CyberSecurity Updates

18 Jan

Hybrid commerce: Blurring the lines between business and pleasure

Information

It is now acceptable to find a job on a dating app! As we observed last week, many enterprises and small and medium businesses (SMBs) take advantage of solutions such as Slack, Zoom or Microsoft Teams for collaborative work. At the same time, these platforms are still trying to figure out better ways to create meaningful interactions between staff members. Put differently, while organizations prioritize workflow, there’s also a growing need to reinforce social connections…

Read More
18 Jan

Serious Security: Unravelling the LifeLock “hacked passwords” story

Information

by Paul Ducklin Earlier this month, the NortonLifeLock online identity protection service, owned by Arizona-based technology company Gen Digital, sent a security warning to many of its customers. The warning letter can be viewed online, for example on the website of the Office of the Vermont Attorney General, where it appears under the title NortonLifeLock – Gen Digital Data Breach Notice to Consumers. The letter starts with a dread-sounding salutation that says: We are writing…

Read More
17 Jan

Thinking of Hiring or Running a Booter Service? Think Again.

Information, Insights

Most people who operate DDoS-for-hire businesses attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. But until recently, their biggest concern wasn’t avoiding capture or shutdown by the feds: It was minimizing harassment from unhappy customers or victims, and insulating themselves against incessant attacks from competing DDoS-for-hire services.…

Read More
17 Jan

Remote.it takes steps toward zero trust with ‘single line of code’ provisioning

Data Breaches, Malware, Social Engineering

Network management company Remote.it today announced new features for its core SaaS-based service, including support for the Okta user identification platform and Docker containers, and what it’s describing as “programmatic deployment” of zero trust networks. Essentially, the company said, the idea is to provide automated provisioning and deployment of network access to managed assetts — using a small, 80KB daemon designed to run on almost any hardware to hook into the TCP/IP stack and create…

Read More
17 Jan

How attackers might use GitHub Codespaces to hide malware delivery

Data Breaches, Malware, Social Engineering

Attackers could start abusing GitHub Codespaces, a new service that allows developers to create and test applications inside development containers running on GitHub’s servers. Developers can make their applications accessible via public GitHub URLs for preview by others, a functionality that can be abused to distribute malware payloads in a stealthy way. “If the application port is shared privately, browser cookies are used and required for authentication,” researchers from security firm Trend Micro said in…

Read More
17 Jan

CISA Updates Best Practices for Mapping to MITRE ATT&CK®

Attacks, Insights, Malware

Original release date: January 17, 2023 Today, CISA updated Best Practices for MITRE ATT&CK® Mapping. The MITRE ATT&CK® framework is a lens through which network defenders can analyze adversary behavior and, as CISA Executive Assistant Director Eric Goldstein noted in his June 2021 blog post on the framework, it directly supports “robust, contextual bi-directional sharing of information to help strengthen the security of our systems, networks, and data.” CISA highly encourages the cybersecurity community to…

Read More
17 Jan

MSI Accidentally Breaks Secure Boot for Hundreds of Motherboards

Attacks, Malware

Organizations using an MSI motherboard in that list should check within BIOS settings that the “Image Execution Policy” is set to a safe option. Users should set the Execution Policy to “Deny Execute” for “Removable Media” and “Fixed Media,” which should only allow signed software to boot. It is highly recommended to upgraded motherboard firmware for any device that has not done so since January 2022. The introduction of a bad default shouldn’t be a…

Read More
17 Jan

Attacks on Two Specialty Healthcare Providers Affect Nearly 600,000 People

Attacks, Malware

The data that can be stolen from these types of attacks is very lucrative to threat actors because it involves the billing, identity, and health information of vulnerable patients. Specialized entities such Wilkes-Barre and Home Care Providers of Texas typically have less resources devoted to mature cybersecurity processes and a smaller budget to deal with attacks. Anyone that is a patient of these facilities should look for any communication from the company that outlines whether…

Read More
17 Jan

PyPI Users Targeted With ‘Wacatac’ Trojan in New Supply Chain Attack

Information, Malware, News

Fortinet warns of three new malicious PyPI packages containing code designed to fetch the Wacatac trojan and information stealer as a next stage payload. The three Python packages, ‘colorslib’, ‘httpslib’ and ‘libhttps’ were uploaded to PyPI (Python Package Index) on January 7 and January 12. All three packages were published by the same author from a user account named ‘Lolip0p’, which joined the repository shortly before the packages were published. The Python packages feature legitimate-looking…

Read More
17 Jan

DigiCert releases Trust Lifecycle Manager to unify certificate management, PKI services

Data Breaches, Malware, Social Engineering

Digital security certificate company DigiCert has announced the launch of DigiCert Trust Lifecycle Manager – a new solution designed to unify certificate authority-agnostic certificate management and public key infrastructure (PKI) services. Available now as part of the DigiCert ONE platform, Trust Lifecycle Manager aims to set a new standard for managing trust within an organization’s digital footprint and reduce their attack surface to help prevent data breaches, the firm said. Solution built to address three…

Read More