Month: November 2022

0 Comments
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in T2 2022 Today ESET Research publishes the very first ESET APT Activity Report, which summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from May until the end of
0 Comments
Entities located in East and Southeast Asia as well as Ukraine have been targeted at least since 2020 by a previously undocumented subgroup of APT41, a prolific Chinese advanced persistent threat (APT). Cybersecurity firm Trend Micro, which christened the espionage crew Earth Longzhi, said the actor’s long-running campaign can be split into two based on
0 Comments
Several of Twitter’s C-level security and privacy executives have resigned following the chaos that ensued from the Elon Musk acquisition of the social media platform. “I’ve made the hard decision to leave Twitter,” said the company’s now-former chief information security officer Lea Kissner in a tweet on Thursday. “I’ve had the opportunity to work with
0 Comments
When you are trying to get another layer of cyber protection that would not require a lot of resources, you are most likely choosing between a VPN service & a DNS Security solution. Let’s discuss both. VPN Explained VPN stands for Virtual Private Networks and basically hides your IP and provides an encrypted server by
0 Comments
by Paul Ducklin Remember those Exchange zero-days that emerged in a blaze of publicity back in September 2022? Those flaws, and attacks based on them, were wittily but misleadingly dubbed ProxyNotShell because the vulnerabilities involved were reminiscent of the ProxyShell security flaw in Exchange that hit the news in August 2021. Fortunately, unlike ProxyShell, the
0 Comments
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new guide on Stakeholder-Specific Vulnerability Categorization (SSVC). This vulnerability management methodology is designed to assess vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts on safety and prevalence of the affected product in a singular system. SSVC was first created by CISA in collaboration
0 Comments
Two long-running surveillance campaigns have been found targeting the Uyghur community in China and elsewhere with Android spyware tools designed to harvest sensitive information and track their whereabouts. This encompasses a previously undocumented malware strain called BadBazaar and updated variants of an espionage artifact dubbed MOONSHINE by researchers from the University of Toronto’s Citizen Lab
0 Comments
Three vulnerabilities have been discovered in the UEFI firmware of several Lenovo notebooks. Tracked CVE-2022-3430, CVE-2022-3431 and CVE-2022-3432, the flaws have been found by security researchers at ESET and affect various Lenovo Yoga, IdeaPad and ThinkBook devices. The first of the vulnerabilities is a flaw in the WMI Setup driver, which may allow an attacker with elevated privileges to modify
0 Comments
Cybersecurity researchers are warning of “massive phishing campaigns” that distribute five different malware targeting banking users in India. “The bank customers targeted include account subscribers of seven banks, including some of the most well-known banks located in the country and potentially affecting millions of customers,” Trend Micro said in a report published this week. Some
0 Comments
A path-traversal vulnerability has been discovered in ABB Totalflow flow computers and controllers that could lead to code injection and arbitrary code execution (ACE). The high-risk vulnerability (tracked CVE-2022-0902) has a CVSS v3 of 8.1 and affected several ABB G5 products. It has been discovered by security experts at Team82, Claroty’s research arm. “Attackers can exploit this
0 Comments
The Russia-linked APT29 nation-state actor has been found leveraging a “lesser-known” Windows feature called Credential Roaming as part of its attack against an unnamed European diplomatic entity. “The diplomatic-centric targeting is consistent with Russian strategic priorities as well as historic APT29 targeting,” Mandiant researcher Thibault Van Geluwe de Berlaere said in a technical write-up. APT29,
0 Comments
There’s no doubt that cyber bullying ranks towards the top of most parents ‘worry list’. As a mum of 4, I can tell you it always came in my top five, usually alongside driving, drugs, cigarettes and alcohol! But when McAfee research in May revealed that Aussie kids experience the 2nd highest rate of cyberbullying
0 Comments
Australia’s largest health insurer Medibank has announced it will not pay a ransom to the threat actors behind the October data breach affecting 9.7 million customers. Writing on LinkedIn over the weekend, Medibank CEO David Koczkar said that, based on the advice the company has received from cybercrime experts, they believe that there is only a