CyberSecurity Updates

01 Nov

The OSPO – the front line for secure open-source software supply chain governance

Data Breaches, Malware, Social Engineering

Organizations of every shape, size, and sector have embraced open-source software (OSS). The financial, medical, and manufacturing industries – and even national security – now use OSS to power their most critical applications and activities. However, this widespread adoption comes with pitfalls: a corresponding increase of almost 800% in software supply chain attacks according to the State of the Software Supply Chain from Sonatype. With the rapid growth of OSS adoption, organizations have begun to…

Read More
31 Oct

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Information, Insights

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon, a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion. Ukrainian national Mark Sokolovsky, seen here in…

Read More
31 Oct

White House Seeks International Cooperation to Thwart Growing Ransomware Threat

Attacks, Malware

Governments across the globe continue to look for ways to effectively battle ransomware. It has become a top priority for many world leaders especially in the US, but organizations still need to take their own steps to ensure they are protected from ransomware. To protect against ransomware attacks, organizations should:• Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from…

Read More
31 Oct

Samsung Galaxy Store Bug

Attacks, Malware

The issue in the Galaxy Store app relates to how deeplinks are configured for Samsung’s Marketing and Content Service (MCS), which might create a situation where arbitrary code injected into the MCS website could lead to its execution. This vulnerability could be leveraged to download and install malicious programs on the Samsung smartphone. “To be able to successfully exploit the victim’s server, it is necessary to have HTTPS and CORS bypass of chrome,” stated the…

Read More
31 Oct

Credential Stuffing Attack Impacts Air New Zealand Customers

Attacks, Malware

Credential stuffing attacks highlight the importance of taking proper measures to ensure accounts are secured. Individuals should use strong and unique passwords for each account that requires them, especially for those that contain sensitive information. Taking advantage of Multi-Factor Authentication when it’s offered is also strongly suggested https://www.stuff.co.nz/business/130310228/air-nz-faces-cyber-breach-multiple-accounts-compromised?&web_view=true

Read More
31 Oct

Engineering workstation attacks on industrial control systems double: Report

Data Breaches, Malware, Social Engineering

Engineering workstation compromises were the initial attack vector in 35% of all operational technology (OT) and industrial control system breaches in companies surveyed globally this year, doubling from the year earlier, according to research conducted by the SANS Institute and sponsored by Nozomi Networks. While the number of respondents who said they had experienced a breach in their OT/ICS systems during the last 12 months dropped to 10.5% (down from 15% in 2021), one third…

Read More
31 Oct

CISA releases cybersecurity performance goals to reduce risk and impact of adversarial threats

Data Breaches, Malware, Social Engineering

Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) released voluntary cross-sector Cybersecurity Performance Goals (CPGs). CISA was required to produce the CPGs under a national security memo on improving cybersecurity for critical infrastructure control systems issued by President Biden in July 2021. Working in coordination with the National Institute of Standards and Technology (NIST) and the interagency community, CISA developed “baseline cybersecurity performance goals that are consistent across all critical infrastructure sectors.” CISA…

Read More
31 Oct

Musk Now Gets Chance to Defeat Twitter’s Many Fake Accounts

Information, News

Twitter’s unending fight against spam accounts is now a problem for new owner Elon Musk, who pledged in April to defeat the bot scourge or “die trying!” He later cited bots as a reason to back out of buying the social platform. Now that the billionaire has completed the deal, he’s faced with the task of delivering on his promise to clean up the fake profiles that have preoccupied him and bedeviled Twitter since long…

Read More
31 Oct

CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication 

Attacks, Insights, Malware

Original release date: October 31, 2022 CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication (MFA). CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber threats. If an organization using mobile push-notification-based MFA is unable to implement phishing-resistant MFA, CISA recommends using number matching to mitigate MFA fatigue. Although number matching is not as strong as phishing-resistant…

Read More
31 Oct

RDP on the radar: An up‑close view of evolving remote access threats

Information

Misconfigured remote access services continue to give bad actors an easy access path to company networks – here’s how you can minimize your exposure to attacks misusing Remote Desktop Protocol As the COVID-19 pandemic spread around the globe, many of us, myself included, turned to working full-time from home. Many of ESET’s employees were already accustomed to working remotely part of the time, and it was largely a matter of scaling up existing resources to…

Read More