Malware

14 Feb

Microsoft Releases February 2023 Security Updates

Attacks, Insights, Malware

Original release date: February 14, 2023 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s February 2023 Security Update Guide and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
14 Feb

Apple Deploys Patch Fixing Actively-Exploited WebKit Vulnerability

Attacks, Malware

Companies are highly encouraged to patch as soon as their change management procedures allow. It’s possible that threat actors using this exploit currently will ramp up deployment in an effort to compromise devices before they get patched. Additionally, analysts should look for suspicious processes and activity stemming from Safari, pending further information from Apple about the specifics of the exploit, as far back as their logging allows. https://www.bleepingcomputer.com/news/security/apple-fixes-new-webkit-zero-day-exploited-to-hack-iphones-macs/

Read More
14 Feb

Mortal Kombat Ransomware Targeting US Victims

Attacks, Malware

This group is clearly financially motivated, using the ransomware as one way to target victims and encrypt files for extortion, in addition to exploiting the chance to steal cryptocurrency. Talos analysts assess that this particular ransomware isn’t very sophisticated as it will target system files and applications too, which are commonly avoided to prevent the system from becoming unstable. A victim will know they are infected because their wallpaper will change to a Mortal Kombat…

Read More
14 Feb

Stealthy ‘Beep’ Malware Discovered

Attacks, Malware

Although Beep’s functionality is currently limited, it’s clear that the developers have high ambitions for a variety of functionality. While the evasion tactics used in Beep are plentiful, they generally center around avoiding anti-virus, and being difficult to reverse engineer. Behavioral analysis can still provide great value in detecting threats such as this. It’s important to have a defense-in-depth program which includes proactive threat hunting of post compromise activities in order to combat emerging threats…

Read More
14 Feb

EnterpriseDB adds Transparent Data Encryption to PostgreSQL

Data Breaches, Malware, Social Engineering

Relational database provider EnterpriseDB on Tuesday said that it was adding Transparent Data Encryption (TDE) to its databases, which are based on open-source PostgreSQL.   TDE, which is used by Oracle and Microsoft, is a method of encrypting database files in order to ensure security of data while at rest and in motion. It helps ensure that  data on the hard drive as well as files on backup are encrypted, the company said in a…

Read More
14 Feb

Open Systems launches Ontinue MDR division, new MXDR service Ontinue ION

Data Breaches, Malware, Social Engineering

Managed security services provider Open Systems has announced the launch of Ontinue, a new managed detection and response (MDR) division. It has also unveiled a new managed extended detection and response (MXDR) service, Ontinue ION, along with a new add-on service called Managed Vulnerability Mitigation (MVM). Ontinue ION offers advanced capabilities that enable faster detection and response, a deeper understanding of a customer’s environment and the ability to maximize Microsoft security investments for greater efficiency,…

Read More
14 Feb

Expel announces MDR for Kubernetes with MITRE ATT&CK framework alignment

Data Breaches, Malware, Social Engineering

Security operations provider Expel has announced the general availability of Expel managed detection and response (MDR) for Kubernetes. The firm said the product enables customers to secure their business across their Kubernetes environment and adopt new technologies at scale without being hindered by security concerns. It has also been designed to align with the MITRE ATT&CK framework to help teams remediate threats and improve resilience, Expel added. Kubernetes is an open-source orchestration system that relies…

Read More
14 Feb

Measuring cybersecurity: The what, why, and how

Data Breaches, Malware, Social Engineering

A core pillar of a mature cyber risk program is the ability to measure, analyze, and report cybersecurity threats and performance. That said, measuring cybersecurity is not easy. On one hand business leaders struggle to understand information risk (because they usually are from a non-cyber background), while on the other, security practitioners get caught up in too much technical detail which ends up confusing, misinforming, or misleading stakeholders. In an ideal scenario, security practitioners must…

Read More
13 Feb

PLC vulnerabilities can enable deep lateral movement inside OT networks

Data Breaches, Malware, Social Engineering

Threat groups who target operational technology (OT) networks have so far focused their efforts on defeating segmentation layers to reach field controllers such as programmable logic controllers (PLCs) and alter the programs (ladder logic) running on them. However, researchers warn that these controllers should themselves be treated as perimeter devices and flaws in their firmware could enable deep lateral movement through the point-to-point and other non-routable connections they maintain to other low-level devices. To exemplify…

Read More
13 Feb

Play Ransomware Claims A10 Networks as Latest Victim

Attacks, Malware

The full scope of this attack is not yet known, but it is always important to be reminded of some ways to protect against ransomware in the future. Some measures that can be used to reduce the impact or likelihood of an attack include: • Regularly back up data, air gap, and password-protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.•…

Read More