CyberSecurity Updates

14 Dec

FortiGuard Releases Security Updates for Multiple Products

Attacks, Insights, Malware

FortiGuard has released security updates to address vulnerabilities in multiple FortiGuard products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates: FG-IR-23-196: Double free in cache management FG-IR-22-038: FortiMail, FortiNDR, FortiRecorder, FortiSwitch, FortiVoice – Cross-site scripting forgery (CSRF) in HTTPd CLI console FG-IR-23-138: FortiOS, FortiProxy – Format String Bug in HTTPSd

Read More
14 Dec

A pernicious potpourri of Python packages in PyPI

Information

ESET Research has discovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. The threat targets both Windows and Linux systems and usually delivers a custom backdoor. In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or both. In May 2023, we reported on another cluster of packages we found on PyPI that delivers password and…

Read More
14 Dec

Delivering trust with DNS security

Information

Cybercrime continues to grow rapidly; indeed, it is a highly lucrative global industry. Without accurately accounting for profits from cybercrime (1, 2), we are left looking at the staggering estimated cost of US$7.08 trillion in 2022 for reference. Measured in terms of GDP, the illegal proceeds would rank as the third-largest “economy” worldwide. Regardless, this landscape keeps evolving, driven by new tech, further monetization of the internet, new illicit opportunities enabled by the vibrant cybercrime…

Read More
13 Dec

CISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793

Attacks, Insights, Malware

Today, CISA—along with the U.S. Federal Bureau of Investigation (FBI), National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC)—released a joint Cybersecurity Advisory (CSA), Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally. Since September 2023, Russian Foreign Intelligence Service (SVR)-affiliated cyber actors (also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and NOBELIUM/Midnight Blizzard) have been targeting servers hosting JetBrains…

Read More
13 Dec

Silent but deadly: The rise of zero-click attacks

Information

Mobile Security A security compromise so stealthy that it doesn’t even require your interaction? Yes, zero-click attacks require no action from you – but this doesn’t mean you’re left vulnerable. Márk Szabó 11 Dec 2023  •  , 3 min. read In a world of instant communication and accelerated by the ever-spreading notion that if you are not connected or available, you might be the odd one out, messaging has, in many ways, become a crucial…

Read More
13 Dec

Black Hat Europe 2023: Should we regulate AI?

Information

We Live Progress ChatGPT would probably say “Definitely not!”, but will we learn any lessons from the rush to regulate IoT in the past? Tony Anscombe 11 Dec 2023  •  , 3 min. read The accelerated pace in the advancement of technology is challenging for any of us to keep up with, especially for public sector policymakers who traditionally follow rather than lead. Last week, the Black Hat Europe conference held in London, provided an…

Read More
12 Dec

Microsoft Patch Tuesday, December 2023 Edition

Information, Insights

The final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known “zero-day” threats targeting any of the vulnerabilities in December’s patch batch. Still, four of the updates pushed out today address “critical” vulnerabilities that Microsoft says can be exploited by malware or malcontents to seize complete control over…

Read More
12 Dec

A Note on progress…NIST’s Digital Identity Guidelines.

Insights

In August 2023 the Digital Identity Guidelines team hosted a two-day workshop to provide a public update on the status of revision 4. As part of that session, we committed to providing further information on the status of each volume going forward. In fulfillment of this commitment, we wanted to offer a quick update on where we stand. Our goal remains to have the next version of each volume out by the Spring of 2024.…

Read More
12 Dec

CISA Releases SCuBA Google Workspace Secure Configuration Baselines for Public Comment

Attacks, Insights, Malware

Today, CISA released the draft Secure Cloud Business Applications (SCuBA) Google Workspace (GWS) Secure Configuration Baselines and the associated assessment tool ScubaGoggles for public comment. The draft baselines offer minimum viable security configurations for nine GWS services: Groups for Business, Google Calendar, Google Common Controls, Google Classroom, Google Meet, Gmail, Google Chat, Google Drive and Docs, and Google Sites. The ScubaGoggles tool assesses GWS tenants’ compliance against the baselines.    Federal agencies and other organizations are invited…

Read More