CyberSecurity Updates

13 Oct

GoldenJackal jumps the air gap … twice – Week in security with Tony Anscombe

Information

Video ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities 11 Oct 2024 This week, ESET researchers published the results of their probe into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities, including those based in Europe. The toolsets were deployed by a little-known APT group called GoldenJackal and allowed it…

Read More
12 Oct

Telekopye transitions to targeting tourists via hotel booking scam

Information

The growing popularity of online marketplaces has attracted fraudsters preying on unsuspecting buyers and sellers, looking to score payment card information rather than to strike a bargain. ESET researchers have found that one such organized scammer network – which uses Telekopye, a toolkit discovered by ESET Research in 2023 – has expanded its operations to target users of popular accommodation booking platforms. Last year, we published a two-part blogpost series on Telekopye, a Telegram-based toolkit…

Read More
10 Oct

Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

Attacks, Insights, Malware

CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet facing devices on the network. F5 BIG-IP is a suite of hardware and software solutions designed to manage and secure network traffic. A malicious cyber actor could leverage the information gathered from unencrypted persistence cookies to infer or identify additional network resources and potentially exploit vulnerabilities found in other devices present on the network.…

Read More
10 Oct

Cyber insurance, human risk, and the potential for cyber-ratings

Information

Business Security Could human risk in cybersecurity be managed with a cyber-rating, much like credit scores help assess people’s financial responsibility? Tony Anscombe 08 Oct 2024  •  , 5 min. read It’s undeniable that cyber insurance and cybersecurity are intrinsically linked. One requires the other, and they are a perfect pairing, even if they may deny the relationship. Looking ahead, however, we probably need to add a third party into the relationship: the business. Now…

Read More
09 Oct

Lamborghini Carjackers Lured by $243M Cyberheist

Information, Insights

The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was beaten and briefly kidnapped by six young men who traveled from Florida as part of a botched plan to hold the parents for ransom. Image: ABC7NY.  youtube.com/watch?v=xoiaGzwrunY Late in the afternoon of Aug. 25, 2024 in…

Read More
09 Oct

Mind the (air) gap: GoldenJackal gooses government guardrails

Information

ESET researchers discovered a series of attacks on a governmental organization in Europe using tools capable of targeting air-gapped systems. The campaign, which we attribute to GoldenJackal, a cyberespionage APT group that targets government and diplomatic entities, took place from May 2022 to March 2024. By analyzing the toolset deployed by the group, we were able to identify an attack GoldenJackal carried out earlier, in 2019, against a South Asian embassy in Belarus that, yet…

Read More
08 Oct

Patch Tuesday, October 2024 Edition

Information, Insights

Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new macOS 15 “Sequoia” update that broke many cybersecurity tools. One of the zero-day flaws — CVE-2024-43573 — stems from a security weakness in MSHTML, the proprietary engine of…

Read More
08 Oct

Microsoft Releases October 2024 Security Updates

Attacks, Insights, Malware

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft Security Update Guide for October

Read More
08 Oct

Scalability Challenges in Privacy-Preserving Federated Learning

Insights

This post is part of a series on privacy-preserving federated learning. The series is a collaboration between NIST and the UK government’s Responsible Technology Adoption Unit (RTA), previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NIST’s Privacy Engineering Collaboration Space or RTA’s blog.  Introduction In this post, we talk with Dr. Xiaowei Huang and Dr. Yi Dong (University of Liverpool), Dr. Mat Weldon (UK Office of…

Read More
08 Oct

CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations

Attacks, Insights, Malware

Today, CISA and the Federal Bureau of Investigation (FBI) released joint fact sheet, How to Protect Against Iranian Targeting of Accounts Associated with National Political Organizations. This fact sheet provides information about threat actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC) targeting and compromising accounts of Americans to stoke discord and undermine confidence in U.S. democratic institutions. IRGC actors have previously gained and continue to seek access to personal and business accounts…

Read More