CyberSecurity Updates

03 Feb

Is that survey real or fake? How to spot a survey scam

Information

“Can I tell a legitimate survey apart from a fake one?” is the single most important question you need to answer for yourself before taking any surveys online Online surveys and quizzes are all over the internet. They’re quick and cheap to set up, easy for recipients to fill out, and simple for researchers to interpret. It’s no wonder that they remain a popular tool for marketers to reach and research their target audiences. Many…

Read More
03 Feb

OpenSSH fixes double-free memory bug that’s pokable over the network

Information

by Paul Ducklin The open source operating system distribution OpenBSD is well-known amongst sysadmins, especially those who manage servers, for its focus on security over speed, features and fancy front-ends. Fittingly, perhaps, its logo is a puffer fish – inflated, with its spikes ready to repel any wily hackers who might come along. But the OpenBSD team is probably best known not for its entire distro, but for the remote access toolkit OpenSSH that was…

Read More
03 Feb

Big China Spy Balloon Moving East Over US, Pentagon Says

Information, News

The Pentagon said at midday Friday that a Chinese spy balloon had moved eastward and was over the central United States, and that the U.S. rejected China’s claims that it was not being used for surveillance. Brig. Gen. Pat Ryder, Pentagon press secretary, refused to provide details on exactly where the balloon was or whether there was any new consideration of shooting it down. The military had ruled that option out, officials had said, due…

Read More
03 Feb

Microsoft Visual Studio Tools for Office Weaponized to Push Malware

Attacks, Malware

With macro execution now disabled by default in Office apps, this is just one of the many new phishing techniques that will likely rise to take its place. As with any phishing technique, the best way to prevent it is to make end users aware of this new threat through user education. However, there are some other possible detections to alert to this activity. One possible detection is to monitor for VSTO file creations near…

Read More
03 Feb

Google Ads Push Virtualized Malware Made for Antivirus Evasion

Attacks, Malware

These attacks show that the threat actors are interested in empowering old malware with new tactics, bringing it to new life. Google advertising attacks have become common, and users need to be cautious of the links that they are clicking, not only in email but in the browser as well. Source: https://www.bleepingcomputer.com/news/security/google-ads-push-virtualized-malware-made-for-antivirus-evasion/

Read More
03 Feb

Threat Actors Use ClickFunnels to Bypass Security Services

Attacks, Malware

Analysts Notes: All users are recommended to be extremely suspicious of any link contained in the email. It is recommended to manually check URLs for legitimacy prior to clicking on them and to contact the sender of the email directly to verify they meant to use a specific site to send documents. Source: https://www.infosecurity-magazine.com/news/threat-actors-clickfunnels-bypass

Read More
03 Feb

Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty

Information, News

Former Ubiquiti employee Nickolas Sharp has admitted in court to abusing company-provided credentials to steal data and then attempting to extort the company, the Department of Justice announced. Sharp, 37, of Portland, Oregon, worked at the New York City-based IoT device maker between August 2018 and April 2021, as a senior developer who had access credentials for Ubiquiti’s AWS and GitHub servers. In December 2020, he abused his administrative credentials to download confidential data using…

Read More
02 Feb

Remote code execution exploit chain available for VMware vRealize Log Insight

Data Breaches, Malware, Social Engineering

VMware published patches last week for four vulnerabilities in its vRealize Log Insight product that, if combined, could allow attackers to take over the log collection and analytics platform. This week, a proof-of-concept exploit chain has been released by security researchers, along with detailed explanations for each vulnerability, meaning in-the-wild attacks could soon follow. “Gaining access to the Log Insight host provides some interesting possibilities to an attacker, depending on the type of applications that…

Read More
02 Feb

New HeadCrab Malware Infects 1,200 Redis Servers to Mine Monero

Attacks, Malware

Since Redis was designed to be accessed from within trusted environments by trusted clients, it is generally not recommended to expose any servers to the Internet. Since Redis does not use authentication by default, exposing a server to the Internet would allow anyone to freely access it and use it for any purpose they desire. Since version 3.2.0, Redis will, by default, enter a protected mode if it is configured as bound to all interfaces…

Read More
02 Feb

New Nevada Ransomware Targets Windows and VMware ESXi Systems

Attacks, Malware

To protect against ransomware attacks, organizations should: • Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion• Implement network segmentation.• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location• Install updates/patch operating systems, software, and firmware as soon as possible• Implement monitoring of security events…

Read More