Malware

09 Mar

Fortinet Warns about Critical Vulnerability in FortiOS and FortiProxy Could

Attacks, Malware

Security patches are available in the following versions: • FortiOS v.6.2.13, v.6.4.12, v.7.0.10, v.7.2.4, v.7.4.0• FortiOS-6K7K v.6.2.13, v.6.4.12, v.7.0.10• FortiProxy v.2.0.12, 7.0.9, v.7.0.9 Fortinet also advises customers to disable the HTTP/HTTPS administration interface or restrict the IP addresses that can access it as workarounds. It is recommended for organizations to implement these changes to secure administration interfaces, regardless of their vulnerability management cycle and patch deployment. https://thehackernews.com/2023/03/new-critical-flaw-in-fortios-and.html

Read More
09 Mar

Qilin Claims Ransomware Attack on Elderly Care Facility

Attacks, Malware

These attacks can have severe consequences for both the affected organization and its clients or customers, as sensitive information can be leaked or lost, and operations can be disrupted.To prevent these attacks, organizations must take measures to secure their networks and train employees on how to spot and avoid phishing emails and other types of social engineering attacks. It is also essential to have a robust backup system in place so that data can be…

Read More
09 Mar

GitHub begins 2FA rollout for code contributors

Data Breaches, Malware, Social Engineering

GitHub has begun its official rollout of two-factor authentication (2FA) for developers who contribute code to the platform to enhance the security of accounts and the software supply chain. GitHub first announced its intention to mandate 2FA for all code contributors in May 2022, and will begin the first group’s enrolment on Monday, March 13. GitHub is allowing users to choose their preferred 2FA method – SMS, TOTP, security keys, or GitHub mobile. The rollout…

Read More
09 Mar

Lazarus group infiltrated South Korean finance firm twice last year

Data Breaches, Malware, Social Engineering

Lazarus group was spotted exploiting flaws in unnamed software to gain access to a South Korean finance firm twice last year.  The North Korea-linked group had infiltrated the affected company in May 2022 and again in October through the same software’s zero-day vulnerability, according to a research by AhnLab Security Emergency Response Center (ASEC).  ASEC reported the software in question to the Korean Internet and Security Agency since the vulnerability has not been fully verified…

Read More
08 Mar

CapraRAT Targets India and Pakistan in Espionage Campaign

Attacks, Malware

Espionage groups using social engineering tactics on government and military officials are nothing new. This campaign demonstrates the risks associated with downloading apps outside of app stores that are maintained by a trusted source. Furthermore, this highlights the importance of segmenting personal and professional devices. Compromising a personal phone, while impactful, could have a greatly reduced impact if that device doesn’t contain confidential information that an attacker could be seeking out. Source: https://thehackernews.com/2023/03/transparent-tribe-hackers-distribute.html

Read More
08 Mar

New Malware Variant Features a “Radio Silence” Mode to Evade Detection

Attacks, Malware

While many of the capabilities of this malware framework are rather typical, this “Radio Silence” mode is somewhat novel and is not seen displayed by many malware implants. Many times, malware in an environment can be identified through abnormal communications, such as a large number of connections from a host over the weekend that is typically dormant. With this feature, however, the operators can pick and choose when they want their communications to be sent,…

Read More
08 Mar

SANS, Google launch academy to promote cloud security, diversity in workforce

Data Breaches, Malware, Social Engineering

SANS Institute has launched the SANS Cloud Diversity Academy (SCDA) in partnership with Google, to help provide training and certifications to women, ethnic minorities, Indigenous people and other groups that are currently underrepresented in the cybersecurity sector. A 2022 report by Cybersecurity Ventures found that women make up only 25% of the cybersecurity workforce globally, while an Aspen Digital Tech Policy report from the same year found that only 9% of cybersecurity experts are Black,…

Read More
08 Mar

Hard-coded secrets up 67% as secrets sprawl threatens software supply chain

Data Breaches, Malware, Social Engineering

The number of detected hard-coded secrets increased by 67% last year compared to 2021, with 10 million new secrets discovered in public GitHub commits in 2022. That’s according to GitGuardian’s State of Secrets Sprawl 2023 report. It found that hard-coded secrets and accelerating secrets sprawl (storing secrets in many different places) are threatening the security of software supply chains. Hard-coded secrets pose significant security risks because they are often stored in plain text, making it…

Read More
08 Mar

CISA has added three new…

Attacks, Insights, Malware

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-28810 Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability CVE-2022-33891 Apache Spark Command Injection Vulnerability CVE-2022-35914 Teclib GLPI Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in…

Read More