CyberSecurity Updates

11 May

The 6 best password managers for business

Data Breaches, Malware, Social Engineering

What’s a password manager? A password manager is a program that stores passwords and logins for various sites and apps, and generates new strong passwords when a user needs to change an old one or create a new account. Users can sign into a password manager with a single strong password or by using biometrics, and access all their login information. Most password managers allow users to sign in on multiple devices (including Macs, Windows…

Read More
10 May

The EU’s Cyber Solidarity Act: Security Operations Centers to the rescue!

Information

The legislation aims to bolster the Union’s cyber-resilience and enhance its capabilities to prepare for, detect and respond to incidents The European Union (EU) is transforming itself into a digitally aware, secure, and productive collective, with the aim of entering the 2030s as a relevant player within the digital sector. One of the base ideas of this transformation is the Digital Decade program, which has multiple targets and guidance for relevant objectives for the digital…

Read More
10 May

Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack

Information

Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. Operation DreamJob is the name for a series of campaigns where the group uses social engineering techniques to compromise its targets, with fake job offers as the lure. In this case, we were able to reconstruct the…

Read More
10 May

Did you mistakenly sell your network access? – Week in security with Tony Anscombe

Information

Many routers that are offered for resale contain sensitive corporate information and allow third-party connections to corporate networks Did you mistakenly sell access to your network when you sold a decommissioned router? Recently, ESET researchers purchased several used core routers to set up a test environment, only to find that, in many cases, the previously used configurations had not been wiped and that the devices still contained trivially accessible sensitive corporate information. The researchers went…

Read More
10 May

Bootkit zero-day fix – is this Microsoft’s most cautious patch ever?

Information, Uncategorized

by Paul Ducklin Microsoft’s May 2023 Patch Tuesday updates comprise just the sort of mixture you probably expected. If you go by numbers, there are 38 vulnerabilities, of which seven are considered critical: six in Windows itself, and one in SharePoint. Apparently, three of the 38 holes are zero-days, because they’re already publicly known, and at least one of them has already been actively exploited by cybercriminals. Unfortunately, those criminals seem to include the notorious…

Read More
10 May

Dell pushes security, devops integration in storage updates

Data Breaches, Malware, Social Engineering

Dell’s storage product lineup is set to receive a wide range of updates, including  devops integrations with the Ansible and Terraform tools, compliance with the latest US government security standards, zero trust readiness and more. PowerStore, Dell’s flash-based storage array line, is receiving the lion’s share of the security updates, according to a Dell announcement on Wednesday. Dell said that PowerStore now boasts STIG hardening, meaning that it is compliant with the federal government’s stanadards…

Read More
10 May

Microsoft fixes bypass for critical Outlook zero-click flaw patch

Data Breaches, Malware, Social Engineering

Microsoft fixed a new vulnerability this week that could be used to bypass defenses the company put in place in March for a critical vulnerability in Outlook that Russian cyberspies exploited in the wild. That vulnerability allowed attackers to steal NTLM hashes by simply sending specifically crafted emails to Outlook users. The exploit requires no user interaction. The new vulnerability, patched Tuesday and tracked as CVE-2023-29324, is in the Windows MSHTML Platform and can be…

Read More
10 May

Google Now Lets US Users Search Dark Web for Their Gmail ID

Information, News

Gmail users in the US can now run scans to find out whether their Gmail ID appears on the dark web, Google announced today at Google I/O, its annual developer conference. The feature was initially announced in March, when the internet giant released it for Google One users only. It allows users to run scans and receive a report informing them whether their information, including name, address, email address, phone number, and Social Security number,…

Read More
10 May

IBM unveils end-to-end, quantum-safe tools to secure business, government data

Data Breaches, Malware, Social Engineering

Technology giant IBM has debuted a new set of tools and capabilities designed as an end-to-end, quantum-safe solution to secure organizations and governmental agencies as they head toward the post-quantum computing era. Announced at its annual Think conference in Orlando, Florida, Quantum Safe technology combines expertise across cryptography and critical infrastructure to address the potential future security risks that quantum computing poses, according to the company. IBM also unveiled the Quantum Safe Roadmap to guide…

Read More
10 May

International security agencies warn of Russian “Snake” malware threat

Data Breaches, Malware, Social Engineering

Security agencies from five countries have issued a joint advisory revealing technical details about a sophisticated espionage tool used by Russian cyber actors against their targets. “Snake malware” and its variants have been a core component in Russian espionage operations carried out by Center 16 of Russia’s Federal Security Service (FSB) for nearly two decades, according to the security notice. Identified in infrastructure in over 50 countries across North America, South America, Europe, Africa, Asia,…

Read More