September 2023 - Page 3 of 4 - Cyber Security Minute

How Attackers Get In: Unpatched Vulnerabilities and Compromised Credentials

Issued by: CSO Online

How are bad actors getting access to organizations? In many cases, they simply log in. Sophos research finds that one of the most common root cause of attacks is compromised credentials. In fact, 30% of respondents to its 2023 Active Adversary Report for Business Leaders said criminals have used these credentials to log on and…

Malware & Threats

Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors

Issued by: The Hacker News

Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name Peach Sandstorm (formerly Holmium), said the adversary pursued organizations in the satellite, defense, and pharmaceutical sectors to likely facilitate intelligence…

Vulnerabilities

How the U.S. Government Views the Bright, Dark Sides of AI

Issued by: DataBreach Today

The U.S. government is testing how artificial intelligence might enhance operations while preparing for the technology’s downside, such as more dangerous hacking attempts from nation-state adversaries, a congressional panel heard Thursday. “The cybersecurity element is a great example of the bright and the dark side of AI technology,” said Arati Prabhakar, director of the White…

Network Security

Rail Cybersecurity Is a Complex Environment

Issued by: Dark Reading

Rail remains one of the most popular modes of transportation. In a typical year, US freight railroads move around 1.6 billion tons across nearly 140,000 miles of track. US citizens traveled more than 12.5 billion kilometers by rail in 2021. Thousands of railways — from national and regional networks to intra-city light rails — have…

Network Security

Federal Mandates on Medical-Device Cybersecurity Get Serious

Issued by: Dark Reading

For six months, medical device makers have had to comply with new cybersecurity regulations aimed at hardening medical devices against cyber attacks, but the US Food and Drug Administration has largely refrained from using its “refuse to accept” power up to now. On Oct. 1, the FDA’s grace period — during which the agency stated…

Malware & Threats

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits

Issued by: SecurityWeek

As part of its scheduled batch of Patch Tuesday security fixes, Redmond’s security response team flagged the two zero-days — CVE-2023-36761 and CVE-2023-36802 — in the “exploitation detected” category and urged Windows sysadmins to urgently apply available fixes. The most serious of the two bugs is described as a privilege escalation flaw in Microsoft Streaming…

Application Security

Google Fixes Chrome Zero-Day Exploited in the Wild

Issued by: DataBreach Today

Google released a fix on Monday for a Chrome zero-day. Like the three before it, this fourth Chrome zero-day vulnerability found in 2023 allows an attacker to remotely target a vulnerable version of the browser. An attacker could exploit the vulnerability to execute arbitrary code, mishandle the data in the browser’s memory and eventually crash…

Malware & Threats

Ransomware: It Takes A Village, Says NCSC

Issued by: DataBreach Today

Stopping the ransomware epidemic is less about tackling individual crypto-locking malware variants and more about combating the entire ecosystem of bad actors underpinning digital extortion, the British government said Monday. Behind any infection from name-brand ransomware such as LockBit or BlackCat lies a loose network of affiliates, initial access brokers and other actors, warned the…

Mobile Security

‘Evil Telegram’ Spyware Campaign Infects 60K+ Mobile Users

Issued by: Dark Reading

Dangerous spyware masquerading as a set of legitimate Telegram “mods” inside the official Google Play app store has been downloaded tens of thousands of times — and its existence poses serious ramifications for business users. Modified applications (“mods”) for the popular messaging client are a well-known part of the Telegram ecosystem. Mods are apps that…

Malware & Threats

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

Issued by: Security Affairs

Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) is actively exploited by ransomware groups to gain initial access to corporate networks. An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations…