Malware

16 Jan

Researchers: Brace for Zoho ManageEngine ‘Spray and Pray’ Attacks

Information, Malware, News

Security researchers tracking a known pre-authentication remote code execution vulnerability in Zoho’s ManageEngine products are warning organizations to brace for “spray and pray” attacks across the internet. The vulnerability, patched by Zoho last November, affects multiple Zoho ManageEngine products and can be reached over the internet to launch code execution exploits if SAML single-sign-on is enabled or has ever been enabled. According to researchers at automated penetration testing firm Horizon3.ai, the CVE-2022-47966 flaw is easy…

Read More
16 Jan

How AI chatbot ChatGPT changes the phishing game

Data Breaches, Malware, Social Engineering

ChatGPT, OpenAI’s free chatbot based on GPT-3.5, was released on 30 November 2022 and racked up a million users in five days. It is capable of writing emails, essays, code and phishing emails, if the user knows how to ask. By comparison, it took Twitter two years to reach a million users. Facebook took ten months, Dropbox seven months, Spotify five months, Instagram six weeks. Pokemon Go took ten hours, so don’t break out the…

Read More
13 Jan

Attackers deploy sophisticated Linux implant on Fortinet network security devices

Data Breaches, Malware, Social Engineering

In December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild. This week, after additional analysis, the company released more details about a sophisticated malware implant that those attackers deployed through the flaw. Based on currently available information, the original zero-day attack was highly targeted to government-related entities. However, since the vulnerability has been known for over a month, all customers should…

Read More
13 Jan

Gen Digital Warns of Norton Password Manager Account Breach

Attacks, Malware

Credential stuffing attacks are a rather old method of breaching an account, but they are still relatively successful. These attacks rely on human error in the form of reusing passwords. From an organizational standpoint, this could lead to account compromise if an employee reuses one of their passwords from an external site that was breached for their work account. To detect credential stuffing attacks, organizations can monitor logon events for a spike in failed authentications…

Read More
13 Jan

San Francisco Transit Police Breached

Attacks, Malware

Public sector entities tend to be at a higher risk for breach due to the lack of budget and ability to hire cyber security professionals. Because of this, many fall victim to cyber-attacks that affect systems with no way to easily mitigate. Customers who believe they may have been a victim of this breach should ensure they are taking the necessary precautions to protect themselves, such as looking out for phishing emails and monitoring credit…

Read More
13 Jan

Microsoft: Exchange Server 2013 Reaches End of Support in 90 days

Attacks, Malware

Microsoft recommends upgrading on-premises Exchange Server 2013 servers to Exchange Server 2019 to keep receiving bug fixes and security updates for new flaws. However, before deploying new Exchange Server 2019 installations across servers running software quickly reaching EOS, admins should ensure that network, hardware, software, and clients meet the requirements. Redmond also advises admins to migrate to its hosted Exchange Online email and the calendaring client as an alternative option, available as an Office 365…

Read More
13 Jan

Royal ransomware group actively exploiting Citrix vulnerability

Data Breaches, Malware, Social Engineering

The Royal ransomware group is believed to be actively exploiting a critical security flaw affecting Citrix systems, according to the cyber research team at cyber insurance provider At-Bay. Announced by Citrix on November 8, 2022, the vulnerability, identified as CVE-2022-27510, allows for the potential bypass of authentication measures on two Citrix products: the Application Delivery Controller (ADC) and Gateway. There were no known instances of the vulnerability being exploited in the wild at the time…

Read More
12 Jan

Juniper Networks Releases Security Updates for Multiple Products

Attacks, Insights, Malware

Original release date: January 12, 2023 Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review Juniper Networks’ security advisories page and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.

Read More
12 Jan

Tesla Returns as Pwn2Own Hacker Takeover Target

Information, Malware, News

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to complete vehicle compromise. Tesla, in tandem with Pwn2Own organizations Zero Day Initiative, is offering a $600,000 cash prize to any hacker capable of writing exploits that pivot through multiple systems in the car to gain arbitrary code execution. “Success here gets a big payout and, of course, a brand-new Tesla,” contest…

Read More
12 Jan

Third-Party Benefits Administrator Suffers Data Breach

Attacks, Malware

Affected parties are being notified by BBA and should not refrain from asking BBA how they plan to remediate the issue. Staying vigilant after becoming a victim of a data breach is extremely important. Refraining from interacting with unfamiliar senders who request payment or other personal information is a crucial element of such vigilance. Since Social Security numbers were part of the impacted data in this case, affected parties should reach out to credit bureaus…

Read More