CyberSecurity Updates

10 Dec

Diamond industry under attack – Week in security with Tony Anscombe

Information

ESET researchers uncover a new wiper and its execution tool, both attributed to the Iran-aligned Agrius APT group This week, ESET researchers published their findings about a new wiper, Agrius, and its execution tool, Sandals, both attributed to the Iran-aligned Agrius APT group. The researchers discovered the malicious tool while analyzing a supply-chain attack that abused an Israeli software developer. The attack probably targeted the company’s software updating mechanisms in order to deploy the wiper…

Read More
10 Dec

S3 Ep112: Data breaches can haunt you more than once! [Audio + Text]

Information, Malware

by Paul Ducklin DATA BREACHES – THE STING IN THE TAIL Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ…

Read More
09 Dec

Hacked Corporate Email Accounts Used to Send MSP Remote Access Tool

Attacks, Malware

MuddyWater has been seen using sophisticated techniques to compromise organizations in the past. However, in this campaign, they are using a freely available tool and relatively unsophisticated tactics. This campaign demonstrates the rise of phishing and the use of legitimate remote access tools to compromise organizations, which is relying primarily on the human behind the screen being vulnerable. To protect against attacks such as this, organizations should actively employ an email monitoring solution as well…

Read More
09 Dec

Cisco Discloses High-Severity IP Phone Bug with Exploit Code

Attacks, Malware

While a security update to address CVE-2022-20968 is not yet available, Cisco provides mitigation advice for administrators who want to secure vulnerable devices in their environment from potential attacks. This requires disabling the Cisco Discovery Protocol on affected IP Phone 7800 and 8800 Series devices that also support Link Layer Discovery Protocol (LLDP) for neighbor discovery. “Devices will then use LLDP for the discovery of configuration data such as voice VLAN, power negotiation, and so…

Read More
09 Dec

HR and Payroll Company Discloses Data Breach

Attacks, Malware

The company has offered identity protection services to anyone impacted in the breach. Sequoia declined to comment on the amount of victims it has offered identity protection services too. Anyone that has been notified that they may have been a victim of this breach should sign up for the free monitoring service being offered by Sequoia and go through credit reports to make sure nothing was created in between the time of breach and notification.…

Read More
09 Dec

Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

Attacks, Insights, Malware

Original release date: December 9, 2022 Cisco released a security advisory for a vulnerability affecting IP Phone 7800 and 8800 Series. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For more information, see the Cisco Security Advisories page. CISA encourages users and administrators to review Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol Stack Overflow Vulnerability and apply the necessary updates. This product is provided subject to this Notification and…

Read More
09 Dec

The biggest data breaches and leaks of 2022

Attacks, Data Breaches

More than 4,100 publicly disclosed data breaches occurred in 2022 equating to approximately 22 billion records being exposed. Cyber security publication Security Magazine reported that the figures for 2022 are expected to exceed this figure by as much as five percent. In this article, we reveal which data breaches and leaks and the phishing, malware and cyber attacks ranked among our top ten most-read cyber security news stories of 2022. Read on to hear about…

Read More
09 Dec

Interpres Security Emerges From Stealth Mode With $8.5 Million in Funding

Information, News

Defense management startup Interpres Security on Thursday announced that it has emerged from stealth mode with $8.5 million in a seed funding round led by Ten Eleven Ventures and a solution designed to help companies optimize security performance. The Charleston-based firm proposes a new approach to managing the defense surface, offering a continuous, customized analysis of detection and mitigation capabilities, to help organizations improve their security posture. The company provides tailored mitigation, data collection, and…

Read More
09 Dec

Uptycs launches agentless cloud workload scanning

Data Breaches, Malware, Social Engineering

CNAPP (cloud native application protection platform) and XDR (extended detection and response ) provider Uptycs announced Friday that it has added agentless scanning to its existing cloud workload protection platform, which it said will open up a range of new use cases and attract new potential customers. The company said that its agentless workload scanning system will be fully interoperable with its agent-based Uptycs sensors, providing security metadata in the same format and letting users…

Read More
09 Dec

Credit card skimming – the long and winding road of supply chain failure

Information, Malware

by Paul Ducklin Researchers at application security company Jscrambler have just published a cautionary tale about supply chain attacks… …that is also a powerful reminder of just how long attack chains can be. Sadly, that’s long merely in terms of time, not long in terms of technical complexity or the number of links in the chain itself. Eight years ago… The high-level version of the story published by the researchers is simply told, and it…

Read More