CyberSecurity Updates

25 Nov

Most Common Passwords of 2022

Attacks, Malware

Information Security professionals should make use of these lists of common weak passwords to proactively test the accounts of employees, contractors, and other users of the information systems that they are responsible for protecting. The most effective way to use these lists is to trigger a test each time a user changes their password – take the hash of the newly changed password and automatically check it against the list of common weak passwords. For…

Read More
25 Nov

IOTW: Twitter accused of covering up data breach that affects millions

Attacks, Data Breaches

A Los Angeles-based cyber security expert has warned of a data breach at social media site Twitter that has allegedly affected “millions” across the US and EU. Chad Loder, who is the founder of cyber security awareness company Habitu8, took to the social media site on November 23 to warn users of the alleged data breach that Loder claims occurred “no earlier than 2021” and “has not been reported before”. In a series of tweets,…

Read More
25 Nov

Cybercriminals are increasingly using info-stealing malware to target victims

Data Breaches, Malware, Social Engineering

Cybercriminals are increasingly shifting from automated scam-as-a-service to more advanced info stealer malware distributors as the competition for resources increases, and they look for new way to make profits, according to a report by Group-IB.  The cybersecurity company has identified 34 Russian-speaking groups distributing info-stealing malware under the stealer-as-a-service model. Info stealer malware collects users’ credentials stored in browsers, gaming accounts, email services, social media, bank card details, and crypto wallet information from infected computers,…

Read More
24 Nov

Bahamut cybermercenary group targets Android users with fake VPN apps

Information

Malicious apps used in this active campaign exfiltrate contacts, SMS messages, recorded phone calls, and even chat messages from apps such as Signal, Viber, and Telegram ESET researchers have identified an active campaign targeting Android users, conducted by the Bahamut APT group. This campaign has been active since January 2022 and malicious apps are distributed through a fake SecureVPN website that provides only Android apps to download. Note that although the malware employed throughout this…

Read More
24 Nov

10 tips to avoid Black Friday and Cyber Monday scams

Information

It pays not to let your guard down during the shopping bonanza – watch out for some of the most common scams doing the rounds this holiday shopping season Black Friday and Cyber Monday are just around the corner, and scammers are also turning up their efforts in order to cash in on unsuspecting victims during what is traditionally the busiest bargain-hunting period of the year. In 2021, consumers spent a whopping US$8.9 billion on…

Read More
24 Nov

S3 Ep110: Spotlight on cyberthreats – an expert speaks [Audio + Text]

Information

by Paul Ducklin SPOTLIGHT ON CYBERTHREATS Security specialist John Shier tells you the “news you can really use” – how to boost your cybersecurity based on real-world advice from the 2023 Sophos Threat Report. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Paul Ducklin and John Shier. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts,…

Read More
24 Nov

EPSS explained: How does it compare to CVSS?

Data Breaches, Malware, Social Engineering

The Common Vulnerability Scanning System (CVSS) is the most frequently cited rating system to assess the severity of security vulnerabilities. It has been criticized, however, as not being appropriate to assess and prioritize risk from those vulnerabilities. For this reason, some have called for using the Exploit Prediction Scoring System (EPSS) or combining CVSS and EPSS to make vulnerability metrics more actionable and efficient. Like CVSS, EPSS is governed by the Forum of Incident Response…

Read More
24 Nov

DUCKTAIL malware campaign targeting Facebook business and ads accounts is back

Data Breaches, Malware, Social Engineering

A group of attackers, likely based in Vietnam, that specializes in targeting employees with potential access to Facebook business and ads management accounts, has re-emerged with changes to its infrastructure, malware, and modus operandi after being initially outed a few months ago. Dubbed DUCKTAIL by researchers from WithSecure, the group uses spear phishing to target individuals on LinkedIn who have job descriptions that could suggest they have access to manage Facebook business accounts. More recently,…

Read More
23 Nov

Security fatigue is real: Here’s how to overcome it

Information

Do your employees take more risks with valuable data because they’ve become desensitized to security guidance? Spot the symptoms before it’s too late. IT security is often regarded as the “Department of No” and sometimes it’s easy to see why. In a world of escalating cyber-risk, expanding attack surfaces and a fast-growing cybercrime economy, security teams are understandably keen to limit the damage their employees could cause. After all, it takes just one misplaced click…

Read More
23 Nov

CryptoRom “pig butchering” scam sites seized, suspects arrested in US

Information, Malware

by Paul Ducklin Over the past year, we’ve had the unfortunate need to warn our readers not once, but twice, about a scam we’ve dubbed CryptoRom, a portmanteau word formed from the terms “Cryptocurrency” and “Romance scam”. Simply put, these scammers use a variety of techniques, notably including prowling on dating sites, to meet people online, form a friendship… …not with the intention of drawing their victims into a “we’ve fallen in love, now send…

Read More