CyberSecurity Updates

10 Feb

Attackers Breach Reddit to Steal Source Code and Internal Data

Attacks, Malware

All organizations should provide phishing awareness and defense training to all of their employees/users. A simple defense technique would be adopting a zero-trust attitude toward outside communication. For email, the zero-trust model means not allowing the delivery of messages unless they originate from a sender who can be authenticated and who has been granted explicit permission to deliver messages to that inbox. https://www.bleepingcomputer.com/news/security/hackers-breach-reddit-to-steal-source-code-and-internal-data/

Read More
10 Feb

North Korean Ransomware Attacks on Healthcare Fund Government Operations

Attacks, Malware

In this campaign, the North Korean ransomware operators made use of numerous vulnerabilities, tools, and TTPs to accomplish their goals. To protect best against a campaign such as this, it is recommended to provide user education into common phishing tactics, such as trojanized software on typo-squatted domains. Additionally, it is recommended to ensure that all software/hardware is up to date, as the operators made use of numerous vulnerabilities that relied on outdated applications. Further, it…

Read More
10 Feb

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Attacks, Insights, Malware

Original release date: February 10, 2023 CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01:…

Read More
10 Feb

Microsoft OneNote Abuse for Malware Delivery Surges

Information, News

Organizations worldwide have been warned of an increase in the number of attacks abusing Microsoft OneNote documents for malware delivery. Part of the Office suite, OneNote is typically used within organizations for note taking and task management, among other operations. What makes OneNote documents an attractive target for threat actors includes the fact that they do not benefit from the Mark-of-the-Web (MOTW) protection, along with the fact that files can be attached to OneNote notebooks…

Read More
10 Feb

IOTW: Source code stolen in Reddit phishing attack

Attacks, Data Breaches

A “highly targeted” phishing attack against social media site Reddit’s internal network has seen malicious actors steal the company’s source code and internal documents. The breach occurred on February 5, after a phishing attack was launched at Reddit employees. The site said the attack contained “plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway, in an attempt to steal credentials and second-factor tokens”.  After obtaining an employee’s credentials, the…

Read More
10 Feb

Siemens Drives Rise in ICS Vulnerabilities Discovered in 2022: Report

Information, News

The number of vulnerabilities discovered in industrial control systems (ICS) continues to increase, and many of them have a ‘critical’ or ‘high’ severity rating, according to a new report from industrial cybersecurity firm SynSaber.  The report compares the number of ICS and ICS medical advisories published by CISA between 2020 and 2022. While the number of advisories was roughly the same in 2021 and 2022, at 350, the number of vulnerabilities discovered last year reached…

Read More
10 Feb

Top cybersecurity M&A deals for 2023

Data Breaches, Malware, Social Engineering

Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world’s biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight. Global concern over cybersecurity has never been higher, with attacks coming fast and furious and…

Read More
09 Feb

Into the void: Your tech and security in digital darkness

Information

No internet, perfect security? Two ESET researchers perform a thought experiment where they consider the implications of being plunged into digital darkness. Not every computer problem is due to a war in Ukraine, or the failure of the power grid in Texas. But let’s say your network access gets shut off from the rest of the world due to a catastrophic event. Whether it is an armed conflict, a decision of an authoritarian regime, an…

Read More
09 Feb

ESET Threat Report T3 2022

Information

A view of the T3 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts In 2022, an unprovoked and unjustified attack on Ukraine shocked the world, bringing devastating effects on the country and its population. The war continues to impact everything from energy prices and inflation to cyberspace, which ESET researchers and analysts have monitored extensively throughout the year. Among the effects seen in cyberspace,…

Read More
09 Feb

S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]

Information

by Paul Ducklin CAN YOU GET HACKED AND THEN PROSECUTED FOR IT? Cryptocurrency crimelords. Security patches for VMware, OpenSSH and OpenSSL. Medical breacher busted. Is that a bug or a feature? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and…

Read More