Malware

03 Mar

HPE to acquire Axis Security to deliver a unified SASE offering

Data Breaches, Malware, Social Engineering

Hewlett Packard Enterprise has agreed to buy cloud security services provider Axis Security, its third acquistion since January, to deliver a unified secure access service edge (SASE) offering. The acquisition is aimed at incorporating the Axis security service edge (SSE) platform into HPE’s edge-to-cloud network security capabilities with to deliver integrated networking and security solutions as-a-service. SSE is considered a subset of the broader SASE framework. “As we transition from a post-pandemic world, and a…

Read More
03 Mar

Iron Tiger updates malware to target Linux platform

Data Breaches, Malware, Social Engineering

Iron Tiger, an advanced persistent threat (APT) group, has updated their SysUpdate malware to include new features and add malware infection support for the Linux platform, according to a report by Trend Micro. The earliest sample of this version was observed in July 2022 and after finding multiple similar payloads in late October 2022, Trend Micro researchers started looking into it and found similarities with the SysUpdate malware family. Iron Tiger is a group of China-based…

Read More
03 Mar

Today, the Federal Bureau of…

Attacks, Insights, Malware

Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as January 2023. Royal ransomware attacks have spread across numerous critical infrastructure sectors including, but not limited to, manufacturing, communications, healthcare and public healthcare (HPH),…

Read More
03 Mar

Cisco has released a security…

Attacks, Insights, Malware

Cisco has released a security advisory for vulnerabilities affecting the 6800, 7800, 7900, and 8800 Series of Cisco IP Phones. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following advisory and apply the necessary updates. Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities cisco-sa-ip-phone-cmd-inj-KMFynVcP…

Read More
03 Mar

CISA released five Industrial…

Attacks, Insights, Malware

CISA released five Industrial Control Systems (ICS) advisories on March 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.      CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:   ICSA-23-061-01 Mitsubishi Electric MELSEC Series ICSA-23-061-02 Baicells Nova ICSA-23-061-03 Rittal CMC III Access systems ICSMA-23-061-01 Medtronic Micro Clinician and InterStim Apps ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update…

Read More
02 Mar

IBM partners up with Cohesity for better data defense in new storage suite

Data Breaches, Malware, Social Engineering

IBM and data security and backup provider Cohesity have formed a new partnership, calling for Cohesity’s data protection functionality to be incorporated into an upcoming IBM storage product suite, dubbed Storage Defender, for better protection of end-user organizations’ critical information. The capabilities of Cohesity’s DataProtect backup and recovery product will be one of four main feature sets in the Storage Defender program, according to an announcement from IBM Thursday. The Storage Defender suite is designed…

Read More
02 Mar

White House releases an ambitious National Cybersecurity Strategy

Data Breaches, Malware, Social Engineering

The White House released its long-anticipated National Cybersecurity Strategy, a comprehensive document that offers fundamental changes in how the US allocates “roles, responsibilities, and resources in cyberspace.” The strategy involved months of discussions among more than 20 government agencies and countless consultations with private sector organizations. It encompasses virtually all the weaknesses and challenges inherent in cybersecurity, from software vulnerabilities to internet infrastructure vulnerabilities to workforce shortages. Chief among the changes proposed in the strategy…

Read More
02 Mar

Gitpod flaw shows cloud-based development environments need security assessments

Data Breaches, Malware, Social Engineering

Researchers from cloud security firm Snyk recently discovered a vulnerability that would have allowed attackers to perform full account takeover and remote code execution (RCE) in Gitpod, a popular cloud development environment (CDE). Cloud-based development environments are popular because they’re easier to deploy and maintain than local ones and promise better security. However, organizations should properly assess security risks CDEs can introduce and are unique to their architectures, especially since they haven’t received much scrutiny from…

Read More
02 Mar

Leaky Database puts Animaker Consumers at Risk

Attacks, Malware

Users of Animaker are advised to be vigilant of any suspicious activity related to their accounts. It is also recommended that users enable two-factor authentication and use unique passwords for their various online accounts to mitigate the risk of further data breaches. Companies who use storage buckets should be aware that security controls typically need to be created after the creation of the bucket. Video Marketing Software Animker Leaking Trove of User Data

Read More
02 Mar

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

Attacks, Malware

PyPI and other language-based repositories are increasingly being used by threat actors to distribute malware. Due to this, it is important to make sure that package installations are being done in a secure manner, to prevent an incidental infection within an organization. It is recommended that all imported libraries into an application are verified by developers, to make sure that there are no accidental typos in library names. Threat actors rely on accidental typos when…

Read More