CyberSecurity Updates

22 Feb

VMware Warns Administrators of Critical Carbon Black App Control Flaw

Attacks, Malware

While patches for new vulnerabilities are released nearly every day, it is up to organizations themselves to implement these patches. Organizations are recommended to implement the recommended patch from Vmware as quickly as feasible. All patches are recommended to be tested on selected machines ahead of deployment as per standard enterprise practices. The Threat Hunting and Managed Detection and Response (MDR) services offered by Binary Defense represent an effective way to incorporate a post-exploitation focus…

Read More
22 Feb

Entitle debuts with automated SaaS permissions-management application

Data Breaches, Malware, Social Engineering

Cloud-based permissions management startup Entitle debuted Wednesday with the launch of its namesake SaaS-based application, designed to automate access requests and solve the problem of what it calls the “entitlement sprawl” faced by corporations. Enterprise security teams are confronted with an overwhelming amount of permission requests, the Israel-based company said. “We saw that permission management is becoming a big issue and interviewed heads of security about the challenges with governance and relevance of access,” said…

Read More
22 Feb

Backdoor deployment overtakes ransomware as top attacker action

Data Breaches, Malware, Social Engineering

Deployment of backdoors on networks was the top action attackers made in almost a quarter of all incidents remediated in 2022. “Backdoors led to a notable spike in Emotet cases in February and March. That spike inflated the ranking of backdoor cases significantly, as those deployed in this timeframe account for 47% of all backdoors identified globally throughout 2022,” according to the newly released IBM Security X-Force Threat Intelligence Index. “Increased backdoor deployment may also be due to…

Read More
22 Feb

German airports hit with DDoS attack

Attacks, Data Breaches

Seven German airports have had their websites targeted by a suspected distributed denial of service (DDoS) attack. The attack, which took place on February 16, saw the websites of airports including Dortmund, Nuremburg and Dusseldorf taken offline. Larger German airports, including Munich, Berlin and Frankfurt were not targeted in the attack. In a statement, the chief executive of Germain airport association, Flughafenverband ADV said “once again, airports fell victim to large-scale DDoS attacks,” but added…

Read More
22 Feb

What is Traffic Light Protocol? Here’s how it supports CISOs in sharing threat data

Data Breaches, Malware, Social Engineering

Traffic Light Protocol (TLP) was created to facilitate greater sharing of potentially sensitive threat information within an organization or business and to enable more effective collaboration among security defenders, system administrators, security managers, and researchers. TLP grew out of efforts by various public-sector security incident response teams of various nations that began sharing security alerts. The protocol was developed so that recipients of threat data could assess its sensitivity and determine how to share it…

Read More
21 Feb

Will ChatGPT start writing killer malware?

Information, Malware

AI-pocalypse soon? As stunning as ChatGPT’s output can be, should we also expect the chatbot to spit out sophisticated malware? ChatGPT didn’t write this article – I did. Nor did I ask it to answer the question from the title – I will. But I guess that’s just what ChatGPT might say. Luckily, there are some grammar errors left to prove I’m not a robot. But that’s just the kind of thing ChatGPT might do…

Read More
21 Feb

Coinbase breached by social engineers, employee data stolen

Information, Social Engineering

by Paul Ducklin Popular cryptocurrency exchange Coinbase is the latest well-known online brand name that’s admitted to getting breached. The company decided to turn its breach report into an interesting mix of partial mea culpa and handy advice for others. As in the recent case of Reddit, the company couldn’t resist throwing in the S-word (sophisticated), which once again seems to follow the definition offered by Naked Secuity reader Richard Pennington in a recent comment,…

Read More
21 Feb

The ultimate guide to malware

Malware

What is malware? Malware is a fast-growing, ever-evolving threat to cyber security. In the first six months of 2022, over 2.8 billion malware attacks were reported worldwide. Beyond risks to their network, malware like ransomware can have real, monetary costs for businesses. In 2021, damages of ransomware alone cost US$20bn. This was a 6054 percent increase on the global cost of ransomware in 2015, which was $325mn. This is only predicted to increase, with the…

Read More
21 Feb

VMware Plugs Critical Carbon Black App Control Flaw

Information, News

Virtualization technology giant VMware on Tuesday pushed out a major security fix to cover a critical vulnerability in its enterprise-facing Carbon Black App Control product. A critical-severity advisory from VMware tracks the vulnerability as CVE-2023-20858 and warns that hackers can launch injection exploits to gain full access to the underlying server operating system. “A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access…

Read More
21 Feb

Hardbit Ransomware Asks for Insurance Details

Attacks, Malware

To protect against ransomware attacks, organizations should:• Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion• Implement network segmentation.• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location• Install updates/patch operating systems, software, and firmware as soon as possible• Implement monitoring of security events on…

Read More