Malware

04 Mar

Today, CISA released Decider, a…

Attacks, Insights, Malware

Today, CISA released Decider, a free tool to help the cybersecurity community map threat actor behavior to the MITRE ATT&CK framework. Created in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI) and MITRE, Decider helps make mapping quick and accurate through guided questions, a powerful search and filter function, and a cart functionality that lets users export results to commonly used formats. Network defenders, analysts, and researchers can see CISA’s video, fact…

Read More
03 Mar

Chick-fil-A Confirms Accounts Hacked in Months-Long “Automated” Attack

Attacks, Malware

In response to the attack, Chick-fil-A forced customers to reset passwords, froze funds loaded into accounts, and removed any stored payment information from accounts. Chick-fil-A also states that they restored Chick-fil-A One account balances and added rewards to impacted accounts as a way of apologizing. As the accounts were breached using credentials exposed in other data breaches, impacted users must change their passwords at all sites they frequent, especially if they use the same Chick-fil-A…

Read More
03 Mar

Hatch Bank Suffers Data Breach After Third Party Vulnerability Exploited

Attacks, Malware

Hatch Bank has offered to provide free access to credit monitoring services for 12 months to any affected individuals. This attack is just one example of an incident involving a third-party service. Whenever an organization is looking to do business with a third-party company, they should go through their own security audit of the company before signing a contract. This can include paying for a penetration test or requesting recent penetration test results, as well…

Read More
03 Mar

Chinese Threat Actor Deploying New Custom “MQsTTang” Backdoor to Evade Detection

Attacks, Malware

The Message Queuing Telemetry Transport (MQTT) protocol is a protocol that is known as the standard for IoT messaging and occurs over port 1883. As IoT devices become more and more prevalent in an environment, this typically opens a greater number of potential vulnerabilities to be exploited as IoT devices are often more insecure. From an organizational standpoint, the best way to protect against this campaign would be to limit IoT devices in the environment…

Read More
03 Mar

HPE to acquire Axis Security to deliver a unified SASE offering

Data Breaches, Malware, Social Engineering

Hewlett Packard Enterprise has agreed to buy cloud security services provider Axis Security, its third acquistion since January, to deliver a unified secure access service edge (SASE) offering. The acquisition is aimed at incorporating the Axis security service edge (SSE) platform into HPE’s edge-to-cloud network security capabilities with to deliver integrated networking and security solutions as-a-service. SSE is considered a subset of the broader SASE framework. “As we transition from a post-pandemic world, and a…

Read More
03 Mar

Iron Tiger updates malware to target Linux platform

Data Breaches, Malware, Social Engineering

Iron Tiger, an advanced persistent threat (APT) group, has updated their SysUpdate malware to include new features and add malware infection support for the Linux platform, according to a report by Trend Micro. The earliest sample of this version was observed in July 2022 and after finding multiple similar payloads in late October 2022, Trend Micro researchers started looking into it and found similarities with the SysUpdate malware family. Iron Tiger is a group of China-based…

Read More
03 Mar

Today, the Federal Bureau of…

Attacks, Insights, Malware

Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as January 2023. Royal ransomware attacks have spread across numerous critical infrastructure sectors including, but not limited to, manufacturing, communications, healthcare and public healthcare (HPH),…

Read More
03 Mar

Cisco has released a security…

Attacks, Insights, Malware

Cisco has released a security advisory for vulnerabilities affecting the 6800, 7800, 7900, and 8800 Series of Cisco IP Phones. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following advisory and apply the necessary updates. Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities cisco-sa-ip-phone-cmd-inj-KMFynVcP…

Read More
03 Mar

CISA released five Industrial…

Attacks, Insights, Malware

CISA released five Industrial Control Systems (ICS) advisories on March 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.      CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:   ICSA-23-061-01 Mitsubishi Electric MELSEC Series ICSA-23-061-02 Baicells Nova ICSA-23-061-03 Rittal CMC III Access systems ICSMA-23-061-01 Medtronic Micro Clinician and InterStim Apps ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update…

Read More
02 Mar

IBM partners up with Cohesity for better data defense in new storage suite

Data Breaches, Malware, Social Engineering

IBM and data security and backup provider Cohesity have formed a new partnership, calling for Cohesity’s data protection functionality to be incorporated into an upcoming IBM storage product suite, dubbed Storage Defender, for better protection of end-user organizations’ critical information. The capabilities of Cohesity’s DataProtect backup and recovery product will be one of four main feature sets in the Storage Defender program, according to an announcement from IBM Thursday. The Storage Defender suite is designed…

Read More