Malware

20 Oct

CISA Adds Two Known Exploited Vulnerabilities to Catalog   

Attacks, Insights, Malware

Original release date: October 20, 2022 CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.       Binding Operational Directive (BOD)…

Read More
20 Oct

Hackers Use New Stealthy PowerShell Backdoor to Target 60+ Victims

Attacks, Malware

It is highly recommended to implement and maintain good email security products to help detect phishing emails and malicious attachments. It is also recommended to implement an attachment file type block list, if possible, to help prevent attachments with specific file extensions from being delivered to end users. In this scenario, the threat actors used “.docm” files to deliver their malicious payload, which for most organizations would likely be considered an abnormal or suspicious attachment…

Read More
20 Oct

Brazilian Federal Police Arrested a Lapsus$ Gang Member

Attacks, Malware

After hacking well-known tech businesses worldwide — including Microsoft, Nvidia, Samsung, Ubisoft, Okta, Vodafone, and Mercado — the Lapsus$ gang has made news this year. In addition, seven people from the UK were detained by the City of London Police in late March on suspicion of connection to the Lapsus$ group. On April 2nd, two of them were accused of helping the Lapsus$ extortion group. Following their appearance before the Highbury Corner Magistrates Court, they…

Read More
20 Oct

iDealwine Confirms Data Breach

Attacks, Malware

Individuals that were potentially affected have an increased likelihood of becoming targets of phishing attempts. iDealwine has advised their customers to not respond to emails or open their attachments if they are unfamiliar of the source. Customers can reach out to iDealwine if they have any issues, and they claim their team will assist. Although passwords were encrypted, a good precautionary step would be to change those passwords, and make sure passwords aren’t reused on…

Read More
20 Oct

With Conti gone, LockBit takes lead of the ransomware threat landscape

Data Breaches, Malware, Social Engineering

The number of ransomware attacks observed over the previous three months declined compared to the previous quarter, according to reports from two threat intelligence companies. However, the gap left by the Conti gang has been filled by other players, with LockBit cementing itself in the top position and likely to serve as a future source for ransomware spin-offs. From July to September, security firm Intel 471 counted 455 attacks from 27 ransomware variants, with LockBit…

Read More
20 Oct

Securing your organization against phishing can cost up to $85 per email

Data Breaches, Malware, Social Engineering

As phishing attacks increase, preventing them from doing damage is proving costly for organizations. Phishing-related activities are consuming a third of the total time available to IT and security teams and costing organizations anywhere between $2.84 and $85.33 per phishing email, according to a new report by Osterman Research. The report does not calculate the cost of damage caused by phishing, rather the productivity loss of IT and security teams. On average, organizations spend 16-30…

Read More
20 Oct

CISA Releases Three Industrial Control Systems Advisories

Attacks, Insights, Malware

Original release date: October 20, 2022 CISA has released three (3) Industrial Control Systems (ICS) advisories on October 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: •    ICSA-22-293-01 Bentley Systems MicroStation Connect •    ICSMA-21-294-01 B Braun Infusomat Space Large Volume Pump (Update A) •    ICSMA-20-296-02 B. Braun SpaceCom Battery Pack…

Read More
20 Oct

Mozilla Releases Security Updates for Firefox

Attacks, Insights, Malware

Original release date: October 20, 2022 Mozilla has released security updates to address vulnerabilities in Firefox ESR and Firefox. An attacker could exploit these vulnerabilities to cause denial-of-service conditions. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox ESR 102.4 and Firefox 106 for mitigations and updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
20 Oct

Financial losses to synthetic identity-based fraud to double by 2024

Data Breaches, Malware, Social Engineering

Losses to imposter scams based on synthetic identities—identities that only exist as figments in a credit reporting bureau’s records—will rise from a reported $1.2 billion in 2020 to $2.48 billion by 2024 in the US, according to an analysis published Thursday by identity verification vendor Socure. Synthetic identities became a common concern for businesses and financial institutions in the mid-2010s, Socure’s report said. Typically, such an identity is based on a real person, but with…

Read More
20 Oct

Attackers switch to self-extracting password-protected archives to distribute email malware

Data Breaches, Malware, Social Engineering

Distributing malware inside password-protected archives has long been one of the main techniques used by attackers to bypass email security filters. More recently, researchers have spotted a variation that uses nested self-extracting archives that no longer require victims to input the password. “This is significant because one of the most difficult obstacles threat actors face when conducting this type of spam campaign is to convince the target to open the archive using the provided password,”…

Read More