CyberSecurity Updates

01 Dec

Executives behaving badly: 5 ways to manage the executive cyberthreat

Information

Business Security Failing to practice what you preach, especially when you are a juicy target for bad actors, creates a situation fraught with considerable risk Phil Muncaster 30 Nov 2023  •  , 5 min. read When it comes to corporate cybersecurity, leading by example matters. Yes, it’s important for every employee to play their part in a security-by-design culture. But their cues more often than not come from the top. If the board and senior…

Read More
01 Dec

CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs

Attacks, Insights, Malware

Today, CISA, the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) released a joint Cybersecurity Advisory (CSA) IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors in response to the active exploitation of Unitronics programmable logic controllers (PLCs) in multiple sectors, including U.S. Water and Wastewater Systems (WWS) facilities, by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated advanced persistent threat (APT) cyber actors.  IRGC-affiliated cyber…

Read More
01 Dec

CISA Removes One Known Exploited Vulnerability From Catalog

Attacks, Insights, Malware

CISA is continually collaborating with partners across government and the private sector. As a result of this collaboration, CISA has concluded that there is insufficient evidence to keep the following CVE in the catalog and has removed it: CVE-2022-28958 DIR-816L Remote Code Execution Vulnerability Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant…

Read More
30 Nov

Very precisely lost – GPS jamming

Information

Digital Security The technology is both widely available and well developed, hence it’s also poised to proliferate – especially in the hands of those wishing ill Cameron Camp 29 Nov 2023  •  , 2 min. read Who would be to blame if your plane got tricked into flying into a war zone? If GPS gets jammed, machines could confidently err off course into strange and dangerous locales, potentially edging up already mounting tensions in geopolitical…

Read More
30 Nov

IOTW: Ransomware gang steals 1.3TB of data from Sabre

Malware

Ransomware gang Dunghill Leak has claimed responsibility for a cyber attack against travel booking company Sabre. Dunghill claimed in a post on its dark web data leaks site that it had stolen 1.3 terabytes of data from Sabre, including corporate financial information, passenger turnover and ticket sales data and personal employee information. The ransomware gang validated its claims by sharing a portion of the stolen data, promising that the rest of the data will be…

Read More
30 Nov

Spyware is being spread via fake natural disaster alerts

Malware

Malware is being spread to Android devices via fake volcano eruption alerts, cyber security researchers have found.  Researchers at Italian cyber security company, D3Labs, published a blog about the malicious software on October 16. They discovered that malicious actors were exploiting the IT-Alert service, a new public alert system used by the Italian government to disseminate crucial information to its citizens in emergency situations, for example natural disasters.  In order to convince unsuspecting victims into…

Read More
30 Nov

Cyber security advisory warns of emerging ransomware variant Rhysida

Malware

A new cybersecurity advisory has warned of the threats posed by emerging ransomware variant Rhysida. The advisory, published jointly by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), disseminates the known indicators of compromise (IOCs) and tactics, techniques and procedures (TTPs) of the Rhysida ransomware operators. It also outlines the mitigative steps organizations should take to reduce the likelihood and impact…

Read More
30 Nov

Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems

Attacks, Insights, Malware

CISA has assisted a researcher with coordinating the disclosure of multiple researcher-discovered vulnerabilities affecting web-based case and document management systems used by multiple state, county, and municipal courts. Affected systems include products from Tyler Technologies and Catalis and custom software used by specific counties in Florida. In summary, the vulnerabilities allow an unauthenticated, remote attacker to access sensitive documents by manipulating identifiers and file names in URLs. CISA understands that some of the vulnerabilities may…

Read More
29 Nov

Retail at risk: Top threats facing retailers this holiday season

Information

Business Security While it may be too late to introduce wholesale changes to your security policies, it doesn’t hurt to take a fresh look at where the biggest threats are and which best practices can help neutralize them Phil Muncaster 28 Nov 2023  •  , 6 min. read The holiday shopping season has begun in earnest. While retailers are focused on jockeying for an estimated $1.5 trillion in sales this year (and that’s just for…

Read More
29 Nov

Okta: Breach Affected All Customer Support Users

Data Breaches, Information, Insights

When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. But today, Okta revised that impact statement, saying the attackers also stole the name and email address for nearly all of its customer support users. Okta acknowledged last month that for several…

Read More