DroxiDat-Cobalt Strike Duo Targets Power Generator Network. New variant of SystemBC malware discovered in cyber-attack. Attack involved DroxiDat alongside Cobalt Strike beacons. Potential ransomware threat. Russian-speaking RaaS group involved. #cyberattack #malware #ransomware #cybersecurity
https://www.infosecurity-magazine.com/news/droxidat-cobalt-strike-targets/
Multiple vulnerabilities found in Avada WordPress Theme and Plugin expose WordPress websites to potential breaches. Vulnerabilities include Authenticated SQL Injection, Reflected Cross-Site Scripting, Arbitrary File Upload, and Server-Side Request Forgery. Patched versions have been released to address these vulnerabilities. Update Avada Builder plugin to version 3.11.2 and Avada theme to version 7.11.2 for website security. #WordPress #Avada #vulnerabilities #security-Flaws
https://www.infosecurity-magazine.com/news/flaws-wordpress-avada-theme-plugin/
StormWall DDoS Protection has improved its client portal to enhance real-time monitoring of DDoS security. The revamped portal includes sections such as analytics, protected objects, WebSocket, DNS, SSL, cache, protection, advanced settings, attack history, and blocked IPs. The portal offers tools like protection mode, JavaScript checks, CAPTCHA methods, proactive protection, geofiltering, and more. StormWall specialists are available for configuration assistance. The portal also provides comprehensive analysis of attacks, including attack history, blocked IPs, protected domains, requests, and response times. StormWall specializes in DDoS protection, with a network spanning major data centers and a dedicated security team. The portal brings complex security configurations to everyone and enables users to understand threats and adjust defenses accordingly. The update reaffirms StormWall's commitment to delivering reliable, user-centric DDoS protection. #StormWall #DDoS #security #cybersecurity
Gafgyt malware is attacking Zyxel router command injection flaw. #GafgytMalware #InjectionFlaw #ZyxelRouter
https://cybersecuritynews.com/gafgyt-malware-attacking-zyxel-router/
Foreign embassies in Belarus targeted by cyberespionage group
MoustachedBouncer group likely operating on behalf of Belarusian government
Threat actor using adversary-in-the-middle (AitM) techniques via ISPs
Malware named NightClub, Disco, and SharpDisco used by cyberspies
Belarusian ISPs Unitary Enterprise A1 and Beltelecom possibly involved
MoustachedBouncer group collaborating with Russia-linked group Winter Vivern
Belarusian state-sponsored threat actors using lawful surveillance system SORM
End-to-end encrypted VPN tunnels recommended for organizations in targeted countries
India has passed data protection legislation in Parliament, raising concerns about privacy violation. The legislation aims to regulate big tech firms and penalize companies for data breaches. Critics fear that it could allow the government to access user and personal data without consent, weaken the Right To Information law, and increase censorship. The law limits cross-border data transfer and establishes a data protection authority. #India #DataProtection #PrivacyViolation
Research from Glasgow University has identified 15 ways to reduce the risk of thermal attacks on login security. Thermal attacks use thermal imaging cameras to guess a user's PIN or password. The research found that two-thirds of passwords up to 16 characters could be cracked using this method. The recommendations to mitigate thermal attack risks include wearing gloves, changing hand temperature, pressing hands against surfaces, and using biometric security. It is advised to pay attention to surroundings when entering sensitive data in public and to use multi-factor authentication.
#ThermalAttacks #LoginSecurity #ThermalImaging #RiskMitigation #BiometricSecurity
https://www.infosecurity-magazine.com/news/researchers-tackle-thermal-attacks/
Summary: Security researchers have discovered a new backdoor, named "Whirlpool," that was used in attacks on users of Barracuda ESG appliances. The backdoor establishes a TLS reverse shell to a command-and-control server. This comes after a previous update revealed another backdoor called "Submarine" used in the same campaign. The attacks exploited a zero-day vulnerability and the threat actor is believed to be a Chinese APT group. Barracuda Networks has urged users to replace their Email Security Gateway appliances.
Hashtags: #CISA #WhirlpoolBackdoor #BarracudaESG #Cybersecurity #Malware #TLSReverseShell
https://www.infosecurity-magazine.com/news/whirlpool-backdoor-barracuda-esg/
1. UK Government criticized for spreading misinformation about the Online Safety Bill.
2. Proposed legislation would require private messaging companies to scan user content for child abuse material.
3. Encryption experts argue that technology does not exist to enable both encryption and access to this information.
4. Experts dismiss the government's expectation for tech companies to invest in this technology.
5. Client-side scanning criticized for high false positive rate in detecting child abuse material.
6. Encryption undermined by the Online Safety Bill, potentially causing platforms like WhatsApp and Signal to leave the UK.
7. Privacy experts argue that user privacy cannot be protected while scanning messages.
8. Client-side scanning seen as ineffective due to the high false positive rate.
9. Encryption experts warn against implementing mass surveillance in tech products.
10. The government urged to consider the limitations of encryption and client-side scanning in protecting user privacy.
#UKGovernment #OnlineSafetyBill #Encryption #TechCompanies #UserPrivacy #ChildAbuseMaterial #FalsePositive
https://www.infosecurity-magazine.com/news/uk-government-slammed-encryption/
Summary:
- Microsoft .NET and Visual Studio have a flaw that allows for a Denial of Service (DoS) attack.
- The vulnerability can be exploited by threat actors.
- Microsoft has released patches to fix the vulnerability.
- RedHat and Tenable have also released patches.
- The exploitability vector is low, but it affects the availability of Microsoft products.
- Ubuntu plugins are available to find the vulnerability.
- The CVE score for this vulnerability is 7.5 (High).
- Affected products include Microsoft Visual Studio 2022 and .NET 6.0.
- Patches have been released for the affected products.
- Users are recommended to upgrade to the latest versions.
- Follow Cyber Security News for the latest updates.
Hashtags:
#Microsoft #NET #VisualStudio #Flaw #DenialofService #Vulnerability #RedHat #Ubuntu #CVE #CyberSecurityNews
https://cybersecuritynews.com/microsoft-visual-studio-flaw-denial-of-service-attack/
New account takeover campaign targets over 100 corporations' top executives #CyberSecurity #Phishing #EvilProxy #MFA #DataBreach #CloudSecurity #AdvancedThreats
https://cybersecuritynews.com/campaign-targets-corporations-top-executives/
Sweet Security has launched a new runtime security tool called Sweet, which uses eBPF technology to scan and respond to ongoing attacks in cloud workloads. #SweetSecurity #runtimesecuritytool #cloudworkloads #cybersecurity
The platform deploys sensors in the runtime environment to provide CISOs and security teams with cloud-native cluster visibility. #runtimeenvironment #cloudnative #clustervisibility
Sweet deploys runtime sensors that screen application data and business logic to profile workload behavior anomalies and detect attacks. #runtimesensors #workloadbehavior #anomalies #attacks
The platform will be offered as a tiered subscription, with the price depending on the selected features. #tieredsubscription #pricedependent #selectedfeatures
Sweet's sensors use eBPF technology, allowing them to have visibility to the kernel level of each computer without the need for installation on the host. #sensors #eBPFtechnology #kernellevelvisibility
The platform has received $12 million in seed funding from investment funds and angel investors. #seedfunding #investmentfunds #angelinvestors
Google Cloud has launched Chronicle CyberShield to help government agencies tackle cyber threats. The solution enables governments to build cybersecurity skills and capabilities and facilitate knowledge sharing and collaboration. #GoogleCloud #ChronicleCyberShield #Cybersecurity #GovernmentAgencies
Google Cloud's Chronicle CyberShield integrates threat intelligence, detection, and response to increase security at a national level for government agencies. It establishes a modern government SOC and enables governments to leverage cyber threat intelligence to identify suspicious indicators and known vulnerabilities. #ThreatIntelligence #SecurityOperationsCenter #GovernmentSecurity
Chronicle CyberShield allows governments to build a coordinated monitoring capability with Chronicle SIEM, simplifying threat detection and investigation with the intelligence and scale of Google. Attack patterns and correlated threat activity across multiple entities can be investigated and analyzed. #SIEM #ThreatDetection #Cybersecurity
Automated playbooks in Chronicle SOAR address root causes and reduce the impact of threats and cyberattacks. Integration with third-party solutions enriches data with threat intelligence and additional context for faster insights. #SOAR #CybersecurityAutomation #ThreatResponse
Chronicle CyberShield provides incident management and response support from Mandiant during major cyberattacks. It also includes red teaming and penetration testing services to identify and mitigate security gaps and vulnerabilities. #IncidentResponse #CybersecuritySupport
In addition to monitoring and responding to threats, Chronicle CyberShield helps protect web applications from large-scale cyberattacks. Digital Security components integrate with existing solutions, providing anti-DDoS, anti-bot, web application firewall (WAF), and API protection. #WebApplicationSecurity #DDoSProtection #Cybersecurity
Microsoft Patch Tuesday: 74 CVEs fixed, including two "Exploit Detected" advisories. The first advisory relates to security improvements in Office for the Mark of the Web system. The second advisory is for the Memory Integrity System Readiness Scan Tool. Other noteworthy fixes include vulnerabilities in Microsoft Exchange Server and Teams. Patch early, patch often, and beware of rogue meeting invitations. #Microsoft #PatchTuesday #ExploitDetected #Office #MarkoftheWeb #MemoryIntegrity #MicrosoftExchangeServer #MicrosoftTeams
Symmetry Systems raises $17.7M for Data Security Posture Management platform. #Cybersecurity #DataSecurity #Funding
Summary:
- Managing and securing distributed cloud environments is complex and challenging.
- There are solutions available to help address the challenges of distributed cloud environments.
- These solutions can help find efficiencies, manage complex application infrastructure, handle overly-distributed clouds, improve asset management, ensure consistent security, and maintain consistent controls.
- Working with trusted partners can help enterprises effectively manage and secure their distributed cloud environments.
- Cybersecurity news, webcasts, virtual events, and the ICS Cybersecurity Conference are relevant resources.
- Hashtags: #CloudSecurity #DistributedCloud #Cybersecurity #AssetManagement #ConsistentSecurity #Controls
Note: Please specify the number of sentences and hashtags you would like, as they were not provided in the initial request.
https://www.securityweek.com/managing-and-securing-distributed-cloud-environments/
Check Point Software will acquire Perimeter 81 for $490 million, a significant discount from its previous valuation of $1 billion. Perimeter 81 offers cloud-delivered Zero Trust Network Access and other cybersecurity solutions. The acquisition will enhance Check Point Infinity's capabilities and provide a unified security solution across networks, the cloud, and remote users. Hashtags: #Cybersecurity #MergersAndAcquisitions #ZeroTrustNetworkAccess
https://www.securityweek.com/check-point-to-acquire-sase-security-firm-perimeter-81-for-490-million/
#BHUSA: Only 22% of Firms Have Mature Threat Intelligence Programs
- Only 22% of organizations have achieved a fully matured threat intelligence program, according to a report by OPSWAT.
- The report highlights the need for further investments in advanced tools and refined processes.
- Challenges include difficulty in detecting known and unknown malware, limited effectiveness of signature-based solutions, and dealing with a fragmented array of security tools.
- Only 11% of respondents have integrated AI into their threat detection strategies, but 56% express optimism about its potential.
- Phishing URLs and emails are identified as primary concerns, with emphasis on advanced security measures like CDR, sandboxing, and link reputation checks.
#BHUSA #threatintelligence #cybersecurity #malwaredetection #AI #phishing
https://www.infosecurity-magazine.com/news/bhusa-threat-intelligence-programs/
APT31, also known as Judgment Panda and Zirconium, has been connected to recent industrial attacks in eastern Europe. Kaspersky Threat Intelligence's latest research reveals previously unknown aspects of APT31's strategies, including their use of popular cloud-based services to exfiltrate stolen data and their calculated techniques to mask their actions. The investigation identified over 15 unique implant variants, categorized based on their functions. To defend against these threats, Kaspersky recommends regular security assessments, vulnerability assessments, and prompt updates for OT network components. #APT31 #cybersecurity #industrialattacks
https://www.infosecurity-magazine.com/news/apt31-linked-attacks-eastern-europe/
Governor Kathy Hochul introduces New York's first-ever statewide cybersecurity strategy with a $600m commitment. The strategy aims to enhance New York's resilience against cyber threats and protect critical infrastructure, data, networks, and technology systems. It focuses on unification, resilience, and preparedness. The commitment includes centralizing cybersecurity, strengthening local governments' cybersecurity, investing in healthcare information technology cybersecurity infrastructure, and expanding the New York State Police's cyber units. The strategy is praised for its affirmative vision and alignment with national cybersecurity principles.
#NewYork #Cybersecurity #GovernorHochul #Resilience #CriticalInfrastructure #DataProtection #TechnologySystems #CyberAdversaries #PublicPrivateCollaboration #CyberEducation #WorkforceDevelopment #ITModernization
https://www.infosecurity-magazine.com/news/new-york-first-cybersecurity/