Malware

11 Jan

Cybercriminals bypass Windows security with driver-vulnerability exploit

Data Breaches, Malware, Social Engineering

The Scattered Spider cybercrime group has recently been observed attempting to deploy a malicious kernel driver using a tactic called bring your own vulnerable driver (BYOVD) — a warning to security professionals that the technique, which exploits longstanding deficiencies in Windows kernel protections, is still being employed by cybercriminals, according to cybersecurity company CrowdStrike. In this latest BYOVD attack, which was observed and stopped by CrowdStrike’s Falcon security system, Scattered Spider attempted to deploy a…

Read More
11 Jan

NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services

Attacks, Insights, Malware

Original release date: January 11, 2023 The United Kingdom’s National Cyber Security Centre (NCSC-UK) has released a blog post, Using MSPs to administer your cloud services, that provides organizations security considerations for using a third party, such as a managed service provider (MSP), to administer cloud services. Contracting with an MSP for cloud service management has become an increasingly appealing option for organizations. The post discusses the trade-offs involved as well as specific security checks…

Read More
11 Jan

StrongPity APT Group Distributing Fake Shagle App

Attacks, Malware

Binary Defense strongly recommends that Android users source their apps from a trusted source such as the Google Play store. Extreme caution should be used when installing an APK from any other source. https://www.bleepingcomputer.com/news/security/hackers-target-android-users-with-fake-shagle-video-chat-app/

Read More
11 Jan

Over 1,300 Fake AnyDesk Sites Push Vidar Info-Stealing Malware

Attacks, Malware

Users are advised to bookmark official sites used for downloading software, avoid clicking on promoted results (ads) in Google Search, and find the official URL of a software project from their official website, documentation, or your OS’s package manager. https://www.bleepingcomputer.com/news/security/over-1-300-fake-anydesk-sites-push-vidar-info-stealing-malware/

Read More
11 Jan

Dark Pink APT Group Targets Government and Military Entities with Custom Malware

Attacks, Malware

While this threat actor has been seen making use of custom malware, Dark Pink, like most threat actors, is still relying on phishing to gain their initial access into an environment. Phishing is one of the most prominent tactics used by threat actors, with the frequency and volume of phishing-related attacks on the rise every year. To protect against phishing, it is recommended to provide sufficient user training and education, as well as implementing an…

Read More
11 Jan

Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams

Data Breaches, Malware, Social Engineering

Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off. The study, by researchers with security firm WithSecure, demonstrates that not only can attackers generate unique variations of the same phishing lure with grammatically correct and human-like…

Read More
11 Jan

Timeline of the latest LastPass data breaches

Data Breaches, Malware, Social Engineering

On November 30, 2022, password manager LastPass informed customers of a cybersecurity incident following unusual activity within a third-party cloud storage service. While LastPass claims that users’ passwords remain safely encrypted, it admitted that certain elements of customers’ information have been exposed. The security incident was the latest to affect the service in recent times in the wake of unauthorized access to its development environment in August last year, serious vulnerabilities in 2017, a phishing…

Read More
10 Jan

Data leak exposes information of 10,000 French social security beneficiaries

Data Breaches, Malware, Social Engineering

[Editor’s note: This article originally appeared on the Le Monde Informatique website.] More than 10,000 beneficiaries of a local branch of the French social security agency CAF, or Family Allowance Fund, saw their data exposed for about 18 months, after a file containing personal information was sent to a service provider. The mistake, discovered by France Info — Radio France’s news and investigation service — just before the year-end holidays, could hit the CAF hard.…

Read More
10 Jan

Adobe Releases Security Updates for Multiple Products

Attacks, Insights, Malware

Original release date: January 10, 2023 Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. Adobe Acrobat and Reader APSB23-01 Adobe InDesign APSB23-07 Adobe InCopy APSB23-08 Adobe Dimension APSB23-10 This product is provided subject to this Notification and this Privacy…

Read More
10 Jan

Microsoft Releases January 2023 Security Updates

Attacks, Insights, Malware

Original release date: January 10, 2023 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s January 2023 Security Update Guide and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More