CyberSecurity Updates

24 Oct

Serious Security: You can’t beat the house at Blackjack – or can you?

Information

by Paul Ducklin Cryptoguru Bruce Schneier (where crypto means cryptography, not the other thing!) just published an intriguing note on his blog entitled On the Randomness of Automatic Card Shufflers. If you’ve ever been to a casino, at least one in Nevada, you’ll know that the blackjack tables don’t take chances with customers known in the trade as card counters. That term is used to refer to players who have trained their memories to the…

Read More
24 Oct

Apple megaupdate: Ventura out, iOS and iPad kernel zero-day – act now!

Information

by Paul Ducklin Apple’s latest collection of security updates has arrived, including the just-launched macOS 13 Ventura, which was accompanied by its own security bulletin listing a whopping 112 CVE-numbered security holes. Of those, we counted 27 arbitrary code execution holes, of which 12 allow rogue code to be injected right into the kernel itself, and one allows untrusted code to be run with system privileges. On top of that, there are two elevation-of-privilege (EoP)…

Read More
24 Oct

Apple Fixes Exploited Zero-Day With iOS 16.1 Patch

Information, News

Apple on Monday shipped a major iOS update with fixes at least 20 documented security defects, including a kernel flaw that’s already being actively exploited in the wild. The Cupertino device maker confirmed the active exploitation of CVE-2022-42827, warning in a barebones advisory that the flaw exposes iPhones and iPads to arbitrary code execution attacks. “An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this…

Read More
24 Oct

Typosquatting Campaign Impersonates Brand-Name Websites

Attacks, Malware

It is recommended that organizations focus on cybersecurity awareness training for its personnel as one security control to avoid typosquatting attacks. Users should only navigate to trusted sites from their own links or by identifying a reputable site from a search engine. In addition, users should be aware that they cannot trust links in advertisements or in email from untrusted parties. Due to the proliferation of Business Email Compromise (BEC), users should also be cautious…

Read More
24 Oct

Iranian Nuclear Energy Agency Becomes Target of Hacktivist Group

Attacks, Malware

Black Reward’s intention is not to have any type of monetary gain, but rather to expose corrupt activity. Being at the center of world controversy has opened Iran up to the possibility of more attacks of this style. Binary Defense analysts will continue to monitor this situation and provide updates as necessary. https://www.theregister.com/2022/10/24/black_reward_iran_nuclear_leak/?&web_view=true

Read More
24 Oct

CISA Warns of Daixin Hackers Targeting Healthcare Organizations

Attacks, Malware

According to the advisory, Virtual Private Network (VPN) servers are used in these attacks to gain initial access to targeted networks, often exploiting unpatched security vulnerabilities and compromised credentials obtained via phishing emails. After establishing a foothold, the Daixin Team has been seen moving laterally via Secure Shell (SSH) and remote desktop protocol (RDP), then gaining elevated privileges using techniques like credential dumps. “The actors have leveraged privileged accounts to gain access to VMware vCenter…

Read More
24 Oct

CISA Adds Six Known Exploited Vulnerabilities to Catalog

Attacks, Insights, Malware

Original release date: October 24, 2022 CISA has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.       Binding Operational Directive (BOD)…

Read More
24 Oct

Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSC

Data Breaches, Malware, Social Engineering

A secure by design approach is vital to protecting the internet of things (IoT) and smart cities, according to Lindy Cameron, CEO of the UK National Cyber Security Centre (NCSC). Cameron spoke during Singapore International Cyber Week, calling for swift ongoing action to ensure connected devices are designed, built, deployed, and managed securely to prevent malicious actors, improve national resilience, and reap the benefits of emerging technologies. Growth of IoT giving rise to increased security…

Read More
24 Oct

Iran’s nuclear energy agency confirms email server hacked

Data Breaches, Malware, Social Engineering

The Atomic Energy Organization of Iran on Sunday confirmed that an email server at its  Bushehr Nuclear Power Plant was hacked. The organization blamed a foreign country, but an Iranian hacking group that goes by the name Black Reward has claimed responsibility for the breach. The Atomic Energy Organization said that the IT group serving the Bushehr plant has examined and issued a report on the breach, and denied any sensitive information being exposed. The…

Read More
24 Oct

Cybersecurity Awareness Month 2022: Recognizing & Reporting Phishing

Insights

This blog will officially wrap up our 2022 Cybersecurity Awareness Month blog series — today we have a special interview from Marian Merritt, deputy director, lead for industry engagement for the National Initiative for Cybersecurity Education (NICE)! Marian will be discussing the importance of recognizing and reporting phishing incidents in detail. A phishing attack is an attempt to fool an individual into sharing private information or taking an action that gives criminals access to your…

Read More