CyberSecurity Updates

28 Feb

New cyberattack tactics rise up as ransomware payouts increase

Data Breaches, Malware, Social Engineering

While phishing, business email compromise (BEC), and ransomware still rank among the most popular cyberattack techniques, a mix of new-breed attacks is gaining steam, according to a new report from cybersecurity and compliance company Proofpoint. “While conventional phishing remains successful, many threat actors have shifted to newer techniques, such as telephone-oriented attack delivery (TOAD) and adversary in the middle (AitM) phishing proxies that bypass multi-factor authentication,” said Ryan Kalember, executive vice president of cybersecurity strategy…

Read More
28 Feb

Security Defects in TPM 2.0 Spec Raise Alarm

Information, News

Security researchers at Quarkslab have identified a pair of serious security defects in the Trusted Platform Module (TPM) 2.0 reference library specification, prompting a massive cross-vendor effort to identify and patch vulnerable installations. The vulnerabilities, tracked as CVE-2023-1017 and CVE-2023-1018, provide pathways for an authenticated, local attacker to overwrite protected data in the TPM firmware and launch code execution attacks, according to an advisory from Carnegie Mellon’s CERT coordination center.  From the CERT alert: “An…

Read More
28 Feb

New SCARLETEEL Threat Group Attacks Cloud Data via Cryptomining

Attacks, Malware

To minimize the traces left behind, the attacker attempted to disable CloudTrail logs in the compromised AWS account. Additionally, Sysdig’s report indicates that the attacker retrieved Terraform state files from the S3 buckets containing IAM user access keys and a secret key for a second AWS account. This account was eventually used for lateral movement within the organization’s cloud network. In order to effectively address the risks introduced by cloud facing threats, organizations are highly…

Read More
28 Feb

Link Found Between Exfiltrator-22 Post-Exploitation Framework And LockBit Ransomware

Attacks, Malware

The CYFIRMA team has discovered evidence that EX-22 was created by LockBit 3.0 associates or members of the ransomware operation’s development staff. Firstly, they discovered that the framework used the same “domain fronting” method used by the LockBit and the TOR obfuscation plugin Meek, which assists in concealing malicious traffic inside normal HTTPS connections to legitimate platforms. Further research by CYFIRMA revealed that EX-22 makes use of the identical C2 infrastructure that was previously disclosed…

Read More
28 Feb

Critical Flaws in WordPress Houzez Theme Exploited to Hijack Websites

Attacks, Malware

The company that has developed the theme was made aware of attacks that were being carried out in the wild and has provided updates to the theme and login register. The theme that is not vulnerable to this bug is version 2.7.2 and later, which will prevent the first vulnerability. The second vulnerability can be mitigated by ensuring the login register is running version 2.6.4 or later. Anyone running the Houzez theme and plugin should…

Read More
28 Feb

Malicious package flood on PyPI might be sign of new attacks to come

Data Breaches, Malware, Social Engineering

Over the weekend an attacker has been uploading thousands of malicious Python packages on the public PyPI (Python Package Index) software repository. If executed on a Windows system, these packages will download and install a Trojan program hosted on Dropbox. Flooding public package repositories with malicious packages is not entirely new. Last year researchers detected a group of 186 packages from the same account on the JavaScript npm repository that were designed to install cryptomining…

Read More
28 Feb

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Data Breaches, Information, Insights

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. The conclusions above…

Read More
28 Feb

Well-funded security systems fail to prevent cyberattacks in US and Europe: Report

Data Breaches, Malware, Social Engineering

Multilayered, well-funded cybersecurity systems are unable to protect enterprises in the US and Europe from cyberattacks, according to a report by automated security validation firm Pentera. The report, which was based on a survey of 300 CIOs, CISOs and security executives to get insights on their current IT and security budgets and cybersecurity validation practices, noted that the financial slowdown has had a minimal impact on cybersecurity budgets. “We’re seeing more organizations increase the cadence…

Read More
28 Feb

Top seven hacks and cyber security threats in APAC

Attacks, Data Breaches

In 2022, 59 percent of business in the Asia-Pacific region reported being the victim of a cyber attack, 32 percent reported being the victim of multiple cyber attacks and the region suffered a shortage of 2.1 million cyber security professionals. This has culminated in the Asia-Pacific region being victim to a number of high-profile cyber attacks within the last 12 months. In this article, Cyber Security Hub explores seven of these attacks. Contents New Zealand…

Read More
28 Feb

How to de-risk your digital ecosystem

Data Breaches, Malware, Social Engineering

Companies rightly see much promise for future revenues and productivity by building and participating in emerging digital ecosystems — but most have not given enough consideration to the risks and threats inherent in such ecosystems. According to the TCS Risk & Cybersecurity Study, cyber threats within digital ecosystems may be an enterprise blind spot. TCS Santha Subramoni, global head, cybersecurity business unit at Tata Consultancy Services Digital ecosystems are dynamic, agile, interactive, borderless, multimodal, and…

Read More