CyberSecurity Updates

14 Feb

Apple Deploys Patch Fixing Actively-Exploited WebKit Vulnerability

Attacks, Malware

Companies are highly encouraged to patch as soon as their change management procedures allow. It’s possible that threat actors using this exploit currently will ramp up deployment in an effort to compromise devices before they get patched. Additionally, analysts should look for suspicious processes and activity stemming from Safari, pending further information from Apple about the specifics of the exploit, as far back as their logging allows. https://www.bleepingcomputer.com/news/security/apple-fixes-new-webkit-zero-day-exploited-to-hack-iphones-macs/

Read More
14 Feb

Mortal Kombat Ransomware Targeting US Victims

Attacks, Malware

This group is clearly financially motivated, using the ransomware as one way to target victims and encrypt files for extortion, in addition to exploiting the chance to steal cryptocurrency. Talos analysts assess that this particular ransomware isn’t very sophisticated as it will target system files and applications too, which are commonly avoided to prevent the system from becoming unstable. A victim will know they are infected because their wallpaper will change to a Mortal Kombat…

Read More
14 Feb

Stealthy ‘Beep’ Malware Discovered

Attacks, Malware

Although Beep’s functionality is currently limited, it’s clear that the developers have high ambitions for a variety of functionality. While the evasion tactics used in Beep are plentiful, they generally center around avoiding anti-virus, and being difficult to reverse engineer. Behavioral analysis can still provide great value in detecting threats such as this. It’s important to have a defense-in-depth program which includes proactive threat hunting of post compromise activities in order to combat emerging threats…

Read More
14 Feb

EnterpriseDB adds Transparent Data Encryption to PostgreSQL

Data Breaches, Malware, Social Engineering

Relational database provider EnterpriseDB on Tuesday said that it was adding Transparent Data Encryption (TDE) to its databases, which are based on open-source PostgreSQL.   TDE, which is used by Oracle and Microsoft, is a method of encrypting database files in order to ensure security of data while at rest and in motion. It helps ensure that  data on the hard drive as well as files on backup are encrypted, the company said in a…

Read More
14 Feb

We are less than a year away from a cyber attack credited to ChatGPT

Attacks, Data Breaches

Jonathan Jackson, director of sales engineering APJ at BlackBerry Cybersecurity, writes about why cyber attacks linked to artificial intelligence are inevitable. ChatGPT has answers for almost everything, but there is one answer we may not know for a while: will its unintended consequences for cyber security turn this tool into a genie that its creators regret taking out of the bottle? BlackBerry surveyed 1,500 IT decision makers across North America, the UK and Australia and…

Read More
14 Feb

Open Systems launches Ontinue MDR division, new MXDR service Ontinue ION

Data Breaches, Malware, Social Engineering

Managed security services provider Open Systems has announced the launch of Ontinue, a new managed detection and response (MDR) division. It has also unveiled a new managed extended detection and response (MXDR) service, Ontinue ION, along with a new add-on service called Managed Vulnerability Mitigation (MVM). Ontinue ION offers advanced capabilities that enable faster detection and response, a deeper understanding of a customer’s environment and the ability to maximize Microsoft security investments for greater efficiency,…

Read More
14 Feb

Expel announces MDR for Kubernetes with MITRE ATT&CK framework alignment

Data Breaches, Malware, Social Engineering

Security operations provider Expel has announced the general availability of Expel managed detection and response (MDR) for Kubernetes. The firm said the product enables customers to secure their business across their Kubernetes environment and adopt new technologies at scale without being hindered by security concerns. It has also been designed to align with the MITRE ATT&CK framework to help teams remediate threats and improve resilience, Expel added. Kubernetes is an open-source orchestration system that relies…

Read More
14 Feb

Measuring cybersecurity: The what, why, and how

Data Breaches, Malware, Social Engineering

A core pillar of a mature cyber risk program is the ability to measure, analyze, and report cybersecurity threats and performance. That said, measuring cybersecurity is not easy. On one hand business leaders struggle to understand information risk (because they usually are from a non-cyber background), while on the other, security practitioners get caught up in too much technical detail which ends up confusing, misinforming, or misleading stakeholders. In an ideal scenario, security practitioners must…

Read More
13 Feb

Serious Security: GnuTLS follows OpenSSL, fixes timing attack bug

Information

by Paul Ducklin Last week, we wrote about a bunch of memory management bugs that were fixed in the latest security update of the popular OpenSSL encryption library. Along with those memory bugs, we also reported on a bug dubbed CVE-2022-4304: Timing Oracle in RSA Decryption. In this bug, firing the same encrypted message over and over again at a server, but modifying the padding at the end of the data to make the data…

Read More
13 Feb

PLC vulnerabilities can enable deep lateral movement inside OT networks

Data Breaches, Malware, Social Engineering

Threat groups who target operational technology (OT) networks have so far focused their efforts on defeating segmentation layers to reach field controllers such as programmable logic controllers (PLCs) and alter the programs (ladder logic) running on them. However, researchers warn that these controllers should themselves be treated as perimeter devices and flaws in their firmware could enable deep lateral movement through the point-to-point and other non-routable connections they maintain to other low-level devices. To exemplify…

Read More