CyberSecurity Updates

24 Feb

PSYOP campaigns targeting Ukraine – Week in security with Tony Anscombe

Information

Video Coming in two waves, the campaign sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related subjects 23 Feb 2024 This week, ESET researchers revealed their findings about Operation Texonto, a disinformation/psychological (PSYOP) campaign where Russia-aligned threat actors sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related topics. Coming in two waves (in November 2023 and in late December 2023, respectively), the two campaigns spread false information…

Read More
23 Feb

Everything you need to know about IP grabbers

Information

Digital Security You would never give your personal ID to random strangers, right? So why provide the ID of your computer? Unsuspecting users beware, IP grabbers do not ask for your permission. Márk Szabó 22 Feb 2024  •  , 6 min. read A common message that any user of a social platform like Discord might see sometimes are warnings about IP grabbers being included as links in messages on various servers. For someone who probably…

Read More
23 Feb

Updated: Top Cyber Actions for Securing Water Systems

Attacks, Insights, Malware

Today, CISA, the Environmental Protection Agency (EPA), and the Federal Bureau of Investigation (FBI) updated the joint fact sheet Top Cyber Actions for Securing Water Systems. This update includes additional resources—from American Water Works Association, the WaterISAC, and MS-ISAC—to support water systems in defending against from malicious cyber activity.  The fact sheet outlines the following practical actions Water and Wastewater Systems (WWS) Sector entities can take to better protect water systems from malicious cyber activity…

Read More
22 Feb

Watching out for the fakes: How to spot online disinformation

Information

How To Why and how are we subjected to so much disinformation nowadays, and is there a way to spot the fakes? Márk Szabó 20 Feb 2024  •  , 6 min. read One of the best things about the internet is that it’s an expansive repository of knowledge – and this wealth of knowledge is almost never more than a few clicks away. This unfettered access to information brings along its fair share of challenges,…

Read More
22 Feb

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

Information

ESET products and research have been protecting Ukrainian IT infrastructure for years. Since the start of the war in February 2022, we have prevented and investigated a significant number of attacks launched by Russia-aligned groups. We have also published some of the most interesting findings on WeLiveSecurity: Even though our main focus remains on analyzing threats involving malware, we have found ourselves investigating an information operation or psychological operation (PSYOP) trying to raise doubts in…

Read More
22 Feb

New Leak Shows Business Side of China’s APT Menace

Data Breaches, Information, Insights

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry. A marketing slide deck promoting i-SOON’s Advanced Persistent Threat (APT) capabilities. A large cache of more than 500 documents…

Read More
22 Feb

CISA Adds One Known Exploited ConnectWise Vulnerability, CVE-2024-1709, to Catalog

Attacks, Insights, Malware

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-1709 ConnectWise ScreenConnect Authentication Bypass Vulnerability CISA urges organizations to review the ConnectWise Security Bulletin and apply the necessary updates: ConnectWise ScreenConnect 23.9.8 security fix   These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the…

Read More
21 Feb

CISA, EPA, and FBI Release Top Cyber Actions for Securing Water Systems

Attacks, Insights, Malware

Today, CISA, the Environmental Protection Agency (EPA), and the Federal Bureau of Investigation (FBI) released the joint fact sheet Top Cyber Actions for Securing Water Systems. This fact sheet outlines the following practical actions Water and Wastewater Systems (WWS) Sector entities can take to better protect water systems from malicious cyber activity and provides actionable guidance to implement concurrently: Reduce Exposure to the Public-Facing Internet Conduct Regular Cybersecurity Assessments Change Default Passwords Immediately Conduct an…

Read More
20 Feb

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Information, Insights

U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware victims who didn’t pay, LockBit’s victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates. Investigators used the existing design on LockBit’s victim shaming website…

Read More
17 Feb

Cyber-insurance and vulnerability scanning – Week in security with Tony Anscombe

Information

Video Here’s how the results of vulnerability scans factor into decisions on cyber-insurance and how human intelligence comes into play in the assessment of such digital signals 16 Feb 2024 Cyber-insurance has been an increasingly hot topic lately, with the cyber-insurance industry growing of 62 percent last year, which largely appears to be attributable to new contracts. To qualify for a cyber insurance policy, organizations need to meet certain security requirements, which includes having certain…

Read More