Continuous Monitoring and Protection
The IRS provided excellent tips for protecting against these types of scams: • File early. OK. The ship may have already sort of sailed on this one, but the earlier you file, the less time cybercriminals have to use your identity to commit fraud.• Watch out for phishing and smishing. The IRS won’t send unsolicited emails or texts. Skip the links and attachments and go straight to the IRS or the applicable state and city…
Read MoreSome defensive measures can be taken to lessen the likelihood of infection by AresLoader and other malware strains alike, including: 1. Be cautious when downloading and installing software: AresLoader malware is being spread through deceptive software installers, so it’s important to be careful when downloading and installing new software. Only download software from reputable sources and be wary of any installers that look suspicious or untrustworthy. 2. Keep software up to date: Cybercriminals often exploit…
Read MoreSaaS-based external attack surface management (EASM) company Cyberpion has rebranded as Ionix, at the same time adding a clutch of new cybersecurity capabilities to its namesake offering. Designed to provide a “wider coverage and deeper focus” into its customers’ internet-facing assets and connected dependencies, the revamp of Ionix’s system will feature new abilities such as extending visibility into connected assets and shadow IT, and scoring risks based on possible blast radius. “Along with the rebrand comes…
Read MoreItalian cybersecurity firm Cleafy has found “Nexus”, a new Android Trojan capable of hijacking online accounts and siphoning funds from them, to be targeting customers from 450 banks and cryptocurrency services worldwide. First observed in June 2022 as a variant of SOVA, another Android banking Trojan, Nexus has since improved targeting capabilities and is available via a malware-as-a-service (MaaS) program for $3000 a month, and allows other attackers to rent or subscribe to the malware…
Read MoreGoogle has suspended Chinese agricultural e-commerce app Pinduoduo from Google Play after versions of the app found outside the Google store were flagged as having malware issues. A Google spokesperson told Reuters that the app had been suspended over “security concerns”, adding that “Off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect”, in other words, software that prevents the installation of malicious or harmful…
Read MoreSecurity researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader. The malicious program appears to be developed and used by several members of a pro-Russia hacktivist group and is typically distributed inside decoy installers for legitimate software. Security researchers from threat intelligence firm Intel 471 first spotted AresLoader in November when it was advertised by a user with the monikers AiD Lock and DarkBLUP on Telegram and two…
Read MoreEmail-based security is one of the most effective methods to help prevent malware infections from occurring in the first place. Utilizing proper email security controls, such as AV scanning and sandboxing for attachments, is highly recommended to help prevent malicious files or URLs from being presented to an end user. In cases where a malicious item may make it through, having strong endpoint security controls, such as an EDR, can help prevent a compromise of…
Read MoreTo protect against Nexus and other Android banking trojans, users should only download apps from official app stores, keep their devices up to date with the latest security patches, and be cautious of suspicious emails and websites. Additionally, users should enable 2FA wherever possible to add an extra layer of security. https://thehackernews.com/2023/03/nexus-new-rising-android-banking-trojan.html?&web_view=true
Read MoreThe following ThinServer vulnerabilities are notable: CVE-2023-28756 (CVSS score: 7.5) and CVE-2023-28755 (CVSS score: 9.8), because they could enable an unauthenticated, remote attacker to upload any file to the directory where ThinServer.exe is installed. In addition, a threat actor might use the CVE-2023-28755 vulnerability to replace current executable files with trojanized versions. To reduce security risks, users are urged to update software to the following versions: 11.0.6, 11.1.6, 11.2.7, 12.0.5, 12.1.6, and 13.0.2. Versions 6.x…
Read MoreIntel has introduced its 13th Generation Core processor line, which the company claims is the first to build threat detection into hardware. In combination with endpoint detection and response (EDR) platforms from Intel partners, the new vPro processors promise a 70% reduction in attack surface compared to four-year-old PCs. Windows 11 systems can also take advantage of vPro’s memory encryption to provide better virtualization-based security. In tests conducted by SE Labs and commissioned by Intel,…
Read More