CyberSecurity Updates

26 Jan

Recent legal developments bode well for security researchers, but challenges remain

Data Breaches, Malware, Social Engineering

Despite the hoodie-wearing bad guy image, most hackers are bona fide security researchers protecting users by probing and testing the security configurations of digital networks and assets. Yet the law has often failed to distinguish between malicious hackers and good-faith security researchers. This failure to distinguish between the two hacker camps has, however, improved over the past two years, according to Harley Geiger, an attorney with Venable LLP, who serves as counsel in the Privacy…

Read More
26 Jan

9 API security tools on the frontlines of cybersecurity

Data Breaches, Malware, Social Engineering

Application programming interfaces (APIs) have become a critical part of networking, programs, applications, devices, and nearly everything else in the computing landscape. This is especially true for cloud and mobile computing, neither of which could probably exist in its current form without APIs holding everything together or managing much of backend functionality. Because of their reliability and simplicity, APIs have become ubiquitous across the computing landscape. Most organizations probably don’t even know how many APIs…

Read More
25 Jan

Experian Glitch Exposing Credit Files Lasted 47 Days

Data Breaches, Information, Insights

On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. Experian fixed the glitch, but remained silent about the incident for a month. This week, however, Experian acknowledged that the security failure persisted for nearly seven weeks, between…

Read More
25 Jan

Attackers move away from Office macros to LNK files for malware delivery

Data Breaches, Malware, Social Engineering

For years attackers have used Office documents with malicious macros as one of the primary methods of infecting computers with malware. Microsoft finally took steps to disable such scripts by default in documents downloaded from the internet, forcing many groups to change tactics and increasingly choose LNK (shortcut) files as a delivery mechanism. This trend has led to the creation of paid tools and services dedicated to building malicious LNK files. Some of these builders…

Read More
25 Jan

LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised

Attacks, Malware

The company did not disclose how many users were impacted, but said it’s directly contacting the victims to provide additional information and recommend certain “actionable steps” to secure their accounts. GoTo has also taken the step of resetting the passwords of affected users and requiring them to reauthorize MFA settings. It further said it’s migrating their accounts to an enhanced identity management platform that claims to offer more robust security. Individuals who have been compromised…

Read More
25 Jan

New Stealthy Python RAT Malware Targets Windows in Attacks

Attacks, Malware

As with many campaigns, this malware is spread through phishing techniques. This demonstrates the benefit of employing an email monitoring solution in an enterprise environment. Additionally, it demonstrates the need for constant – and recurring – user education on common phishing tactics and how to detect and protect against them. Apart from these general statements that can apply to most new campaigns, this RAT also demonstrates a few different techniques that are possible to monitor.…

Read More
25 Jan

Vulnerable LearnPress Plugin for WordPress Impacts 75k Sites

Attacks, Malware

LearnPass site administrators should update the plugin to version 4.2 or above as soon as possible. It is critical for maintainers of WordPress websites to continuously update both WordPress core and all installed plugins. Binary Defense highly recommends WordPress users enable auto-updates wherever possible. https://www.bleepingcomputer.com/news/security/75k-wordpress-sites-impacted-by-critical-online-course-plugin-flaws/

Read More
25 Jan

Emotet Evolving with New Attack and Evasion Techniques

Attacks, Malware

Keeping Endpoint Detection and Response (EDR) systems up-to-date and properly tuned can help companies identify process injection attacks. To help prevent the macro bypass, companies should limit write access to the default Templates directories for Microsoft Office. The SMB spreader can be detected by collecting a baseline of standard SMB netflow traffic and alerting against deviations from that, though this requires a well-staffed security team. https://thehackernews.com/2023/01/emotet-malware-makes-comeback-with-new.html

Read More
25 Jan

CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software

Attacks, Insights, Malware

Original release date: January 25, 2023 Today, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) Protecting Against Malicious Use of Remote Monitoring and Management Software. The advisory describes a phishing scam in which cyber threat actors maliciously use legitimate remote monitoring and management (RMM) software to steal money from victim bank accounts. CISA encourages network defenders to…

Read More
25 Jan

Top tips for employee cyber security training

Attacks, Data Breaches

In this article, Cyber Security Hub explores the best ways to educate employees on email-based cyber attacks and how to ensure they follow cyber security safety practices.  When surveyed by Cyber Security Hub for its Mid-Year Market report 2022, three in four cyber security experts said email-based threat vectors social engineering and phishing attacks were ‘the most dangerous threat’ to cyber security.  One of the reasons why these threats are so dangerous is because of…

Read More