Posts

Showing posts from August, 2022

The Hacker News - Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. The issue, tracked as CVE-2022-32893 (CVSS score: 8.8), is an out-of-bounds write issue affecting WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. The tech from The Hacker News https://thehackernews.com/2022/09/apple-releases-ios-update-for-older.html

Threat Post - Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line. from Threatpost https://threatpost.com/student-loan-breach-exposes-2-5m-records/180492/

The Hacker News - Google Launches New Open Source Bug Bounty to Tackle Supply Chain Attacks

Google on Monday introduced a new bug bounty program for its open source projects, offering payouts anywhere from $100 to $31,337 (a reference to eleet or leet) to secure the ecosystem from supply chain attacks. Called the Open Source Software Vulnerability Rewards Program (OSS VRP), the offering is one of the first open source-specific vulnerability programs. With the tech giant the maintainer from The Hacker News https://thehackernews.com/2022/08/google-launches-new-open-source-bug.html

The Hacker News - Chinese Hackers Used ScanBox Framework in Recent Cyber Espionage Attacks

A months-long cyber espionage campaign undertaken by a Chinese nation-state group targeted several entities with reconnaissance malware so as to glean information about its victims and meet its strategic goals. "The targets of this recent campaign spanned Australia, Malaysia, and Europe, as well as entities that operate in the South China Sea," enterprise security firm Proofpoint said in a from The Hacker News https://thehackernews.com/2022/08/chinese-hackers-used-scanbox-framework.html

Threat Post - Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. from Threatpost https://threatpost.com/watering-hole-attacks-push-scanbox-keylogger/180490/

KnowBe4 - [KREBS ON SECURITY] How 1-Time Passcodes Became a Corporate Liability

Image
[The following article is at it appears at Krebs on Security  here .] Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/krebs-on-security-how-1-time-passcodes-became-a-corporate-liability

Krebs - How 1-Time Passcodes Became a Corporate Liability

Image
Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. The phishers behind this scheme used newly-registered d...

KnowBe4 - The Extent of Social Engineering

Image
Researchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering , although only 54% have heard of the term “social engineering.” 85% percent of the respondents said they were aware of the term “phishing,” and 36% said they had fallen victim to a phishing email. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/the-extent-of-social-engineering

The Hacker News - Hackers Use ModernLoader to Infect Systems with Stealers and Cryptominers

As many as three disparate but related campaigns between March and Jun 2022 have been found to deliver a variety of malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. "The actors use PowerShell, .NET assemblies, and HTA and VBS files to spread across a targeted network, eventually dropping other pieces of malware, such as the SystemBC trojan and from The Hacker News https://thehackernews.com/2022/08/hackers-use-modernloader-to-infect.html

The Hacker News - Hands-on Review: Stellar Cyber Security Operations Platform for MSSPs

As threat complexity increases and the boundaries of an organization have all but disappeared, security teams are more challenged than ever to deliver consistent security outcomes. One company aiming to help security teams meet this challenge is Stellar Cyber.  Stellar Cyber claims to address the needs of MSSPs by providing capabilities typically found in NG-SIEM, NDR, and SOAR products in their from The Hacker News https://thehackernews.com/2022/08/hands-on-review-stellar-cyber-security.html

Schneier - FTC Sues Data Broker

This is good news: The Federal Trade Commission (FTC) has sued Kochava, a large location data provider, for allegedly selling data that the FTC says can track people at reproductive health clinics and places of worship, according to an announcement from the agency . “Defendant’s violations are in connection with acquiring consumers’ precise geolocation data and selling the data in a format that allows entities to track the consumers’ movements to and from sensitive locations, including, among others, locations associated with medical care, reproductive health, religious worship, mental health temporary shelters, such as shelters for the homeless, domestic violence survivors, or other at risk populations, and addiction recovery,” the lawsuit reads . from Schneier on Security https://www.schneier.com/blog/archives/2022/08/ftc-sues-data-broker.html

The Hacker News - FBI Warns Investors to Take Precautions with Decentralized Financial Platforms

The U.S. Federal Bureau of Investigation (FBI) on Monday warned of cyber criminals increasingly exploiting flaws in decentralized finance (DeFi) platforms to plunder cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors' cryptocurrency," the agency said in a notification. Attackers are said to have used from The Hacker News https://thehackernews.com/2022/08/fbi-warns-investors-to-take-precautions.html

The Hacker News - FTC Sues Data Broker Over Selling Location Data for Hundreds of Millions of Phones

The U.S. Federal Trade Commission (FTC) on Monday said it filed a lawsuit against Kochava, a location data broker, for collecting and selling precise geolocation data gathered from consumers' mobile devices. The complaint alleges that the U.S. company amasses a "wealth of information" about users by purchasing data from other data brokers to sell to its own clients. "Kochava then sells from The Hacker News https://thehackernews.com/2022/08/ftc-sues-data-broker-over-selling.html

Threat Post - Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. from Threatpost https://threatpost.com/0ktapus-victimize-130-firms/180487/

SBS CyberSecurity - In The Wild 290

Image
     In The Wild - CyberSecurity Newsletter Welcome to the 290 th     issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!            Hacker Hour: Locking Down Microsoft 365 Date: Tuesday,  August  30 Time: 2:00 - 3:00 PM CT SBS Educational R...