Canon warns that over 200 of its inkjet printer models have a vulnerability that fails to erase Wi-Fi configuration settings, potentially exposing sensitive information. The affected models include both home and office printer series. Canon recommends performing a full reset of all settings and then enabling wireless LAN and resetting settings again. The company has provided a list of affected printer models. #Canonprinters #WiFivulnerability #printersecurity
https://www.securityweek.com/200-canon-printer-models-may-expose-wi-fi-connection-data/
Possible Chinese Malware in US Systems a 'Ticking Time Bomb': Report. #China #malware #USsystems #cybersecurity. The Biden administration believes China has implanted malware in key US power and communications networks, posing a threat to the military in the event of a conflict with Taiwan. The malware could disrupt US military operations and affect homes and businesses across the United States. #securitybreach #USChinarelations.
https://www.securityweek.com/possible-chinese-malware-in-us-systems-a-ticking-time-bomb-report/
APT31, also known as Judgment Panda and Zirconium, has been targeting industrial organizations with dedicated implants for data gathering and exfiltration. The threat actor's sophisticated tactics include obfuscating their actions through encrypted payloads, memory injections, and DLL hijacking. The researchers identified over 15 distinct implants divided into three categories based on their roles. Meanwhile, Kaspersky emphasizes the importance of staying vigilant and implementing cybersecurity defenses in industrial organizations. #APT31 #IndustrialCybersecurity #DataExfiltration #DLLHijacking #CyberThreats
https://www.infosecurity-magazine.com/news/apt31-target-industrial-firms/
SpyNote Android Spyware targets financial institutions and carries out bank fraud by exploiting Accessibility services and Android permissions. It is distributed through email phishing and smishing campaigns and uses RAT capabilities and vishing attacks. The malware impersonates legitimate applications, intercepts SMS messages and 2FA codes, and records screens. It employs defense evasion techniques to avoid detection. The aggressive and extensive nature of the SpyNote campaign suggests that threat actors will continue to use it for bank fraud. #Spyware #Android #BankFraud #AccessibilityServices #Permissions
https://www.infosecurity-magazine.com/news/spynote-spyware-financial/
New WikiLoader malware evades detection, targeting Italian organizations. It uses various vectors for distribution, such as macro-enabled documents and PDFs. The malware is highly obfuscated and uses indirect syscalls and sandbox hooks to evade analysis. It also employs packed downloaders and has multiple versions under rapid development. The malware could be used by initial access brokers to deliver malware. Recommended measures include disabling macros, blocking execution of external files within OneNote, and adjusting default file extension associations. #WikiLoader #malware #cybersecurity #ItalianOrganizations #evadedetection
https://www.infosecurity-magazine.com/news/new-wikiloader-malware-extreme/
Spyware App Compromised Over 60,000 Android Devices to Steal Sensitive Data. Spyware hides on victim's devices, making it difficult to detect. Spyhide, a widely used spyware, exposed its development environment. The backend database of Spyhide contained 60,000 compromised devices with call logs, text messages, and location history. Iranian developers were identified through the source code. Spyware apps hide as legitimate apps, such as Google Settings. Users should download apps from legitimate sources and use spyware detection apps. #Android #CyberSecurity
Summary:
- IPv4 addresses have been on the verge of extinction since the last decade due to the boom of IoT and cloud service providers.
- Organizations are still relying on exhausted IPv4 addresses, resulting in a 300% cost increase in the past 5 years.
- AWS has announced that starting from February 2024, there will be a charge of $0.005/hour/IPv4 for all public IPv4 addresses.
- AWS encourages organizations to adopt IPv6 addresses to avoid complications and reduce billing for IPv4 addresses.
Hashtags:
- #IPv4addresses
- #AWScharging
- #IPv6adoption
- #costincrease
https://cybersecuritynews.com/aws-charge-for-ipv4-addresses/
Hackers have released two new black hat AI tools called XXXGPT and Wolf GPT. These tools are based on the popularity of ChatGPT and are being used for malicious activities. The developers of these tools claim that they are sophisticated and advanced, with various malicious features. Some of the features of XXXGPT include providing code for botnets, RATs, malware, and keyloggers. Wolf GPT, on the other hand, offers complete confidentiality and enables powerful cryptographic malware creation and advanced phishing attacks. These tools can be easily exploited by both beginner and advanced threat actors for monetary gains. It is recommended to have a robust defense-in-depth strategy, mandate BEC-specific training, use a robust security solution, implement enhanced email verification measures, and stay informed about the latest cybersecurity news. #Hackers #BlackHatAI #XXXGPT #WolfGPT #CyberSecurity #ThreatActors.
https://cybersecuritynews.com/black-hat-ai-tools-xxxgpt-and-wolf-gpt/
Automatically Finding Prompt Injection Attacks. Researchers have developed a method to automate the discovery of prompt injection attacks. These attacks can bypass the safety rules of AI models and create harmful content. The attacks can be applied to multiple AI models including open-source and closed-source ones. It raises concerns about the security of AI systems and the need for better safeguards. #promptinjectionattacks #automateddiscovery #AIsecurity
https://www.schneier.com/blog/archives/2023/07/automatically-finding-prompt-injection-attacks.html
Network security is crucial for businesses of all sizes and can help prevent significant breaches. Recent examples like the Uber and CISCO breaches highlight the importance of implementing multiple security measures. A network security strategy should include Single Sign-On with Multi-Factor Authentication, Zero Trust Network Access, malware protection, and web filtering. Compliance with regulations is also essential. When selecting a network security solution, consider scalability, cost, and compatibility with existing infrastructure. Perimeter 81 is a cloud-based solution that offers comprehensive network security features in one management console. Developing a robust network security strategy is vital for protecting data and preventing cyber threats.
#networksecurity #multifactorauthentication #zerotrustnetwork #malwareprotection #webfiltering #compliance #perimeter81 #cybersecurity
Summary: CISA has analyzed malware used in Barracuda ESG attacks. The malware families include SeaSpy, SaltWater, SeaSide, SandBar, SeaSpray, and SkipJack. The attacks targeted victims in 16 different countries, including government officials and academics. CISA has published reports detailing the exploit payload and backdoor, as well as indicators of compromise.
Hashtags: #CISA #BarracudaESG #malware #cybersecurity #attacks
https://www.securityweek.com/cisa-analyzes-malware-used-in-barracuda-esg-attacks/
Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks. Hashtags: #Ivanti #EPMM #ZeroDay #Vulnerability #Cybersecurity
Global Lawyers Unveil Cyber Best Practices for Execs #cybersecurity #executives #bestpractices #riskmanagement #governance
The International Bar Association (IBA) has published a report to guide senior executives and boards in protecting their organizations from cyber risk. #IBA #cyberrisk #seniorexecutives #boards
The report provides insight into the main elements of a strong cyber-risk management program. #cybersecurity #riskmanagement #program
The IBA argues that cybersecurity regulations vary considerably, and there is a lack of structured overview of best practices for boards and senior management. #regulations #bestpractices #boards #seniormanagement
The report draws on reporting from 10 jurisdictions and makes recommendations for understanding cyber-risk profiles, protecting information assets, and understanding regulatory requirements. #jurisdictions #cyberriskprofiles #informationassets #regulatoryrequirements
https://www.infosecurity-magazine.com/news/global-lawyers-cyberbest-practices/
Summary:
- Incident reporting is crucial for threat prevention and security improvement.
- It helps identify patterns, vulnerabilities, and common attack methods.
- Incident reporting contributes to a culture of security and accountability.
- Leadership commitment and clear guidelines are essential for creating a culture of incident reporting.
- Making reporting simpler and facilitating anonymous reporting promotes participation.
- Going beyond compliance and providing feedback to employees is important.
- Leveraging people, processes, and technology strengthens incident reporting culture.
Hashtags:
#IncidentReporting #SecurityCulture #ThreatPrevention #LeadershipCommitment #ClearGuidelines #AnonymousReporting #FeedbackLoop #Cybersecurity #Accountability #CultureBuilding #PeopleProcessesTechnology #StrongSecurityPosture
https://www.infosecurity-magazine.com/opinions/create-culture-incident-reporting/
M&A deals in cybersecurity saw significant activity in July 2023. Thales acquired Imperva for $3.6bn, further emphasizing the importance of cybersecurity. Other deals included Node4 acquiring ThreeTwoFour, Forcepoint selling its G2CI business to TPG, and Honeywell buying SCADAfence. ProcessUnity merged with CyberGRX to enhance supply chain security, and Safe Security acquired RiskLens to scale cyber risk management. Cisco acquired Oort for its identity threat detection technology, and Graylog purchased Resurface.io's API security platform. Integrity360 acquired Advantio, and Absolute Software was acquired by Crosspoint Capital for $870m. #M&A #cybersecurity #Thales #Imperva #Node4 #Forcepoint #Honeywell #ProcessUnity #CyberGRX #SafeSecurity #RiskLens #Cisco #Oort #Graylog #Resurfaceio #Integrity360 #Advantio #AbsoluteSoftware
https://www.infosecurity-magazine.com/news-features/july-m-a-news-roundup/
Summary:
- Malware protection solutions are essential to defend against cyber threats that target individuals and companies worldwide.
- These solutions include antivirus software, endpoint protection platforms, anti-malware software, and more.
- Malware protection tools use various methods to locate and eliminate malware threats.
- Choosing the best malware protection solution requires considering factors such as past performance, compatibility, user interface, and pricing.
- Some of the top malware protection solutions in 2023 include Perimeter81, Norton, McAfee, Kaspersky, and Bitdefender.
- These solutions offer features such as secure web browsing, real-time threat protection, firewall, VPN, and identity theft protection.
- Other notable malware protection solutions include Avast, Trend Micro, ESET, Malwarebytes, and Sophos.
- Each solution has its own strengths and weaknesses, and selecting the right one depends on individual needs and preferences.
Hashtags:
#MalwareProtection #CyberSecurity #Antivirus #EndpointProtection #AntiMalware #NGAV #InternetSecurity #NetworkSecurity #BrowserExtensions
https://cybersecuritynews.com/best-malware-protection-solutions/
Trust Wallet's newly launched browser extension has a major vulnerability that allows attackers to steal funds without user interaction. The flaw is due to the use of a weak PRNG and system interfaces in the extension. The vulnerability was reported to Binance and has been fixed on GitHub, but funds remain at risk. #TrustWallet #vulnerability #cybersecurity
https://cybersecuritynews.com/trust-wallet-browser-extension-flaw/
IBM Security Verify Access has a flaw that allows attackers to launch phishing attacks. #cybersecurity #vulnerability
The flaw is an open-redirect vulnerability that allows attackers to spoof the original URL of IBM Security Verify Access.
Attackers can use this vulnerability to lure victims into a malicious website and steal sensitive information.
The vulnerability is present due to the default configuration of the Advanced Access Control module.
IBM has already released a patch to fix this vulnerability.
Affected products include IBM Security Verify Access Appliance and Docker.
To fix the vulnerability, users must modify the sps.targetURLWhitelist property with a list of whitelisting URLs.
Stay informed about the latest cybersecurity news on GoogleNews, Linkedin, Twitter, and Facebook.
https://cybersecuritynews.com/ibm-security-verify-access-flaw/
#nostr feels like mid 90's chat rooms