07
Sep
Staying ahead of threats: 5 cybercrime trends to watch
New reports from Europol and the UK’s National Crime Agency (NCA) shed a light on how the battle against cybercrime is being fought
Read More
07
Sep
Apple Patches Actively Exploited iOS, macOS Zero-Days
Apple on Thursday pushed out an urgent point-update to its flagship iOS and macOS platforms to fix a pair of security defects being exploited in the wild. The vulnerabilities, fixed in the latest iOS 16.6.1 and macOS Ventura 13.5.2 releases, are credited to the Citizen Lab at The University of Torontoʼs Munk School, suggesting exploitation in commercial surveillance spyware products. The Citizen Lab at The University of Torontoʼs Munk School actively tracks PSOAs (private sector…
Read More
07
Sep
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
Today, CISA, Federal Bureau of Investigation (FBI), and U.S. Cyber Command’s Cyber National Mission Force (CNMF) published a joint Cybersecurity Advisory (CSA), Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475. This CSA provides information on an incident at an Aeronautical Sector organization, with malicious activity occurring as early as January 2023. CISA, FBI, and CNMF confirmed that nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain unauthorized access to a public-facing application (Zoho ManageEngine…
Read More
06
Sep
Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Mistakes
Microsoft has published a post-mortem detailing multiple errors that led to Chinese cyberspies hacking into US government emails, blaming the embarrassing incident on a crash dump stolen from a hacked engineer’s corporate account. The crash dump, which dated back to April 2021, contained a Microsoft account (MSA) consumer key that was used to forge tokens to break into OWA and Outlook.com accounts. “Our investigation found that a consumer signing system crash in April of 2021…
Read More
06
Sep
CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to a previously published Cybersecurity Advisory (CSA), Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations about threat actors exploiting CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Application Delivery Controller (ADC) and NetScaler Gateway—contains victim information gathered in August 2023. Since July 2023, the Joint Cyber Defense Collaborative (JCDC)…
Read More
06
Sep
CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack
CISA has released actionable guidance for Federal Civilian Executive Branch (FCEB) agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service (DDoS) attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against Web Services Technical Guidance: Helps agencies prioritize DDoS mitigations based on mission and reputational impact. Describes DDoS mitigation services so agencies can make risk-informed tradeoff decisions on how to use available resources most effectively. …
Read More
05
Sep
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. Taylor Monahan is lead product manager of MetaMask, a…
Read More
05
Sep
Getting off the hook: 10 steps to take after clicking on a phishing link
Phishing emails are a weapon of choice for criminals intent on stealing people’s personal data and planting malware on their devices. The healing process does not end with antivirus scanning.
Read More
05
Sep
CISA Hires ‘Mudge’ to Work on Security-by-Design Principles
The U.S. government’s cybersecurity agency CISA on Monday confirmed the addition of Peiter ‘Mudge’ Zatko to its roster of prominent voices preaching the gospel of security-by-design and secure-by-default development principles. Zatko, most recently the CISO at Twitter who blew the whistle on the social media giant’s security shortcomings, is joining the agency in a part-time capacity to work on the “security and resilience by design” pillar of the Biden administration’s National Cybersecurity Strategy. A statement…
Read More
05
Sep
NIST’s Planned Updates to Implementing the HIPAA Security Rule: A Cybersecurity Resource Guide
Background: NIST Special Publication (SP) 800-66 Healthcare organizations face many challenges from cybersecurity threats. This can have serious impacts on the security of patient data, the quality of patient care, and even the organization’s financial status. Healthcare organizations also must comply with regulatory requirements, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, which focuses on safeguarding the electronic protected health information (ePHI) held or maintained by HIPAA covered entities and…
Read More