubisoft, Okta, Vodafone, and Mercado — the Lapsus$ gang has made news this year. In addition, seven people from the UK were detained by the City of London Police in late March on suspicion of connection to the Lapsus$ group. On April 2nd, two of them were accused of helping the Lapsus$ extortion group. Following their appearance before the Highbury Corner Magistrates Court, they…

Read More
20 Oct

iDealwine Confirms Data Breach

Attacks, Malware

Individuals that were potentially affected have an increased likelihood of becoming targets of phishing attempts. iDealwine has advised their customers to not respond to emails or open their attachments if they are unfamiliar of the source. Customers can reach out to iDealwine if they have any issues, and they claim their team will assist. Although passwords were encrypted, a good precautionary step would be to change those passwords, and make sure passwords aren’t reused on…

Read More
20 Oct

With Conti gone, LockBit takes lead of the ransomware threat landscape

Data Breaches, Malware, Social Engineering

The number of ransomware attacks observed over the previous three months declined compared to the previous quarter, according to reports from two threat intelligence companies. However, the gap left by the Conti gang has been filled by other players, with LockBit cementing itself in the top position and likely to serve as a future source for ransomware spin-offs. From July to September, security firm Intel 471 counted 455 attacks from 27 ransomware variants, with LockBit…

Read More