Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

by Paul Ducklin Last week, Progress Software Corporation, which sells software and services for user interface development, devops, file management and more, alerted customers of its MOVEit Transfer and related MOVEit Cloud products about a critical vulnerability dubbed CVE-2023-34362. As the name suggests, MOVEit Transfer is a system that makes it easy to store and
A critical security threat has been discovered in the MOVEit Transfer file transfer software that would enable attackers to steal data from organizations. The zero-day vulnerability, which was uncovered by Progress last week, is an SQL injection weakness found in the managed file transfer (MFT) product.  This flaw (CVE-2023-34362) can grant escalated privileges and unauthorized
US and South Korean security agencies have issued a joint warning regarding North Korea’s use of social engineering tactics in cyber-attacks. The document was published on Thursday by the Federal Bureau of Investigation (FBI), the US Department of State, the National Security Agency (NSA), the Republic of Korea’s National Intelligence Service (NIS), the National Police
Enzo Biochem, a biotechnology company renowned for producing and distributing DNA-based tests designed to identify viral and bacterial diseases, has recently confirmed in a filing with the Securities and Exchange Commission (SEC) that it fell victim to a ransomware attack.  The malicious cyber assault has exposed the confidential information of 2.47 million patients, including names,
by Paul Ducklin IT’S HARDER THAN YOU THINK No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of
Security researchers at ReversingLabs have discovered a novel attack that used compiled Python code to evade detection.  According to ReversingLabs reverse engineer Karlo Zanki, this could be the first instance of a supply chain attack capitalizing on the direct execution capability of Python byte code (PYC) files. The method introduces another supply chain vulnerability for
Cybersecurity firm Eclypsium has uncovered a potential backdoor in Gigabyte systems, raising concerns about the security of the technology supply chain. Writing in a blog post on Wednesday, the company explained it used its automated heuristics to detect suspicious behavior within Gigabyte systems. Further analysis revealed that firmware in these systems was dropping and executing
Danni Brooke, former Met police officer and star of Channel 4’s Hunted, has been confirmed as the keynote speaker at this year’s Women in Cybersecurity event at Infosecurity Europe, the most influential information security event running from 20-22 June 2023 at ExCeL London. Dubbed the ‘Undercover Mother’, Danni is a leading intelligence figure, formerly working as a
Ransomware gangs are using a variety of business-like practices to boost profits, making it more difficult for defenders to differentiate various groups, a new report by WithSecure has surmised.   This move towards mirroring legitimate businesses practices means that tactics, techniques and procedures (TTPs) are blurring, Stephen Robinson, senior threat intelligence analyst at WithSecure said
Perception Point has observed a 356% growth in the number of advanced phishing attacks attempted by threat actors in 2022. According to the company’s 2023 Annual Report: Cybersecurity Trends & Insights report, the total number of attacks increased by 87%. Among the reasons behind this growth is the fact that malicious actors continue to gain widespread
New Russian-linked malware designed to take down electricity networks has been identified by Mandiant threat researchers, who have urged energy firms to take action to mitigate this “immediate threat.” The specialized operational technology (OT) malware, dubbed COSMICENERGY, has similarities to malware used in previous attacks targeting electricity grids, including the ‘Industroyer’ incident that took down
Small and medium-sized businesses (SMBs) are increasingly being targeted by advanced persistent threat (APT) actors globally, Proofpoint has found. In a new report published on May 24, 2023, the Proofpoint research team saw that state-aligned threat actors from Russia, Iran and North Korea were specifically targeting SMBs across the world in in phishing attacks conducted
Washington has sanctioned four entities and one individual involved in obfuscated revenue generation and malicious cyber activities that support the North Korean government, the US Treasury announced on May 23, 2023. Three entities, the Pyongyang University of Automation, the Technical Reconnaissance Bureau and its subordinate cyber unit, the 110th Research Center, have been sanctioned because
by Paul Ducklin Public source code repositories, from Sourceforge to GitHub, from the Linux Kernel Archives to ReactOS.org, from PHP Packagist to the Python Package Index, better known as PyPI, are a fantastic source (sorry!) of free operating systems, applications, programming libraries, and developers’ toolkits that have done computer science and software engineering a world
In the digital world, what’s useful today can become harmful tomorrow. Unfortunately, this is precisely what happened with iRecorder – Screen Recorder. This screen-recording Android application with over 50,000 installs was launched in September 2021 as a legitimate app. However, the app now contains a new Android remote access Trojan (RAT) based on AhMyth. This
Facebook’s owner Meta has been fined €1.2bn ($1.3m) by EU regulators for violating the General Data Protection Regulation (GDPR), the Irish Data Protection Commission (DPC) announced on May 22, 2023. The Irish watchdog claimed that Meta’s transfers of personal data to the US on the basis of standard contractual clauses (SCCs) since 16 July 2020
A vulnerability has been discovered in the KeePass password management software (v2.X), allowing an attacker to dump the master password from the program’s memory. The vulnerability (CVE-2023-32784) was discovered by security researcher Dominik Reichl and is expected to be resolved in the upcoming release of KeePass 2.54 in early June 2023. Reichl described the flaw
Microsoft has released a new report warning companies about the alarming surge in business email compromise (BEC) attacks and the evolving tactics employed by cyber-criminals.  The Cyber Signals report, titled “The Confidence Game,” provides a comprehensive analysis of the threat landscape from April 2022 to April 2023, suggesting the company’s systems currently detect and investigate an
Security experts are warning of surging threat actor interest in voice cloning-as-a-service (VCaaS) offerings on the dark web, designed to streamline deepfake-based fraud. Recorded Future’s latest report, I Have No Mouth and I Must Do Crime, is based on threat intelligence analysis of chatter on the cybercrime underground. Deepfake audio technology can mimic the voice