CyberSecurity Updates

02 Mar

Gitpod flaw shows cloud-based development environments need security assessments

Data Breaches, Malware, Social Engineering

Researchers from cloud security firm Snyk recently discovered a vulnerability that would have allowed attackers to perform full account takeover and remote code execution (RCE) in Gitpod, a popular cloud development environment (CDE). Cloud-based development environments are popular because they’re easier to deploy and maintain than local ones and promise better security. However, organizations should properly assess security risks CDEs can introduce and are unique to their architectures, especially since they haven’t received much scrutiny from…

Read More
02 Mar

Leaky Database puts Animaker Consumers at Risk

Attacks, Malware

Users of Animaker are advised to be vigilant of any suspicious activity related to their accounts. It is also recommended that users enable two-factor authentication and use unique passwords for their various online accounts to mitigate the risk of further data breaches. Companies who use storage buckets should be aware that security controls typically need to be created after the creation of the bucket. Video Marketing Software Animker Leaking Trove of User Data

Read More
02 Mar

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

Attacks, Malware

PyPI and other language-based repositories are increasingly being used by threat actors to distribute malware. Due to this, it is important to make sure that package installations are being done in a secure manner, to prevent an incidental infection within an organization. It is recommended that all imported libraries into an application are verified by developers, to make sure that there are no accidental typos in library names. Threat actors rely on accidental typos when…

Read More
02 Mar

Russia Bans Foreign Messaging Apps In Government Organizations

Attacks, Malware

Although it remains unknown as to why they did not ban Signal and Zoom, Russia has long attempted to control social media within its borders. Russia has been attempting to ban telegram since 2018; Telegram’s CEO claimed the Russian government planned to ban Telegram unless they handed over sensitive data and access to encrypted messages. The problem has become a larger issue for Russia since they invaded Ukraine in February of last year. The invasion…

Read More
02 Mar

Software liability reform is liable to push us off a cliff

Data Breaches, Malware, Social Engineering

Like “SBOMs will solve everything,” there is a regular cry to reform software liability, specifically in the case of products with insecurities and vulnerabilities. US Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly’s comments this week brought the topic back into focus, but it’s still a thorny issue. (There’s a reason certain things are called “wicked problems.”) The proposed remedy, taking up a full page of the Biden Administration’s National Cybersecurity Strategy, will cause…

Read More
02 Mar

BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems

Information, News

The BlackLotus bootkit can bypass security protections on fully updated Windows 11 systems and persistently infect them, ESET’s analysis of the threat has revealed. New to the threat landscape – it emerged on underground forums in October 2022 – BlackLotus provides cybercriminals and advanced persistent threat (APT) actors with capabilities previously associated with nation-states, at the price of $5,000. The major threat posed by UEFI bootkits is well known: with control over the operating system’s…

Read More
02 Mar

Booking.com account takeover flaw shows possible pitfalls in OAuth implementations

Data Breaches, Malware, Social Engineering

Booking.com, one of the world’s largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to customer accounts by simply tricking them into clicking a link. The attack combined three separate issues that on their own could be categorized as low risk and could be introduced by many developers into their implementations. “For the OAuth issues we found, had a bad actor…

Read More
02 Mar

Microsoft Intune Suite consolidates endpoint management and protection

Data Breaches, Malware, Social Engineering

Microsoft has launched the general availability of Microsoft Intune Suite, a consolidation of its endpoint management and security solutions to streamline protection for cloud-connected and on-premises endpoints.  The consolidation is aimed to serve as a single vendor for all endpoint security needs for the customers to have single analytics, rather than multiple disparate datasets, with a consistent visibility to potential vulnerabilities and anomalies, according to a company blog post. “Microsoft Intune is an industry-leading, unified…

Read More
02 Mar

Unpatched old vulnerabilities continue to be exploited: Report

Data Breaches, Malware, Social Engineering

Known vulnerabilities as old as 2017 are still being successfully exploited in wide-ranging attacks as organizations fail to patch or remediate them successfully, according to a new report by Tenable.  The report is based on Tenable Research team’s analysis of cybersecurity events, vulnerabilities and trends throughout 2022, including an analysis of 1,335 data breach incidents publicly disclosed between November 2021 and October 2022. Of the events analyzed, more than 2.29 billion records were exposed, which accounted…

Read More
02 Mar

Why healthcare providers are focusing on cyber resilience

Attacks, Data Breaches

The healthcare industry, especially within the Asia-Pacific region, has been the victim of a number of cyber attacks and data breaches within the last six months alone. In just one attack against Australian healthcare and insurance provider Medibank, the personal information of 9.7 million people was stolen and thousands had their private medical details posted online. In this exclusive interview, Cyber Security Hub speaks with Jojo Nufable, group IT infrastructure and cyber security head at…

Read More