CyberSecurity Updates

13 Jun

CISA Issues BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces

Attacks, Insights, Malware

Today, CISA issued Binding Operational Directive (BOD) 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces, requiring Federal Civilian Executive Branch (FCEB) agencies to reduce risks posed by internet-exposed networked management interfaces on federal information systems. This Directive applies to dedicated device interfaces that are accessible over network protocols and are meant exclusively for authorized users to perform administrative activities on a device, a group of devices, or the network itself.  Agencies must be prepared to…

Read More
13 Jun

DDoS attacks launched against Swiss websites ahead of Zelensky address

Attacks, Data Breaches

Swiss government websites were taken offline through the use of targeted distributed-denial-of-service (DDoS) attacks ahead of a video address by Ukranian President, Volodymyr Zelensky. DDoS attacks disrupt sites by overwhelming their infrastructure with a large amount of internet traffic. As DDoS attacks overwhelm a site’s bandwidth, this prevents users from accessing it.  The disruption to the Swiss government sites was discovered on June 12, as the Swiss parliament prepared for a video address by President…

Read More
13 Jun

Artificial intelligence is coming to Windows: Are your security policy settings ready?

Data Breaches, Malware, Social Engineering

What’s in your Windows security policy? Do you review your settings on an annual basis or more often? Do you provide education and training regarding the topics in the policy? Does it get revised when the impact of an incident showcases that an internal policy violation led to the root cause of the issue? And, importantly, do you have a security policy that includes your firm’s overall policies around the increasing race towards artificial intelligence,…

Read More
12 Jun

Business email compromise scams take new dimension with multi-stage attacks

Data Breaches, Malware, Social Engineering

In a campaign that exploits the relationships between different organizations, attackers managed to chain business email compromise (BEC) against four or more organizations jumping from one breached organization to the next by leveraging the relationships between them. The attack, which Microsoft researchers call multi-stage adversary-in-the-middle (AiTM) phishing, started with a compromise at a trusted vendor and targeted organizations from the banking and financial services sectors. “This attack shows the complexity of AitM and BEC threats,…

Read More
12 Jun

History revisited: US DOJ unseals Mt. Gox cybercrime charges

Information

by Naked Security writer Remember Mt. Gox? Originally, it was a card-trading site called MTGOX, short for Magic The Gathering Online Exchange (there was no sense of “Mountain” in the name at all), but the domain changed hands and purpose in the early days of cryptocurrency. Operated out of Japan by French expatriate Mark Karpelès, Mt. Gox rapidly became the biggest online Bitcoin exchange, but imploded in 2014 when the company was forced to admit…

Read More
12 Jun

To solve the cybersecurity worker gap, forget the job title and search for the skills you need

Data Breaches, Malware, Social Engineering

BlackBerry CISO Arvind Raman looks beyond job titles when he has open positions to fill and instead focuses on the key skills required to do the work. That mindset allows Raman to readily identify and recruit qualified professionals from outside the security field, instead of simply seeking candidates working their way up the typical chain of security roles. For example, he has hired finance professionals for risk- and compliance-related work and marketing pros for awareness…

Read More
12 Jun

US Government Provides Guidance on Software Security Guarantee Requirements

Information, News

The US Office of Management and Budget (OMB) has issued new guidance on when and how federal agencies should collect security guarantees from software vendors. Building on the cybersecurity executive order that President Joe Biden signed in May 2021, the OMB last year published a memorandum (M-22-18) requiring federal agencies to obtain from software vendors guarantees that the software they provide is secure. Per M-22-18, federal agencies are required to obtain attestation for all software…

Read More
12 Jun

Fortinet Releases Security Updates for FortiOS and FortiProxy

Attacks, Insights, Malware

Fortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and FortiProxy. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Fortinet security advisory FG-IR-23-097 and apply the necessary updates. For more information, see Fortinet’s Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign.

Read More
12 Jun

Cycode’s free CI/CD monitoring tool offers new DevOps visibility

Data Breaches, Malware, Social Engineering

Cycode’s new Cimon monitoring tool for continuous integration and continuous delivery is designed to offer a new level of visibility into the CI/CD process, securing code against data exfiltration and other malicious activity. According to the company’s announcement, Cimon — short for CI Monitor — is a runtime security agent that uses the enhanced Berkeley Packet Filter (eBPF) system to look directly into the CI pipeline, develop a baseline understanding of what normal behavior looks…

Read More
12 Jun

Health Service Ireland latest victim of MOVEit cyber attack

Attacks, Data Breaches

Health Service Ireland (HSE) has become the latest victim of a supply chain cyber attack launched against document transfer service MOVEit. The attack was launched by ransomware gang, Clop. Clop were able to infiltrate MOVEit by exploiting a zero-day vulnerability that allowed the malicious group to break into company networks and steal data. Professional services partnership EY was also impacted by the cyber attack, leading to the breach. HSE was working with EY to automate…

Read More