Microsoft Adding New Security Features to Windows 11
Windows 11 feature updates are released in the second half of each calendar year. The latest update, 23H2, is being gradually rolled out to users, with Microsoft expecting the new features to reach all devices by the release of the November 2023 security updates. However, customers with eligible devices running Windows 11 version 22H2 can…
A phishing campaign targets Ukrainian military entities with drone manual lures
Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. The campaign, codenamed STARK#VORTEX by Securonix, targets Ukrainian military entities and CERT-UA attributed it to a threat actor tracked as UAC-0154. The MerlinAgent is an open-source C2 toolkit written in Go, it…
Cyber Hygiene: A First Line of Defense Against Evolving Cyberattacks
Basic security hygiene is more impactful than you may realize. While industry headlines are often dominated by emerging tech and the latest software or hardware solutions, base-level security hygiene still protects against 98% of attacks. This includes measures such as applying zero-trust principles or keeping systems up to date with the latest security patches. However,…
ASPM Is Good, But It’s Not a Cure-All for App Security
Application security posture management (ASPM) is a method of managing and improving the security of software applications. It encompasses the processes, tools, and practices designed to identify, classify, and mitigate security vulnerabilities across an application’s life cycle. It includes scanning for vulnerabilities, tracking identified vulnerabilities, managing patch processes, and implementing continuous monitoring and improvement procedures….
Canada Confirms DDoS Attack Disrupted Airport Arrival Kiosks
A recent, brief disruption at Canadian airports is a reminder that Russia-aligned hacking groups’ bark remains worse than their bite. The problems began Sunday afternoon at multiple airports including Montreal-Trudeau International Airport, which reported that there had been “a national system failure of the automated kiosks” that was “causing a slowdown at border control.” As…
Forecasts of SIEM Death Premature – Just Ask Cisco, Splunk
It turns out SIEM isn’t on life support after all. Cisco is providing 28 billion reasons to believe enterprises aren’t scrapping the security operations center staple anytime soon. Rivals with other types of security technology have attempted to write SIEM’s obituary for years. In December 2022, Palo Alto Networks CEO Nikesh Arora said, “I feel…
Fake WinRAR PoC Exploit Conceals VenomRAT Malware
In a new twist on the cybercrime penchant for trojanizing things, a threat actor recently pounced upon a “hot” vulnerability disclosure to create a fake proof of concept (PoC) exploit that concealed the VenomRAT malware. According to research from Palo Alto Networks, the cyberattacker, who goes by “whalersplonk,” took advantage of a very real remote…
FBI, CISA Issue Joint Warning on ‘Snatch’ Ransomware-as-a-Service
Cybersecurity advisories from the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) are usually a good indication that a particular threat merits priority attention from organizations in the crosshairs. That would appear to be the case with “Snatch,” a ransomware-as-a-service (RaaS) operation that has been active since at least 2018 and is the…
Trend Micro Patches Zero-Day Endpoint Vulnerability
Trend Micro has released an advisory covering a critical zero-day flaw — tracked as CVE-2023-41179 — that affects Apex One, Apex One SaaS, and Worry-Free Business Security. The vulnerability can be exploited for arbitrary code execution, and it revolves around the “products’ ability to uninstall third-party security software.” The advisory, written in Japanese, details how…
UK Minister Warns Meta Over End-to-End Encryption
Britain’s interior minister on Wednesday warned tech giant Meta that rolling out end-to-end encryption on its platforms must “not to come at a cost to our children’s safety”. Suella Braverman and security minister Tom Tugendhat have called on the company, which owns Facebook, Instagram and WhatsApp, to “work with us” and ensure police can access…
