CyberSecurity Updates

29 Aug

CISA Releases IOCs Associated with Malicious Barracuda Activity

Attacks, Insights, Malware

CISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances.  Download the newly released IOCs associated with this activity: IOCs Associated with Exploitation of Barracuda ESG Vulnerability CVE-2023-2868 (JSON, 85.34 KB ) Review the following…

Read More
28 Aug

Acquisition Chatter Swirls Around SentinelOne, BlackBerry

Information, News

Prominent anti-malware vendors SentinelOne and BlackBerry have been separately named in public acquisition chatter, underscoring a clear signal of impending consolidation in cybersecurity. According to published reports, private equity firm Veritas Capital is in early talks to acquire BlackBerry, the venerable tech firm that acquired Cylance and reinvented itself as a cybersecurity vendor. Neither Veritas or BlackBerry has commented on the reports, which say Veritas is interested in acquiring all of the Canadian company, while…

Read More
25 Aug

Kroll Employee SIM-Swapped for Crypto Investor Data

Data Breaches, Information, Insights

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency lender BlockFi and the now-collapsed crypto trading platform FTX each disclosed data breaches this week thanks to a recent SIM-swapping attack…

Read More
25 Aug

S3 Ep149: How many cryptographers does it take to change a light bulb?

Information

by Paul Ducklin HOW MANY CRYPTOGRAPHERS? No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Leaky light bulbs, WinRAR bugs, and “Airplane mode, [HIGH RISING TONE] question mark?”…

Read More
25 Aug

In Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor Disclosures

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More
25 Aug

North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw

Information, News

The North Korea-linked advanced persistent threat (APT) actor Lazarus Group has been observed exploiting a Zoho ManageEngine vulnerability to compromise an internet backbone infrastructure provider in Europe, Cisco’s Talos security researchers report. The attack occurred in early 2023, roughly five days after proof-of-concept (PoC) exploit code targeting the ManageEngine flaw, which is tracked as CVE-2022-47966 (CVSS score of 9.8), was published. Identified in the Apache xmlsec (XML Security for Java) third-party dependency, the issue can…

Read More
25 Aug

Cypago Raises $13 Million for GRC Automation Platform 

Information, News

Israeli startup Cypago on Thursday announced that it has raised $13 million in a funding round led by Entrée Capital, Axon Ventures, and Jump Capital, with participation from various angel investors. Founded in 2020, the Tel Aviv-based company also launched its governance, risk management and compliance (GRC) automation (CGA) platform, which aims to bring management, security, and operations together. Combining a SaaS architecture with advanced analysis and correlation, generative AI, and automation, the platform helps…

Read More
25 Aug

CISA’s VDP Platform 2022 Annual Report Showcases Success

Attacks, Insights, Malware

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released its inaugural Vulnerability Disclosure Policy (VDP) Platform 2022 Annual Report, highlighting the service’s progress supporting vulnerability awareness and remediation across the Federal Civilian Executive Branch (FCEB). This report showcases how agencies have used the VDP Platform—launched in July 2021—to safeguard the FCEB and support risk reduction. The VDP platform gives federal agencies a single, user-friendly interface to intake vulnerability information and to collaborate with the public researcher community for…

Read More