Ongoing cyberattacks against satellite communications systems have prompted Space Systems Cybersecurity Standard working group members to call for the development of secure-by-design specifications for space system components, CyberScoop reports. Article Link: Secure-by-design space systems pushed amid increased cyber threats | SC MediaRead more
Barracuda Networks has disclosed CVE-2023-2868 – a zero-day vulnerability in its Email Security Gateway (ESG) appliances that has been exploited for the past eight months, with the earliest identified evidence of exploitation back in October 2022. CVE-2023-2868 was identified on May 19, one day after Barracuda were alerted to suspicious traffic from ESG appliances. In …
CVE-2023-2868: fixing the zero-day vulnerability in Barracuda Networks ESG Read More »
Introduction As a penetration tester, I am constantly seeking innovative tools and techniques to enhance my capabilities and stay ahead in the ever-evolving field of cybersecurity. Recently, I had the opportunity to explore Chat GPT, a powerful language model developed by OpenAI, and I must say it has revolutionized the way I approach code creation, …
SIEM is now a fundamental security component of modern enterprises. The major reason is that each customer or tracker creates a virtual footprint in the log data of a network. SIEM systems leverage these log data to get knowledge into past incidents and events. A SIEM system not only determines that an attack has occurred …
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MOVEit Transfer zero-day attacks: The latest infoProgress Software has updated the security advisory and confirmed that the vulnerability (still without a CVE number) is a SQL injection vulnerability in the MOVEit Transfer web application that could allow an unauthenticated attacker …
Cyber Security Asia 2023 Now more than ever, businesses, governments, and individuals alike must be aware of the ever-growing threats posed by cyber criminals. I’m excited to once again be returning to the Cybersecurity Asia Conference to deliver a session on the latest technologies, strategies and insights to help combat the growing threats of cybercrime, …
Share this… The significance of keeping one’s data safe has never been more pressing than it is in today’s increasingly linked society. Zero-day vulnerabilities are known to often hide in the shadows of our digital landscapes, where they patiently wait to be exploited. Today, we are going to shed light on one of these recently …
Isolate or shut down your MOVEit Transfer servers and machines immediately Read More »
Share this… A vulnerability that was only recently found and given the name “Migraine” is connected to macOS migration functionality and represents a significant risk. It gives attackers with root access the ability to avoid macOS’s System Integrity Protection (SIP), which in turn grants them complete control over the compromised device. The security vulnerability, which …
Hacking Apple macOS devices exploiting the Migration Assistant Read More »
In the ever-evolving landscape of cybersecurity, the role of a security engineer is becoming increasingly vital. As the complexity of cyber threats continues to rise, security professionals must equip themselves with versatile skill sets to effectively safeguard digital systems. One skill that has emerged as a game-changer in this field is coding. In this blog …
Code hidden inside PC motherboards left millions of machines vulnerable to malicious updates, researchers revealed this week. Staff at security firm Eclypsium found code within hundreds of models of motherboards created by Taiwanese manufacturer Gigabyte that allowed an updater program to download and run another piece of software. While the system was intended to keep the …
Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has …
New Linux Ransomware BlackSuit is similar to Royal ransomware Read More »
Jun 02, 2023Ravie LakshmananCyber Espionage / APT U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics to strike think tanks, academia, and news media sectors. The “sustained information gathering efforts” have been attributed to a state-sponsored cluster dubbed Kimsuky, which is also …
North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks Read More »
Feature Assuming the weather and engineering gods cooperate, a US government-funded satellite dubbed Moonlighter will launch at 1235 EDT (1635 UTC) on Saturday, hitching a ride on a SpaceX rocket before being releasing into Earth’s orbit. And in roughly two months, five teams of DEF CON hackers will do their best to successfully remotely infiltrate …
Uncle Sam wants DEF CON hackers to pwn this Moonlighter satellite in space Read More »
Jun 03, 2023Ravie LakshmananEndpoint Security / Linux An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an “extremely high degree of similarity” between Royal and BlackSuit. …
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal Read More »
A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity talent. EC-Council, the global leader in cybersecurity education and training, released its Certified Chief Information Security Officer Hall of …
This report provides a comprehensive analysis of the SNOWYAMBER dropper, and it’s modifications, a sophisticated piece of malware attributed to the Advanced Persistent Threat group APT29. The group is believed to be tied to the Russian government and has been linked to numerous cyber espionage operations. Threat actor APT29, also known as The Dukes or …
Malware analysis report: SNOWYAMBER (+APT29 related malwares) Read More »
On May 31, 2023, Progress Software released a security bulletin about a critical vulnerability in MOVEit Transfer. The security bulletin states: “a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized access to MOVEit Transfer’s database. Depending on the database engine being used …
Update now! MOVEit Transfer vulnerability actively exploited Read More »
Image Source: Pexels Smart contracts are touted as being a game-changing technology and perhaps the best example of how crypto-related solutions can have viable real-world applications beyond speculative investing. Despite the promise they show, smart contracts are not without their issues, especially where security is concerned. So let’s delve into what they are, what problems …
Understanding The Security Threats & Challenges With Smart Contracts Read More »
Cybercrime , Endpoint Security , Fraud Management & Cybercrime TinyNote Creates a ‘You Can’t See It But It’s There’ Open Window Jayant Chakravarti (@JayJay_Tech) • June 2, 2023 Image: Shutterstock A Chinese espionage threat group is using a novel backdoor to bypass a popular Indonesian antivirus. Security researchers say targets include European embassies …
Chinese APT Backdoor Bypasses Indonesian Antivirus Read More »
CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) have been around for over 20 years, and they are still one of the most common security measures used to prevent bots from accessing websites. However, the rise of CAPTCHA-breaking services has made it more difficult for website owners to protect their websites …
Are CAPTCHAs Still an Effective Security Measure? Read More »
Hidden within the shadows of the internet, the dark web hosts illicit activities and cyber threats. In this landscape, remaining one step ahead is critical and a pressing issue. Our modern digital reliance underscores the significance of proactive threat intelligence and dark web monitoring. In this article, we dive into these crucial aspects of cybersecurity …
US CISA added actively exploited Progress MOVEit Transfer zero-day vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a Progress MOVEit Transfer SQL injection vulnerability, tracked as CVE-2023-34362, to its Known Exploited Vulnerabilities Catalog. Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product …
By Bonnie Eslinger (June 2, 2023, 9:12 PM EDT) — A split Ninth Circuit panel on Friday revived Enigma Software’s unfair competition lawsuit against Malwarebytes Inc. over the cybersecurity company labeling Enigma’s software as a threat, with the dissenting judge saying the decision sends “a chilling message” that cybersecurity companies could be held liable by …
9th Circ. Revives Lanham Act Suit As Dissent Raises Red Flag Read More »
The realm of cybersecurity is constantly evolving, and staying ahead of emerging threats is crucial for organizations of all sizes. To gain invaluable insights and strategies to combat the ever-growing security challenges, the Gartner Security and Risk Management Summit in National Harbor, MD from June 5th to June 7th, 2023, is an event that should …
Gartner Security and Risk Management Summit 2023 Preview – Uptycs Read More »
The Russian federal security agency, the FSB, has put out a security alert claiming that US intelligence services are behind an attack campaign that exploits vulnerabilities in iOS and compromised thousands of iPhones devices in Russia, including those of foreign diplomats. In a separate report, Russian antivirus vendor Kaspersky Lab said that several dozen of …
Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab Read More »
In today’s world of software development, cybersecurity is more than a luxury; it’s a necessity. Cyber threats aren’t only growing in frequency, complexity, and sophistication, they’re targeting developer environments and the software supply chain. The need for robust, secure software development frameworks is more critical than ever. However, not all organizations know how to secure …
How to Stay Ahead of Future Requirements for the NIST SSDF Read More »
According to Kaspersky, this is an ongoing investigation, and the perpetrators are yet to be determined. The CEO of cybersecurity giant and antivirus vendor Kaspersky, Eugene Kaspersky, revealed in a blog post that dozens of iPhones used by their senior employees contained spyware capable of recording audio, capturing images from messaging apps, geolocation, and more. …
Kaspersky Reveals iPhones of Employees Infected with Spyware Read More »
A legal document platform used by several arms of the U.S. government is investigating claims by a ransomware group that it has been attacked. Casepoint, based outside of Washington, D.C., provides organizations with a platform to post legal documents for litigation, investigations and compliance. In April the company signed a five-year deal with the United …
Legal services platform used by SEC, Pentagon investigating ransomware attack claims Read More »
New vulnerabilities, new attacks.New technologies, new attacks.New defenses, new attacks. Keeping up with the newest attack methods is almost as hard as keeping up with ChatGPT-based apps, services, and browser plugins. It’s a Sisyphean practice that security practitioners can’t avoid, so it helps for them to have trusted sources to stay current about the latest …
Previewing the 2023 Verizon Data Breach Investigation Report Read More »
In the previous blog, we described how to catch attackers targeting Active Directory (AD) in the reconnaissance stage, which is one of the earliest stages of the attack. We mainly focused on LDAP protocol, flagging suspicious queries. In part two, we describe how to detect more advanced AD attacks that are based on DCE/RPC protocol. …
How to Spot and Stop Active Directory Attacks Faster – Part 2 Read More »
