Malware

09 May

Small- and medium-sized businesses: don’t give up on cybersecurity

Data Breaches, Malware, Social Engineering

In today’s increasingly hostile environment, every enterprise, be they big or small, should be concerned about cybersecurity and have access to protection from hackers, scammers, phishers, and all the rest of the host of bad actors who seem to be sprouting up around the world. Yet time and again, we see small- and medium-sized businesses (SMBs) left out in the cold, an unaddressed market segment that finds real protection either too expensive or far too…

Read More
09 May

7 VPN alternatives for securing remote network access

Data Breaches, Malware, Social Engineering

Once the staple for securing employees working remotely, VPNs were designed to provide secure access to corporate data and systems for a small percentage of a workforce while the majority worked within traditional office confines. The move to mass remote working brought about by COVID-19 in early 2020 changed things dramatically. Since then, it has become the norm for large numbers of employees to regularly work from home, with many only going to the office…

Read More
08 May

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram

Information, Malware

by Paul Ducklin Researchers at dark web monitoring company Cyble recently wrote about a data-stealing-as-a-service toolkit that they found being advertised in an underground Telegram channel. One somewhat unusual aspect of this “service” (and in this context, we don’t mean that word in any sort of positive sense!) is that it was specifically built to help would-be cybercriminals target Mac users. The malware peddlers’ focus on Apple fans was clearly reflected in the name they…

Read More
08 May

New ransomware group CACTUS abuses remote management tools for persistence

Data Breaches, Malware, Social Engineering

A cybercriminal group has been compromising enterprise networks for the past two months and has been deploying a new ransomware program that researchers dubbed CACTUS. In the attacks seen so far the attackers gained access by exploiting known vulnerabilities in VPN appliances, moved laterally to other systems, and deployed legitimate remote monitoring and management (RMM) tools to achieve persistence on the network. “The name ‘CACTUS’ is derived from the filename provided within the ransom note,…

Read More
08 May

Review your on-prem ADCS infrastructure before attackers do it for you

Data Breaches, Malware, Social Engineering

Attackers love to find weak spots in our domains and networks. Too often, they can enter systems to lie in wait and launch attacks at a later time. A case in point is the infamous SolarWinds software attack, which infected up to nine US agencies and many organizations with backdoors into their infrastructure.  Recent investigations show that the Department of Justice may have been aware of the potential for a breach months before it happened.…

Read More
07 May

S3 Ep133: Apple takes “tight-lipped” to a whole new level

Information, Malware

by Paul Ducklin SILENT SECURITY! (IS THAT A GOOD THING?) No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Passwords, botnets, and malware on the Mac. All…

Read More
07 May

When will AI be fully integrated into cyber security?

Malware

ChatGPT, a machine learning (ML)-powered chatbot, is rapidly growing across all sectors. The app’s developer, OpenAI, reported that it gained one million users in just five days. The app has now been visited over two billion times, according to research by Similarweb. This being said, concerns have been raised about the use of the intelligent chatbot, with Italy’s data privacy agency even going so far as to temporarily ban the use of the app in…

Read More
07 May

Italy bans ChatGPT over data privacy concerns

Malware

In a move that one Italian minister has called “disproportionate”, Italy has temporarily banned ChatGPT due to data privacy concerns. Italy has made the decision to temporarily ban ChatGPT within the country due to concerns that it violates the General Data Protection Regulation (GDPR). GDPR is a law concerning data and data privacy which imposes security and privacy obligations on those operating within the European Union (EU) and the European Economic Area (EEA). The Italian…

Read More
07 May

Google ads are being used to spread malware

Malware

Malicious actors are using Google advertisements and SEO tactics to entice victims into clicking on links poisoned with malware. According to cyber security company Secureworks, malicious actors have been using poisoned ad installers as trojans, specifically to spread Bumblebee malware. These ad installers are associated with a number of well-known companies including Zoom, Citrix Workspace, Cisco AnyConnect and OpenAI’s ChatGPT. For example, Secureworks researchers found that a malicious actor had not only created a poisoned…

Read More
05 May

Azure API Management flaws highlight server-side request forgery risks in API development

Data Breaches, Malware, Social Engineering

Microsoft recently patched three vulnerabilities in its Azure API Management service, two of which enabled server-side request forgery (SSRF) attacks that could have allowed hackers to access internal Azure assets. The proof-of-concept exploits serve to highlight common errors that developers could make when trying to implement blacklist-based restrictions for their own APIs and services. Web APIs have become an integral part of modern application development, especially in the cloud. They allow services to communicate and…

Read More