CyberSecurity Updates

17 Jan

European data protection authorities issue record €2.92 billion in GDPR fines

Data Breaches, Malware, Social Engineering

European data regulators issued a record €2.92 billion in fines last year, a 168% increase from 2021. That’s according to the latest GDPR and Data Breach survey from international law firm DLA Piper, which covers all 27 Member States of the European Union, plus the UK, Norway, Iceland, and Liechtenstein. This year’s biggest fine of €405 million was imposed by the Irish Data Protection Commissioner (DPC) against Meta Platforms Ireland Limited relating to Instagram for…

Read More
17 Jan

US Maritime Administrator to study port crane cybersecurity concerns

Data Breaches, Malware, Social Engineering

The 2023 National Defense Authorization Act (NDAA) passed by Congress and signed by President Biden in late December 2022 was filled with a host of military-related cybersecurity provisions. One little-noticed provision in the bill called for a study of cybersecurity and national security threats posed by foreign-manufactured cranes at United States ports. Under this provision, the Maritime Administrator, working with Homeland Security, the Pentagon, and the Cybersecurity and Infrastructure Security Agency (CISA), is required to…

Read More
17 Jan

Multi-million investment scammers busted in four-country Europol raid

Information

by Paul Ducklin Another day, another series of cryptocurrency scams… …these, fortunately, brought to a halt, though sadly not before they’d defrauded “investors” around the globe to the tune of millions of dollars. According to Europol, 216 people were questioned in Bulgaria, Cyprus, Germany and Serbia; 15 have already been arrested; 22 searches were conducted, including at four separate call centres; and about $1,000,000 in cryptocurrency was seized. Law enforcement also confiscated €50,000 in cash;…

Read More
16 Jan

Researchers: Brace for Zoho ManageEngine ‘Spray and Pray’ Attacks

Information, Malware, News

Security researchers tracking a known pre-authentication remote code execution vulnerability in Zoho’s ManageEngine products are warning organizations to brace for “spray and pray” attacks across the internet. The vulnerability, patched by Zoho last November, affects multiple Zoho ManageEngine products and can be reached over the internet to launch code execution exploits if SAML single-sign-on is enabled or has ever been enabled. According to researchers at automated penetration testing firm Horizon3.ai, the CVE-2022-47966 flaw is easy…

Read More
16 Jan

How AI chatbot ChatGPT changes the phishing game

Data Breaches, Malware, Social Engineering

ChatGPT, OpenAI’s free chatbot based on GPT-3.5, was released on 30 November 2022 and racked up a million users in five days. It is capable of writing emails, essays, code and phishing emails, if the user knows how to ask. By comparison, it took Twitter two years to reach a million users. Facebook took ten months, Dropbox seven months, Spotify five months, Instagram six weeks. Pokemon Go took ten hours, so don’t break out the…

Read More
15 Jan

APT group trojanizes Telegram app – Week in security with Tony Anscombe

Information

StrongPity’s backdoor is fitted with various spying features and can record phone calls, collect texts, and gather call logs and contact lists This week, the ESET research team published their findings about an espionage campaign by the StrongPity APT group that spreads a fully functional, but trojanized version of the legitimate Telegram app for Android. The malicious app – which has various spying features, including recording phone calls and collecting SMS messages – is distributed…

Read More
13 Jan

Introducing IPyIDA: A Python plugin for your reverse‑engineering toolkit

Information

ESET Research announces IPyIDA 2.0, a Python plugin integrating IPython and Jupyter Notebook into IDA IDA Pro from Hex-Rays is probably the most popular tool today for reverse-engineering software. For ESET researchers, this tool is a favorite disassembler and has inspired the development of the IPyIDA plugin that embeds an IPython kernel into IDA Pro. Under continuous development since 2014, we’re pleased to announce the release of version 2.0. IPyIDA serves a similar purpose as another…

Read More
13 Jan

Attackers deploy sophisticated Linux implant on Fortinet network security devices

Data Breaches, Malware, Social Engineering

In December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild. This week, after additional analysis, the company released more details about a sophisticated malware implant that those attackers deployed through the flaw. Based on currently available information, the original zero-day attack was highly targeted to government-related entities. However, since the vulnerability has been known for over a month, all customers should…

Read More
13 Jan

Gen Digital Warns of Norton Password Manager Account Breach

Attacks, Malware

Credential stuffing attacks are a rather old method of breaching an account, but they are still relatively successful. These attacks rely on human error in the form of reusing passwords. From an organizational standpoint, this could lead to account compromise if an employee reuses one of their passwords from an external site that was breached for their work account. To detect credential stuffing attacks, organizations can monitor logon events for a spike in failed authentications…

Read More
13 Jan

San Francisco Transit Police Breached

Attacks, Malware

Public sector entities tend to be at a higher risk for breach due to the lack of budget and ability to hire cyber security professionals. Because of this, many fall victim to cyber-attacks that affect systems with no way to easily mitigate. Customers who believe they may have been a victim of this breach should ensure they are taking the necessary precautions to protect themselves, such as looking out for phishing emails and monitoring credit…

Read More