CyberSecurity Updates

06 Dec

The changing role of the MITRE ATT@CK framework

Data Breaches, Malware, Social Engineering

Since its creation in 2013, the MITRE ATT&CK framework has been of interest to security operations professionals. In the early years, the security operations center (SOC) team used MITRE as a reference architecture, comparing alerts and threat intelligence nuggets with the taxonomy’s breakdown of adversary tactics and techniques. Based on ESG research, MITRE ATT&CK usage has reached an inflection point. Security teams not only recognize its value as a security operations foundation but also want…

Read More
06 Dec

The cybersecurity challenges and opportunities of digital twins

Data Breaches, Malware, Social Engineering

Digital twins are a digital representation of objects, structures or systems that give organizations greater insight into the life cycle of these objects, but this same level of insight and control can also open doors for malicious attackers. Digital twins can be created for any physical infrastructure that includes individual components of an engine, turbine and other equipment, or entire factories, and data centers. “What makes a digital twin different from just your normal model…

Read More
05 Dec

Palo Alto Networks looks to shore up healthcare IoT security

Data Breaches, Malware, Social Engineering

Palo Alto Networks today rolled out a new Medical IoT Security offering, designed to provide improved visibility, automated monitoring, and more for hitherto vulnerable healthcare IoT frameworks, thanks to machine learning and adherence to zero-trust principles. Medical device security is a serious problem for most organizations in healthcare, with a long string of reported vulnerabilities in the area stretching back for years. Fundamentally, experts agree, a large part of the problem is that many connected…

Read More
05 Dec

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Information, Insights

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet’s largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for interfering in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and…

Read More
05 Dec

New CryWiper Data Wiper Targets Russian Courts

Attacks, Malware

According to researchers, ransom payment does not guarantee file recovery. CryWiper is the second retaliatory malware strain that targeted Russian companies after RURansom, a.NET-based wiper discovered in March. Numerous wipers have been launched in the current conflict between Russia and Ukraine, including WhisperGate, AcidRain, HermeticWiper, IsaacWiper, DoubleZero, Industroyer2, and CaddyWiper. “Wipers can be effective regardless of the technical skills of the attacker, as even the simplest wiper can wreak havoc on affected systems,” stated Max…

Read More
05 Dec

SiriusXM Vulnerability Allows Hackers to Unlock and Start Cars Remotely

Attacks, Malware

Curry also discussed another flaw that affects Hyundai and Genesis vehicles manufactured after 2012. The vulnerability could be used to remotely control locks, engines, headlights, and trunks by using the registered email addresses. “By adding a CRLF character at the end of an already existing victim email address during registration, we could create an account that bypassed the JWT and email parameter comparison check,” stated Curry. However, since then, SiriusXM and Hyundai have released patches…

Read More
05 Dec

Antivirus Provider Dr. Web Discovers Numerous Malicious Apps on Google Play Store

Attacks, Malware

Prior to downloading any apps from the Play store, users should read reviews to help verify their legitimacy. It is important to make sure Play Protect is active and being used as well. If users identify any of the apps mentioned above on their devices, they should be deleted immediately. https://www.bleepingcomputer.com/news/security/android-malware-apps-with-2-million-installs-spotted-on-google-play/?&web_view=true

Read More
05 Dec

Apple Faces Critics Over Its Privacy Policies

Information, News

Apple presents itself as a white knight on the subject of privacy, but critics say its own advertising ambitions are built on anti-competitive practices.  Two developers going by the name ‘Mysk’ claimed last month that Apple was tracking users’ every tap on the App Store, with no way of disabling the function.  A class action lawsuit was subsequently filed in California, claiming that Apple’s “promises regarding privacy are utterly false”.  The company has not commented…

Read More
05 Dec

CISA Adds One Known Exploited Vulnerability to Catalog

Attacks, Insights, Malware

Original release date: December 5, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates. Binding Operational Directive (BOD)…

Read More
05 Dec

FCC’s proposal to strengthen emergency alert security might not go far enough

Data Breaches, Malware, Social Engineering

In October, the US Federal Communications Commission (FCC) launched a notice of proposed rulemaking (NPRM) to strengthen the security of the nation’s emergency alert system (EAS) and wireless emergency alerts (WEA). These systems warn the public about emergencies through alerts on their televisions, radios, and wireless phones via AM, FM, satellite radio, broadcast, cable, and satellite TV. Although EAS Participants are required to broadcast presidential alerts, they voluntarily participate in broadcasting state and local EAS…

Read More