Cybersecurity News | CyberSecured 24x7

17 Mar

SVB collapse is a scammer’s dream: Don’t get caught out

How cybercriminals can exploit Silicon Valley Bank’s downfall for their own ends – and at your expense Big news events and major crises usually trigger an avalanche of follow-on phishing attempts. The COVID-19 pandemic and Russia’s invasion of Ukraine are perhaps the most obvious examples, but the most recent one is the collapse of Silicon Valley Bank (SVB). The mid-sized US lender and a key financer of tech start-ups held tens of billions of dollars’…

17 Mar

Dangerous Android phone 0-day bugs revealed – patch or work around them now!

Information

by Paul Ducklin Google has just revealed a fourfecta of critical zero-day bugs affecting a wide range of Android phones, including some of its own Pixel models. These bugs are a bit different from your usual Android vulnerabilities, which typically affect the Android operating system (which is Linux-based) or the applications that come along with it, such as Google Play, Messages or the Chrome browser. The four bugs we’re talking about here are known as…

17 Mar

BianLian Ransomware Gang Shifts Focus to Pure Data Extortion

Attacks, Malware

CPR’s analysis revealed that the gang has already targeted several organizations, including a large US-based medical testing laboratory, and a multinational pharmaceutical company, among others. The group’s modus operandi involves exfiltrating data, encrypting it, and then publishing it on their data leak site if the victim refuses to pay the ransom. CPR warns that BianLian’s shift in tactics could inspire other ransomware groups to follow suit, creating more problems for organizations already grappling with the…

17 Mar

Google Finds 18 Zero-Day Vulnerabilities in Samsung Exynos Chipsets

Attacks, Malware

Device owners should install patches for these vulnerabilities as soon as they are made available by the vendor. It was also recommended to disable Wi-Fi calling and Voice-over-LTE to mitigate the impact of the vulnerabilities until patches are released. https://www.bleepingcomputer.com/news/security/google-finds-18-zero-day-vulnerabilities-in-samsung-exynos-chipsets/

17 Mar

Adobe Acrobat Sign Abused to Push Redline Info-Stealing Malware

Attacks, Malware

While it isn’t necessarily a novel tactic to utilize legitimate resources to aid in phishing campaigns, it is an effective one. Often when an end-user receives a phishing email from a legitimate source such as Adobe Sign, it makes them much more likely to fall for it as many users don’t know how to properly identify a phishing email. Many times, training around phishing states to look for things such as a suspicious title, suspicious…

17 Mar

Latitude Financial Services Data Breach Impacts 300,000 Customers

Data Breaches, Information, News

Australian financial services company Latitude Financial Services is notifying roughly 300,000 customers that their personal information might have been compromised in a data breach. A subsidiary of Deutsche Bank and KKE operating since 2015 and headquartered in Melbourne, Latitude is the largest non-bank lender of consumer credit in Australia, also offering services in New Zealand, under the brand Gem Finance. On Thursday, the company disclosed falling victim to a cyberattack that forced it to suspend…

17 Mar

US Government Warns Organizations of LockBit 3.0 Ransomware Attacks

Information, News

The Federal Bureau of Investigation (FBI), the Cybersecurity and Information Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) this week issued an alert on the LockBit 3.0 ransomware operation. Since January 2020, LockBit has functioned based on the ransomware-as-a-service (RaaS) model, targeting a broad range of businesses and critical infrastructure entities and using a variety of tactics, techniques, and procedures (TTPs). Also referred to as LockBit Black, LockBit 3.0 has a…

17 Mar

Drupal Releases Security Advisory to Address Vulnerability in Drupal Core

Attacks, Insights, Malware

Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal security advisory SA-CONTRIB- 2023-004 for more information and apply the necessary updates.

16 Mar

What is phishing?

Attacks, Data Breaches

Phishing is a social engineering tactic that sees hackers attempt to gain access to personal or confidential information by posing as a legitimate company. In this article, Cyber Security Hub’s editor Olivia Powell explores what phishing attacks are, why malicious actors launch phishing attacks and how companies can protect themselves against them. For our guide explaining the different types of malware and how this can affect your business, visit Cyber Security Hub’s Ultimate guide to…

CyberSecurity Updates

SVB collapse is a scammer’s dream: Don’t get caught out

Dangerous Android phone 0-day bugs revealed – patch or work around them now!

BianLian Ransomware Gang Shifts Focus to Pure Data Extortion

Google Finds 18 Zero-Day Vulnerabilities in Samsung Exynos Chipsets

Adobe Acrobat Sign Abused to Push Redline Info-Stealing Malware

Latitude Financial Services Data Breach Impacts 300,000 Customers

US Government Warns Organizations of LockBit 3.0 Ransomware Attacks

Drupal Releases Security Advisory to Address Vulnerability in Drupal Core

What is phishing?

Search

The 6 Stages of a Vulnerability Management Process

Get Cybersecurity Alerts

Read More

Categories

Site Navigation

Resources