Malware

23 Jan

FanDuel Warns of Data Breach After Customer Info Stolen in Vendor Hack

Attacks, Malware

Individuals who have been compromised by this breach should change login information immediately. FanDuel allows for multi-factor authentication (MFA), which should be enabled on any active account. Phishing attacks are likely to occur after this type of information is stolen. FanDuel users that have been notified of a data breach should remain vigilant for future phishing attacks. Many account compromises are caused by using the same credentials across numerous sites. If one site is breached,…

Read More
23 Jan

Canadian Energy Provider Qulliq Suffers Data Breach

Attacks, Malware

With investigations still pending, Qulliq customers should remain vigilant. Regularly checking bank and credit card statements that may have been used on the company’s site is advised. Changing the password to QEC accounts, as well as anywhere else that login combination was used, is suggested as well. It is good news that QEC had an incident response plan in place, as many companies still do not. The investigation results will provide more information to the…

Read More
23 Jan

US Supreme Court leak investigation highlights weak and ineffective risk management strategy

Data Breaches, Malware, Social Engineering

The Supreme Court of the United States (SCOTUS) has announced that its investigation to find the insider who leaked a draft opinion of the Dobbs v. Jackson Women’s Health Org. decision to media outlet Politico has come up empty. In a nutshell, the court’s insider risk management program, designed to protect the information the justices handle on a daily basis, failed—and failed miserably. Frankly, based on the findings of the report, the court’s insider risk…

Read More
23 Jan

The metaverse brings a new breed of threats to challenge privacy and security gatekeepers

Data Breaches, Malware, Social Engineering

The metaverse is coming; businesses and government agencies are already building virtual worlds to support city services, meetings and conferences, community building, and commerce. They’re also rendering spatial apps around travel, car sales, manufacturing, and architecture in what Citi predicts will be a $13-trillion market with 5 billion users by 2030. “Just as the internet, e-commerce, social media, smartphones, and remote computing have in the past two decades changed the ways companies operate and reach…

Read More
20 Jan

Drupal Releases Security Advisories to Address Multiple Vulnerabilities

Attacks, Insights, Malware

Original release date: January 20, 2023 Drupal has released security advisories to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to access sensitive information. CISA encourages users and administrators to review Drupal’s security advisories SA-CORE-2023-001, SA-CONTRIB-2023-002, SA-CONTRIB-2023-003, and SA-CONTRIB-2023-004 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
20 Jan

Wallarm touts API leak protection with new scanning feature

Data Breaches, Malware, Social Engineering

API security company Wallarm announced Frdiay that it had opened a preview period for its newest offering — an active scanning system that checks through public sources of compromised API data, alerts users, and provides automated responses if a compromise is detected. The API Leak Protection feature, which will be deployed via Wallarm’s existing End-to-End API Security platform, takes advantage of that platform’s inventory of a given organization’s APIs. The system checks those APIs against…

Read More
20 Jan

Cisco Releases Security Advisory for Unified CM and Unified CM SME

Attacks, Insights, Malware

Original release date: January 20, 2023 Cisco released a security advisory for a vulnerability affecting Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the advisories and apply the necessary updates. This product is provided subject to…

Read More
20 Jan

New ‘Hook’ Android Malware Lets Hackers Remotely Control Devices

Attacks, Malware

Android apps are constantly being used by threat actors because of the availability of third-party app stores and the lack of strict app guidelines for apps published within those stores. Android users should only download apps through the official Google Play Store and only from trusted developers. https://www.bleepingcomputer.com/news/security/new-hook-android-malware-lets-hackers-remotely-control-your-phone/

Read More
20 Jan

T-Mobile Reports Another Data breach

Attacks, Malware

Even though the data stolen in the breach did not include sensitive information, the stolen data could still be used to carry out attacks if used in conjunction with other publicly available data. The company has stated that the malicious activity has been contained at this point for this attack. Whenever a customer is notified by a company of a data breach, they should ensure they are taking the proper steps to protect themselves including…

Read More
20 Jan

New Boldmove Malware Used to Backdoor Fortinet Devices

Attacks, Malware

BOLDMOVE demonstrates the value of two key things – patching and a defense in depth strategy. As this malware spreads primarily through FortiOS devices, which contain minimal logging capabilities, it can go undetected for large periods of time. Patching, however, would mitigate the threat as the systems would not be vulnerable in the first place. With up to date patching, this malware cannot spread unchecked throughout the environment, making it the best defense against this…

Read More