CyberSecurity Updates

01 Dec

#StopRansomware: Cuba Ransomware 

Attacks, Insights, Malware

Original release date: December 1, 2022 Today, the Federal Bureau of Investigation (FBI) and CISA released a joint Cybersecurity Advisory (CSA) #StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware. FBI investigations identified these TTPs and IOCs as recently as August 2022. This CSA updates the December 2021 FBI Flash: Indicators of Compromise Associated with Cuba Ransomware. Key updates include: FBI has identified a…

Read More
01 Dec

Researchers found security pitfalls in IBM’s cloud infrastructure

Data Breaches, Malware, Social Engineering

Security researchers recently probed IBM Cloud’s database-as-a-service infrastructure and found several security issues that granted them access to the internal server used to build database images for customer deployments. The demonstrated attack highlights some common security oversights that can lead to supply chain compromises in cloud infrastructure. Developed by researchers from security firm Wiz, the attack combined a privilege escalation vulnerability in the IBM Cloud Databases for PostgreSQL service with plaintext credentials scattered around the…

Read More
01 Dec

Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions

Data Breaches, Malware, Social Engineering

The way build artifacts are stored by the GitHub Actions platform could enable attackers to inject malicious code into software projects with CI/CD (continuous integration and continuous delivery) workflows that don’t perform sufficient filtering when downloading artifacts. Cybersecurity researchers have identified several popular artifacts download scripts used by thousands of repositories that are vulnerable to this issue. “We have discovered that when transferring artifacts between different workflows, there is a major risk for artifact poisoning…

Read More
01 Dec

IOTW: Passwords secure in latest LastPass data breach

Attacks, Data Breaches

Password manager LastPass has continued to maintain the security of its customers’ passwords despite suffering its second data breach of 2022. The breach was discovered on November 30 after LastPass detected “unusual activity” within a third-party cloud storage solution that it uses. Following its the detection, LastPass launched an investigation into the cyber security incident and alerted the authorities. It was determined by the password management company that the malicious actor gained access to the…

Read More
01 Dec

8 things to consider amid cybersecurity vendor layoffs

Data Breaches, Malware, Social Engineering

2022 has been a heavy year for layoffs in the technology sector. Whether due to budget restraints, mergers and acquisitions, streamlining, or economic reasons, TrueUp’s tech layoff tracker has recorded over 1000 rounds of layoffs at tech companies globally so far, affecting more than 182,000 people. Some of the biggest tech companies in the world have announced significant staff cuts, including Amazon, Twitter, Meta, and Salesforce. Although perhaps less severely affected, cybersecurity vendors haven’t been…

Read More
01 Dec

Serious Security: MD5 considered harmful – to the tune of $600,000

Information

by Paul Ducklin In a fascinating legal deliberation handed down by the French data protection regulator CNIL (Commission Nationale de l’Informatique et des Libertés), the energy company Électricité de France, or EDF for short, has been fined EUR 600,000 (about $600,000). The legal declaration is, in the manner of such things, rather long and (to non-lawyers, at least) linguistically orotund, which means you need reasonable proficiency in French to understand all the ins and outs…

Read More
30 Nov

Hackers Dump Australian Health Data Online, Declare ‘Case Closed’

Information, News

The hackers leaking stolen Australian health records to the dark web on Thursday appeared to end their extortion attempt by dumping a final batch of data online and declaring:”Case closed.” In November the hackers demanded health insurer Medibank pay US$9.7 million to keep the records off the internet — or one dollar for each of the company’s impacted customers, which included Prime Minister Anthony Albanese. Medibank refused to pay at the urging of the federal…

Read More
30 Nov

Fortanix unveils AWS integration for centralized key management

Data Breaches, Malware, Social Engineering

Cloud security vendor Fortanix has updated its Data Security Manager to incorporate support for AWS’ external encryption key store system, adding another major public cloud vendor to the list of those supported for the company’s key management system. With this week’s update, Fortanix, which already supports this type of cloud key management system in Azure and Google Cloud, is trying to solve one of the major security and regulatory problems posed by multicloud environments. Every…

Read More
30 Nov

Android and iOS Loan Apps With 15 million Installs Extorted Borrowers

Attacks, Malware

Apple and Google allow micro-loan apps on their app stores but have stringent policies regulating their operation. The guidelines dictate that the minimum repayment period should be 60 days, and the maximum annual percentage rate of charge should be 36%. The above apps claimed terms that complied with these guidelines, but in practice, they followed a very different, much more aggressive approach, so the app stores removed them for term violations. Unfortunately, there needs to…

Read More
30 Nov

Nvidia Releases Driver Update to Address Security Flaws

Attacks, Malware

Nvidia has not released any detail rich information of the specifics of these security flaws in order to allow users time to update their drivers before proof-of-concept exploitation tools are developed.Nvidia users can reference Nvidia’s security bulletin to identify their GPU or other product and the appropriate driver version to patch these vulnerabilities here: https://nvidia.custhelp.com/app/answers/detail/a_id/5415Users can then download the appropriate driver for their device from Nvidia’s download center here: https://www.nvidia.com/download/index.aspxUsers of Nvidia’s GeForce Experience software…

Read More