Malware

20 Feb

Coinbase Cyberattack Targeted Employees with Fake SMS Alert

Attacks, Malware

To protect best against a campaign such as this, it is recommended to provide user education into common phishing tactics as well as overall emerging cybersecurity risks and vulnerabilities. It is important to employ a defense-in-depth strategy to detect this activity at a different portion of the attack chain, such as detecting lateral movement or reconnaissance activity. Binary Defense’s MDR and Threat Hunting services are an excellent solution to assist with such a program. https://www.bleepingcomputer.com/news/security/coinbase-cyberattack-targeted-employees-with-fake-sms-alert/

Read More
20 Feb

GoDaddy connects a slew of past attacks to a multiyear hacking campaign

Data Breaches, Malware, Social Engineering

Web hosting and infrastructure provider GoDaddy said it suspects a recent attack on its infrastructure in December 2022 may be connected to a series of incidents the business has been experiencing since 2020. The attack involved an unauthorized third-party gaining access to and installing malware on GoDaddy’s cPanel hosting servers, the company disclosed in an SEC filing. The company only discovered the security breach following customer reports in early December 2022 that their sites were…

Read More
20 Feb

7 reasons to avoid investing in cyber insurance

Data Breaches, Malware, Social Engineering

With cyberattacks rising at an alarming rate around the world, cyber insurance has become an increasingly popular layer of protection for businesses across all sectors. However, despite its clear appeal as a means of supporting and augmenting cyber risk management, insurance might not be the right fit for all companies in every circumstance. In fact, there are compelling reasons why some might be advised to avoid, delay, or at least seriously reconsider buying or renewing…

Read More
19 Feb

GoDaddy admits: Crooks hit us with malware, poisoned customer websites

Information, Malware

by Paul Ducklin Late last week [2023-02-16], popular web hosting company GoDaddy filed its compulsory annual 10-K report with the US Securities and Exchange Commission (SEC). Under the sub-heading Operational Risks, GoDaddy revealed that: In December 2022, an unauthorized third party gained access to and installed malware on our cPanel hosting servers. The malware intermittently redirected random customer websites to malicious sites. We continue to investigate the root cause of the incident. URL redirection, also…

Read More
17 Feb

EU parliamentary committee says ‘no’ to EU-US data privacy framework

Data Breaches, Malware, Social Engineering

The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended that the European Commission reject the proposed EU-US Data Privacy Framework, which would govern the way in which the personal information of EU citizens is handled by US companies. The committee’s decision — formally, a draft motion for a resolution— represents a rejection of the European Commission’s recommendation, announced in December, that the data privacy framework should be adopted. The recommendation stated…

Read More
17 Feb

New Mirai Malware Variant Infects Linux Devices to Build DDoS Botnet

Attacks, Malware

The most effective way to defend systems against Miria and other botnet infections is to change the default password to a complex password that is unique to that device. It is also recommended to download and apply security patches when the official manufacturer releases them. https://www.bleepingcomputer.com/news/security/new-mirai-malware-variant-infects-linux-devices-to-build-ddos-botnet/

Read More
17 Feb

Hackers use Fake Certificate to Hide Attack

Attacks, Malware

Servers running the affected versions of these Fortinet products should be updated to a version that is not susceptible to these attacks. Whenever a product releases a security patch, it is important to test and implement the update as soon as possible to prevent attackers from being able to exploit vulnerabilities. A full list of affected product versions can be found in the source article. https://www.infosecurity-magazine.com/news/hackers-fake-emsisoft-certificate/

Read More
17 Feb

CISA Warns of Windows and iOS Bugs Exploited as Zero-days

Attacks, Malware

While CISA’s directive only applies to United States federal agencies, it is encouraged and best practice that organizations also follow this timeline to patch their vulnerabilities. In cybersecurity, a timely patching schedule is an important factor of securing an environment, as many threat actors will attempt to exploit recently released 0-days before organizations have a chance to patch them. On top of a timely patching schedule, it is also important to employ a defense-in-depth strategy.…

Read More
17 Feb

New Mirai botnet variant V3G4 targets Linux servers, IoT devices

Data Breaches, Malware, Social Engineering

A new variant of Mirai — the botnet malware used to launch massive DDoS attacks —has been targeting 13 vulnerabilities in IoT devices connected to Linux servers, according to researchers at Palo Alto Network’s Unit 42 cybersecurity team.  Once the vulnerable devices are compromised by the variant, dubbed V3G4, they can fully controlled by attackers and become part of a botnet, capable of being used to conduct further campaigns, including DDoS attacks.  “The vulnerabilities have…

Read More
16 Feb

Malware authors leverage more attack techniques that enable lateral movement

Data Breaches, Malware, Social Engineering

A new study of over a half-million malware samples collected from various sources in 2022 revealed that attackers put a high value on lateral movement, incorporating more techniques that would allow them to spread through corporate networks. Several of the most prevalent tactics, as defined by the MITRE ATT&CK framework, that were identified in the dataset aid lateral movement, including three new ones that rose into the top 10. “An increase in the prevalence of…

Read More