CyberSecurity Updates

08 Jun

ACT government falls victim to Barracuda’s ESG vulnerability

Data Breaches, Malware, Social Engineering

The Australian Capital Territory government is one of the victims of a vulnerability found in Barracuda’s email security gateway (ESG). In a press conference on 8 June, ACT government chief digital officer Bettina Konti said there is a likelihood that some personal information is involved but the harms assessment needs to completed for that to be clear. Barracuda had first identified the CVE-2023-2838 vulnerability on 19 May issuing a patch worldwide on 20 May followed…

Read More
08 Jun

North Korean APT group targets email credentials in social engineering campaign

Data Breaches, Malware, Social Engineering

Researchers warn of a social engineering campaign by the North Korean APT group known as Kimsuky that attempts to steal email credentials and plant malware. The campaign, focused on experts in North Korean affairs, is part of this group’s larger intelligence gathering operations that target research centers, think tanks, academic institutions, and news outlets globally. “Kimsuky, a suspected North Korean advanced persistent threat (APT) group whose activities align with the interests of the North Korean…

Read More
08 Jun

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Information, Insights

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no…

Read More
08 Jun

Hear no evil: Ultrasound attacks on voice assistants

Information

How  your voice assistant could do the bidding of a hacker – without you ever hearing a thing Regular WeLiveSecurity readers won’t be stunned to read that cyberattacks and their methods keep evolving as bad actors continue to enhance their repertoire. It’s also become a common refrain that as security vulnerabilities are found and patched (alas, sometimes after being exploited), malicious actors find new chinks in the software armor. Sometimes, however, it is not “just”…

Read More
08 Jun

Firefox 114 is out: No 0-days, but one fascinating “teachable moment” bug

Information

by Paul Ducklin Firefox’s latest major update is out, following Mozilla’s usual every-fourth-Tuesday release cycle. The list of security fixes this month (like full moons, there are sometimes two Firefox releases in a calendar month, but most months only have one) is splendidly short, and there aren’t any critical bugs or zero-days in the list. But there’s a fascinating bug that acts as a reminder that it’s hard to write responsive, user-friendly browser code that’s…

Read More
08 Jun

S3 Ep138: I like to MOVEit, MOVEit

Information

by Paul Ducklin BACKDOORS, EXPLOITS, AND LITTLE BOBBY TABLES No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Backdoors, exploits, and the triumphant return of Little Bobby…

Read More
08 Jun

Google Cloud launches Cryptomining Protection Program

Data Breaches, Malware, Social Engineering

Google Cloud has launched its Cryptomining Protection Program for Security Command Center (SCC) Premium customers with up to $1 million to cover unauthorized Google Cloud compute expenses associated with undetected cryptomining attacks. SCC Premium customers will have access to the new product for free. SCC Premium works with a pay-as-you-go pricing, and as one-year and multi-year fixed-price subscriptions.  According to Google Cybersecurity Action Team (GCAT) September 2022 Threat Horizons Report, threat actors frequently targeted weak and default…

Read More
08 Jun

Consolidate Vendors and Products for Better Security

Information, News

Organizations everywhere are evolving in new ways, whether it’s embracing remote work or developing new digital business initiatives. Although these changes can be crucial to business growth and employee retention, they often expand the attack surface, which leads to greater day-to-day operational complexity for Security Operations Center (SOC) teams. At the same time the attack surface is increasing, threats are also on the upswing. Cyberattacks are becoming more sophisticated and organizations of all sizes across…

Read More
08 Jun

BastionZero releases SplitCert for password-free authentication and access

Data Breaches, Malware, Social Engineering

BastionZero has announced the release of SplitCert to provide password-free authentication access to databases. It uses Mutual TLS (mTLS) and cryptographic multi-party computation (MPC) to provide certificate-based authentication for popular, self-hosted Postgres and MongoDB databases, according to the vendor. Other new BastionZero platform features include passwordless access support for GCP cloud SQL and AWS RDS via a new desktop app, along with password-free support for Microsoft Windows servers with Remote Desktop Protocol (RDP), BastionZero said.…

Read More
08 Jun

Guardz releases AI-powered phishing protection solution for SMEs, MSPs

Data Breaches, Malware, Social Engineering

Cybersecurity vendor Guardz has announced the release of a new AI-powered phishing protection solution to help small- and medium-sized businesses (SMBs) and managed service providers (MSPs) prevent phishing attacks. It uses AI to provide small businesses and the MSPs that support them automatic phishing detection and remediation capabilities by combining email security, web browsing protection, perimeter posture, and awareness into one native solution, according to the firm. The release comes in the wake of the…

Read More