Malware

09 May

DigiCert’s DigiCert ONE platform now available on Oracle Cloud Infrastructure

Data Breaches, Malware, Social Engineering

Digital trust firm DigiCert has announced a partnership with Oracle to make DigiCert ONE available on Oracle Cloud Infrastructure (OCI). DigiCert ONE is a cloud-native SaaS platform that secures and centrally manages users, devices, servers, documents, and software. Companies use OCI for various functions including secure infrastructure, application, and workload management. The partnership makes DigiCert ONE on OCI easy to deploy and scalable within customers’ single or multi-cloud environments, allowing users to find the right…

Read More
09 May

Nebulon’s TripLine offers ransomware encryption protection for on-prem systems

Data Breaches, Malware, Social Engineering

Smart infrastructure provider Nebulon today announced the immediate availability of TripLine, an early warning system for cryptographically based ransomware attacks on on-premises systems. It’s designed to quickly identify the precise time and system location where an attack has occurred. Nebulon said that the new service uses two techniques to achieve this aim. The first is the “secure enclave,” which is a domain isolated from the infrastructure that includes core management and storage functions. Second, it…

Read More
09 May

CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors

Attacks, Insights, Malware

Today, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and defend against this threat. CISA urges organizations to review the advisory for more information and apply the recommended mitigations and detection guidance. For more information on FSB and Russian state-sponsored cyber activity, please see…

Read More
09 May

Mozilla Releases Security Advisories for Multiple Products

Attacks, Insights, Malware

Mozilla has released security advisories to address vulnerabilities in Firefox and Firefox ESR. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply the necessary updates: Security Vulnerabilities fixed in Firefox 113 Mozilla Foundation Security Advisory 2023-16 Security Vulnerabilities fixed in Firefox ESR 102.11 Mozilla Foundation Security Advisory 2023-17 For updates addressing lower severity vulnerabilities, see the…

Read More
09 May

Microsoft Releases May 2023 Security Updates

Attacks, Insights, Malware

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s May 2023 Security Update Guide and Deployment Information and apply the necessary updates.

Read More
09 May

Majority of US, UK CISOs unable to protect company ‘secrets’: Report

Data Breaches, Malware, Social Engineering

About 52% of chief information and security officers (CISOs) in the US and UK organizations are unable to fully secure their company secrets, according to a report by code security platform GitGuardian. The report pointed out that even though secrets management practice across the US and the UK has seen some maturity, it still needs to go a long way. About three-quarters of the respondents to the survey reported at least one past leak. The…

Read More
09 May

7 VPN alternatives for securing remote network access

Data Breaches, Malware, Social Engineering

Once the staple for securing employees working remotely, VPNs were designed to provide secure access to corporate data and systems for a small percentage of a workforce while the majority worked within traditional office confines. The move to mass remote working brought about by COVID-19 in early 2020 changed things dramatically. Since then, it has become the norm for large numbers of employees to regularly work from home, with many only going to the office…

Read More
09 May

Small- and medium-sized businesses: don’t give up on cybersecurity

Data Breaches, Malware, Social Engineering

In today’s increasingly hostile environment, every enterprise, be they big or small, should be concerned about cybersecurity and have access to protection from hackers, scammers, phishers, and all the rest of the host of bad actors who seem to be sprouting up around the world. Yet time and again, we see small- and medium-sized businesses (SMBs) left out in the cold, an unaddressed market segment that finds real protection either too expensive or far too…

Read More
08 May

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram

Information, Malware

by Paul Ducklin Researchers at dark web monitoring company Cyble recently wrote about a data-stealing-as-a-service toolkit that they found being advertised in an underground Telegram channel. One somewhat unusual aspect of this “service” (and in this context, we don’t mean that word in any sort of positive sense!) is that it was specifically built to help would-be cybercriminals target Mac users. The malware peddlers’ focus on Apple fans was clearly reflected in the name they…

Read More
08 May

New ransomware group CACTUS abuses remote management tools for persistence

Data Breaches, Malware, Social Engineering

A cybercriminal group has been compromising enterprise networks for the past two months and has been deploying a new ransomware program that researchers dubbed CACTUS. In the attacks seen so far the attackers gained access by exploiting known vulnerabilities in VPN appliances, moved laterally to other systems, and deployed legitimate remote monitoring and management (RMM) tools to achieve persistence on the network. “The name ‘CACTUS’ is derived from the filename provided within the ransom note,…

Read More