CyberSecurity Updates

20 Jan

Drupal Releases Security Advisories to Address Multiple Vulnerabilities

Attacks, Insights, Malware

Original release date: January 20, 2023 Drupal has released security advisories to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to access sensitive information. CISA encourages users and administrators to review Drupal’s security advisories SA-CORE-2023-001, SA-CONTRIB-2023-002, SA-CONTRIB-2023-003, and SA-CONTRIB-2023-004 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More
20 Jan

Wallarm touts API leak protection with new scanning feature

Data Breaches, Malware, Social Engineering

API security company Wallarm announced Frdiay that it had opened a preview period for its newest offering — an active scanning system that checks through public sources of compromised API data, alerts users, and provides automated responses if a compromise is detected. The API Leak Protection feature, which will be deployed via Wallarm’s existing End-to-End API Security platform, takes advantage of that platform’s inventory of a given organization’s APIs. The system checks those APIs against…

Read More
20 Jan

Cisco Releases Security Advisory for Unified CM and Unified CM SME

Attacks, Insights, Malware

Original release date: January 20, 2023 Cisco released a security advisory for a vulnerability affecting Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the advisories and apply the necessary updates. This product is provided subject to…

Read More
20 Jan

New ‘Hook’ Android Malware Lets Hackers Remotely Control Devices

Attacks, Malware

Android apps are constantly being used by threat actors because of the availability of third-party app stores and the lack of strict app guidelines for apps published within those stores. Android users should only download apps through the official Google Play Store and only from trusted developers. https://www.bleepingcomputer.com/news/security/new-hook-android-malware-lets-hackers-remotely-control-your-phone/

Read More
20 Jan

T-Mobile Reports Another Data breach

Attacks, Malware

Even though the data stolen in the breach did not include sensitive information, the stolen data could still be used to carry out attacks if used in conjunction with other publicly available data. The company has stated that the malicious activity has been contained at this point for this attack. Whenever a customer is notified by a company of a data breach, they should ensure they are taking the proper steps to protect themselves including…

Read More
20 Jan

New Boldmove Malware Used to Backdoor Fortinet Devices

Attacks, Malware

BOLDMOVE demonstrates the value of two key things – patching and a defense in depth strategy. As this malware spreads primarily through FortiOS devices, which contain minimal logging capabilities, it can go undetected for large periods of time. Patching, however, would mitigate the threat as the systems would not be vulnerable in the first place. With up to date patching, this malware cannot spread unchecked throughout the environment, making it the best defense against this…

Read More
20 Jan

In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences

Information, News

Cloud risk management and threat detection firm Rapid7 warns that it has seen organizations being compromised in attacks exploiting a recently patched Zoho ManageEngine vulnerability. Tracked as CVE-2022-47966, the security defect exists in a third-party dependency (Apache xmlsec, also known as XML Security for Java, version 1.4.1), allowing attackers to execute arbitrary code remotely without authentication. Deemed ‘critical severity’, the issue was brought to light in November 2022, when Zoho announced that patches were released…

Read More
20 Jan

Sophisticated ‘VastFlux’ Ad Fraud Scheme That Spoofed 1,700 Apps Disrupted

Information, News

A sophisticated ad fraud scheme that spoofed over 1,700 applications and 120 publishers peaked at 12 billion ad requests per day before being taken down, bot attack prevention firm Human says. Dubbed VastFlux, the scheme relied on JavaScript code injected into digital ad creatives, which resulted in fake ads being stacked behind one another to generate revenue for the fraudsters. More than 11 million devices were impacted in the scheme. The JavaScript code used by…

Read More
20 Jan

Are smart devices cyber secure?

Attacks, Data Breaches

Cyber Security Hub takes a deep dive into smart devices and whether they can hold up against cyber attacks targeting them. In December 2022, Cyber Security Hub asked a range of experts to predict what threats would dominate the cyber security threat landscape in 2023. Tina Grant, quality assessor at UK-based aerospace company Aeorspheres, predicted that cyber attacks targeting smart devices would rise. As artificial intelligence (AI) and machine learning (ML) have developed, the technologies…

Read More
20 Jan

T-Mobile suffers 8th data breach in less than 5 years

Data Breaches, Malware, Social Engineering

Telecom player T-Mobile US has suffered a cybersecurity incident that resulted in the exposure of the personal details of 37 million users, the company reported in a filing to the US Securities and Exchange Commission on Thursday.  Customer data such as customer name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features were exposed, the company revealed.  However, T-Mobile in a…

Read More