Malware

20 Oct

CISA Requests for Comment on Microsoft 365 Security Configuration Baselines

Attacks, Insights, Malware

Original release date: October 20, 2022 CISA has issued requests for comment (RFCs) on eight Microsoft 365 security configuration baselines as part of the Secure Cloud Business Application (SCuBA) project to secure federal civilian executive branch agencies’ (FCEB) cloud environments. The baselines: •    Build on and integrate previous security configuration baselines developed by the Federal Chief Information Officers Council’s Cyber Innovation Tiger Team (CITT). •    Initiate a series of pilot efforts to advance cloud security…

Read More
20 Oct

High, medium severity vulnerabilities impacting Zimbra Collaboration Suite

Data Breaches, Malware, Social Engineering

Threat actors are actively exploiting multiple Common Vulnerabilities and Exposures (CVEs) against enterprise cloud-hosted collaboration software and email platform Zimbra Collaboration Suite (ZCS), according to an advisory update jointly issued by the US Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The latest update lists CVEs currently being exploited based on a new Malware Analysis Report, MAR-10398871.r1.v2 and warns that threat actors may be targeting unpatched ZCS instances in…

Read More
19 Oct

Supply chain attacks increased over 600% this year and companies are falling behind

Data Breaches, Malware, Social Engineering

The number of documented supply chain attacks involving malicious third-party components has increased 633% over the past year, now sitting at over 88,000 known instances, according to a new report from software supply chain management company Sonatype. Meanwhile, instances of transitive vulnerabilities that software components inherit from their own dependencies have also reached unprecedented levels and plague two-thirds of open-source libraries. “The networked nature of dependencies highlights the importance of having visibility and awareness about…

Read More
19 Oct

Apache Commons Text RCE Vulnerability Patched in Latest Update

Attacks, Malware

As time progresses, supply chain attacks are growing to become a popular attack vector among threat actors across the world. Fortunately, it seems that this vulnerability was not exploited in the wild in the seven months that it remained unpatched, but this will likely change. The problem with supply chain attacks is that in many instances, there are limited ways to detect them until they are more broadly known. It is recommended to have a…

Read More
19 Oct

Verizon Notifies Prepaid Customers of Data Breach

Attacks, Malware

SIM swapping attacks have gained popularity and are very useful to threat actors that already have breached credentials but get stopped from accessing accounts via Multi-Factor Authentication (MFA). MFA is always a recommended tool to add another layer of defense to credential theft, but it is typically recommended that MFA is provided through a trusted third-party application and never through a phone number. SIM swapping attacks are great example of why it is dangerous to…

Read More
19 Oct

Mark of the Web Windows Zero-Day Receives Unofficial Patch

Attacks, Malware

MotW is an essential security mechanism, especially when it comes to malicious Microsoft Office documents that contain macros. By default, Office will only block macros in files that contain the MotW, allowing threat actors to abuse this flaw to smuggle in malicious macros with no warning to users. It is recommended to disable macros via Group Policy until Microsoft releases an official patch for the MotW flaw. https://www.bleepingcomputer.com/news/microsoft/windows-mark-of-the-web-bypass-zero-day-gets-unofficial-patch/

Read More
19 Oct

CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

Attacks, Insights, Malware

Original release date: October 19, 2022 CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to reference the addition of a new Malware Analysis Report, MAR-10398871.r1.v2. CISA encourages organizations to review the latest update to AA22-228A and apply the recommended mitigations. This product is provided subject to this Notification…

Read More
19 Oct

Oracle Releases October 2022 Critical Patch Update

Attacks, Insights, Malware

Original release date: October 19, 2022 Oracle has released its Critical Patch Update for October 2022. This update addresses 366 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Oracle’s October 2022 Critical Patch Update and apply the necessary mitigations. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
19 Oct

8 top multi-factor authentication products and how to choose an MFA solution

Data Breaches, Malware, Social Engineering

Today’s credential-based attacks are much more sophisticated. Whether it’s advanced phishing techniques, credential stuffing, or even credentials compromised through social engineering or breaches of a third-party service, credentials are easily the most vulnerable point in defending corporate systems. All these attacks key on traditional credentials, usernames and passwords, which are past their expiration date as a legitimate security measure. The most effective way forward in enhancing access security is implementing multi-factor authentication (MFA). Security professionals…

Read More
18 Oct

Millennials and Gen Z less likely to observe cybersecurity protocols than their elders

Data Breaches, Malware, Social Engineering

Millennials and Gen Z employees in the US are much less likely to prioritize or adhere to cybersecurity protocols than their older Gen X and Baby Boomer counterparts, according to a recent survey by EY Consulting. The survey suggests that despite understanding the need for security measures, younger, digitally native workers were significantly more likely to disregard mandatory IT updates for as long as possible (58% for Gen Z and 42% for millennials vs. 31%…

Read More