CyberSecurity Updates

02 Mar

BlackLotus UEFI bootkit: Myth confirmed

Information

The first in-the-wild UEFI bootkit bypassing UEFI Secure Boot on fully updated UEFI systems is now a reality The number of UEFI vulnerabilities discovered in recent years and the failures in patching them or revoking vulnerable binaries within a reasonable time window hasn’t gone unnoticed by threat actors. As a result, the first publicly known UEFI bootkit bypassing the essential platform security feature – UEFI Secure Boot – is now a reality. In this blogpost…

Read More
01 Mar

Internet Access, Privacy ‘Essential for Freedom’: Proton Chief

Information, News

Internet privacy company Proton can spot attacks on democracy in a country before they hit the headlines, simply by watching demand for its services explode, its chief told AFP. When Russia blocked access to independent news sites following its invasion of Ukraine a year ago, the small company which provides virtual private networks (VPNs) saw “a 9,000 percent increase in sign-ups over just a period of a few days”, company chief executive Andy Yen said…

Read More
01 Mar

Parallax RAT Hiding in Legitimate Processes

Attacks, Malware

Phishing continues to be a popular method of initial access for threat actors. The effectiveness of phishing attacks, when paired with increasingly popular evasion techniques such as process injection and process hollowing, create a dangerous combination. These types of attacks will likely continue to grow in popularity due to the accessibility of closed source tools like this. They also serve to highlight the importance of a mature detection program that can respond to complex attacks…

Read More
01 Mar

Cyber Attackers Shift Tactics for Maximum Impact

Attacks, Malware

The first step to secure IoT devices is knowing what is connected. This includes using a device identification and discovery tool that automates three critical IoT security functions: • Automatically and continuously detects, profiles, and classifies IoT devices on the network.• Maintains a real-time inventory of devices.• Provides relevant risk insights for each of these asset classes by continuously monitoring across attack vectors. By following these industry best practices for IoT security and adopting leading-edge…

Read More
01 Mar

CISA Warns of ZK Java Framework RCE Flaw Being Exploited in the Wild

Attacks, Malware

While this vulnerability was patched nearly a year ago, it is still being actively exploited in many organizations. This demonstrates the need for two key functions in any organization – threat intelligence and a patching schedule. Adequate threat intelligence is needed in an organization for a variety of different reasons, but one key reason is to ensure that the organization is made aware of any vulnerabilities that have been released in a timely manner. Threat…

Read More
01 Mar

BlackLotus bootkit can bypass Windows 11 Secure Boot: ESET

Data Breaches, Malware, Social Engineering

A Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus is found to be capable of bypassing an essential platform security feature, UEFI Secure Boot, according to researchers from Slovakia-based cybersecurity firm ESET. BlackLotus uses an old vulnerability and can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled, the researchers found. UEFI Secure Boot is a feature of the UEFI firmware, which is a successor to the traditional BIOS (Basic Input/Output System)…

Read More
01 Mar

Top 10 open source software risks for 2023

Data Breaches, Malware, Social Engineering

Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. The other major open source software risks, according to the report, include unmaintained software, outdated software, untracked dependencies, license risk, immature software, unapproved changes, and under/oversized dependency. Almost 80% of code in modern applications is code that relies on open source packages. While open…

Read More
01 Mar

How security leaders can effectively manage Gen Z staff

Data Breaches, Malware, Social Engineering

In 2022, I started a podcast aimed at converting more Gen Z to seek careers in cybersecurity. In doing so, I had to educate myself on what they value and realized the many differences between Gen Z and previous generations. Gen Z refers to those born between mid-to-late 1990s and 2010, making them between the ages of 11 and 28. This means they grew up experiencing a much faster rate in which technology evolves. The…

Read More
01 Mar

ESET Research Podcast: Ransomware trashed data, Android threats soared in T3 2022

Information

And that’s just the tip of the iceberg when it comes to the trends that defined the cyberthreat landscape in the final four months of 2022. Data from the latest ESET Threat Report, which provides an in-depth look at the threat landscape from September to December 2022, confirmed several previously observed trends. The key of them was a continuous decline in all but one monitored malware category. Curiously enough, however, the overall drop in numbers…

Read More
28 Feb

Hacked home computer of engineer led to second LastPass data breach

Data Breaches, Malware, Social Engineering

Password management company LastPass, which was hit by two data breaches last year, has revealed that data exfiltrated during the first intrusion, discovered in August, was used to target the personal home computer of one of its devops engineers and launch a second successful cyberatttack, detected in November. The threat actor involved in the breaches infected the engineer’s home computer with a keylogger, which recorded information that enabled a cyberattack that exfiltrated sensitive information from…

Read More