CyberSecurity Updates

17 Feb

EU parliamentary committee says ‘no’ to EU-US data privacy framework

Data Breaches, Malware, Social Engineering

The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended that the European Commission reject the proposed EU-US Data Privacy Framework, which would govern the way in which the personal information of EU citizens is handled by US companies. The committee’s decision — formally, a draft motion for a resolution— represents a rejection of the European Commission’s recommendation, announced in December, that the data privacy framework should be adopted. The recommendation stated…

Read More
17 Feb

New Protections for Food Benefits Stolen by Skimmers

Information, Insights

Millions of Americans receiving food assistance benefits just earned a new right that they can’t yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes. On December 29, 2022, President Biden signed into law the Consolidated Appropriations Act of 2023, which — for the first time ever — includes provisions for the replacement…

Read More
17 Feb

New Mirai Malware Variant Infects Linux Devices to Build DDoS Botnet

Attacks, Malware

The most effective way to defend systems against Miria and other botnet infections is to change the default password to a complex password that is unique to that device. It is also recommended to download and apply security patches when the official manufacturer releases them. https://www.bleepingcomputer.com/news/security/new-mirai-malware-variant-infects-linux-devices-to-build-ddos-botnet/

Read More
17 Feb

Hackers use Fake Certificate to Hide Attack

Attacks, Malware

Servers running the affected versions of these Fortinet products should be updated to a version that is not susceptible to these attacks. Whenever a product releases a security patch, it is important to test and implement the update as soon as possible to prevent attackers from being able to exploit vulnerabilities. A full list of affected product versions can be found in the source article. https://www.infosecurity-magazine.com/news/hackers-fake-emsisoft-certificate/

Read More
17 Feb

CISA Warns of Windows and iOS Bugs Exploited as Zero-days

Attacks, Malware

While CISA’s directive only applies to United States federal agencies, it is encouraged and best practice that organizations also follow this timeline to patch their vulnerabilities. In cybersecurity, a timely patching schedule is an important factor of securing an environment, as many threat actors will attempt to exploit recently released 0-days before organizations have a chance to patch them. On top of a timely patching schedule, it is also important to employ a defense-in-depth strategy.…

Read More
17 Feb

New Mirai botnet variant V3G4 targets Linux servers, IoT devices

Data Breaches, Malware, Social Engineering

A new variant of Mirai — the botnet malware used to launch massive DDoS attacks —has been targeting 13 vulnerabilities in IoT devices connected to Linux servers, according to researchers at Palo Alto Network’s Unit 42 cybersecurity team.  Once the vulnerable devices are compromised by the variant, dubbed V3G4, they can fully controlled by attackers and become part of a botnet, capable of being used to conduct further campaigns, including DDoS attacks.  “The vulnerabilities have…

Read More
17 Feb

Newly Disclosed Vulnerability Exposes EOL Arris Routers to Attacks

Information, News

Malwarebytes warns of a remote code execution vulnerability impacting several Arris routers, for which proof-of-concept (PoC) exploit code has been released. Tracked as CVE-2022-45701, the bug exists because the router firmware does not properly neutralize special characters in requests, which allowed security researcher Yerodin Richards to perform shell script command injection. The impacted models have reached end-of-life (EOL) and are no longer supported by CommScope (the company that acquired Arris), meaning that they are unlikely…

Read More
17 Feb

‘Frebniis’ Malware Hijacks Microsoft IIS Function to Deploy Backdoor

Information, News

A recently identified malware family is abusing Microsoft Internet Information Services (IIS) to deploy a backdoor and monitor all HTTP traffic to the infected system, Symantec reports. Dubbed Frebniis, the malware injects code into a DLL that an IIS feature called Failed Request Event Buffering (FREB) uses when troubleshooting failed requests. FREB collects data about the tracked requests, including HTTP headers with cookies, originating IP address and port, and more. As part of the observed…

Read More
17 Feb

IOTW: Russian hackers target NATO sites with DDoS attack

Attacks, Data Breaches

The North Atlantic Treaty Organization (NATO) has been the victim of a series of distributed denial of service (DDoS) attacks, causing temporary disruption to some of its sites. The DDoS attacks have been linked to the Russian hacktivist collective Killnet which had posted via an encrypted channel on social media platform Telegram that it was planning to launch attacks against NATO. The group also appeared to be asking for cryptocurrency donations to launch further attacks.…

Read More
16 Feb

ChatGPT, will you be my Valentine?

Information

Spoiler alert: it turned me down. But that’s far from the only thing I learned while playing around with the bot that the world has fallen in love with so badly. When it was unleashed into an astonished world on November 30th 2022, ChatGPT became the fastest-growing web app ever, reaching a million users in the first five days before going on to clock 100 million monthly active users in January of this year. In so doing,…

Read More