Attacks, Threats, and Vulnerabilities
New PowerShortShell Stealer Exploits Recent Microsoft MSHTML Vulnerability to Spy on Farsi Speakers (Safebreach) SafeBreach Labs discovered a new Iranian threat actor using a Microsoft MSHTML Remote Code Execution (RCE) exploit for infecting Farsi-speaking victims with a new PowerShell stealer.
The BABADEDA Crypter - an Emerging Crypter targeting the Crypto, NFT, and DeFi communities (Morphisec) Morphisec Labs encountered a new malware called Babadeda targeting cryptocurrency enthusiasts through Discord. We reveal how it can be stopped.
RATDispenser: Stealthy JavaScript Loader Dispensing RATs into the Wild (HP Wolf Security) With a 11% detection rate, RATDispenser appears to be effective at evading security controls and delivering malware.
New JavaScript malware works as a "RAT dispenser" (The Record by Recorded Future) Cybersecurity experts from HP said they discovered a new strain of JavaScript malware that criminals are using as a way to infect systems and then deploy much dangerous remote access trojans (RATs).
PoC Exploit Published for Latest Microsoft Exchange Zero-Day (SecurityWeek) Proof-of-concept exploit code released for code execution flaw affecting on-prem Exchange 2016 and 2019 installations.
Exchange Server admins advised to patch vulnerable machines after POC exploit released for high-severity bug (Computing) Microsoft has described the flaw as having a high impact on data integrity, confidentiality and availability
New Security Shock For Millions Of Windows 10, 11 And Server Users (Forbes) A failed November Patch Tuesday fix could leave millions of Windows 10, Windows 11 and Windows Server users at risk of system takeover.
New Windows zero-day with public exploit lets you become an admin (BleepingComputer) A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges in Windows 10, Windows 11, and Windows Server.
Serious Vulnerability Found in Imunify360 Web Server Security Product (SecurityWeek) A vulnerability in the Imunify360 security suite for web servers can be exploited for remote code execution using specially crafted files.
Recent Data Breach at Twitch Exposes Danger for All Businesses (JD Supra) This fall has been a busy season for privacy professionals. From public education institutions and hospitals, to online broadcast and streaming...
Hackers bombard police, fire, emergency with cyber attacks, new Tasmanian report reveals (ABC) An internal report from Tasmania's Department of Police, Fire and Emergency Management has warned the agency is vulnerable to attack from cyber criminals without extra resourcing.
Report: Digital Marketing Agency Exposed 92 Million Records Online Including Employee and Client Data. (Website Planet) Security Researcher Jeremiah Fowler in cooperation with the WebsitePlanet research team discovered a non-password protected database that contained
FBI warns of phishing targeting high-profile brands' customers (BleepingComputer) The Federal Bureau of Investigation (FBI) warned today of recently detected spear-phishing email campaigns targeting customers of "brand-name companies" in attacks known as brand phishing.
Smishing kicks into high gear as scammers use package delivery texts as clickbait (TechRepublic) Proofpoint finds that bad actors are using SMS messages about package deliveries as the bait in new scams.
Holiday Shopping-Themed Mobile Attacks Increase Dramatically (Proofpoint) Proofpoint researchers have identified a massive global increase in holiday-themed mobile/text (SMS) phishing (smishing), almost double from this same time last year. Over two-thirds of all SMS messages sent worldwide are related in some form to an order delivery or consumer retail brand. With Black Friday and the holiday shopping season fast approaching, mobile users must remain vigilant as they are inundated with SMS messages promising everything from package/gift deliveries, to special retail offers, to alerts of delivery exceptions.
Cybersecurity experts urge caution as phishing attacks surge (Security Brief) Phishing was one of the highest incident categories from October to December last year.
Phishing emails double in November as COVID-19 spurs hacker appetite (Security Brief) Coronavirus is responsible for the increase in hacker appetite, as shoppers rely more on e-shopping this year to practice social distancing.
Please don’t buy this! 3 gift card scams to watch out for this Black Friday (Malwarebytes Labs) With the holiday season around the corner, and Black Friday at the end of the week, we thought it was a good time to look at the dangers that come with gift cards. Gift cards can be a an easy win in cases where you don’t know the receiver well enough to decide on a...
Holiday Scams Drive SMS Phishing Attacks (Dark Reading) Attackers typically target consumers with malicious text messages containing obfuscated links, but experts say businesses are threatened as well.
For some recipe apps, your personal data is gravy (Washington Post) Like a Thanksgiving turkey, popular recipe apps are stuffed — with creepy tracking technology.
Threat actors find and compromise exposed services in 24 hours (BleepingComputer) Researchers set up 320 honeypots to see how quickly threat actors would target exposed cloud services and report that 80% of them were compromised in under 24 hours.
Observing Attacks Against Hundreds of Exposed Services in Public Clouds (Unit42) Insecurely exposed services are common misconfigurations in cloud environments. We used a honeypot infrastructure to learn about attacks against them.
Tesla server outage left some drivers unable to unlock their cars (Computing) Musk has promised to take measures to ensure 'this doesn't happen again'
Security Patches, Mitigations, and Software Updates
Microsoft silently enables ‘Super Duper Secure Mode’ for Edge (The Record by Recorded Future) Microsoft last week secretly added a security feature in its Edge web browser that allows users to sacrifice the browser's performance for improved security.
Trends
Cyber 5: Return of the Bots (PerimeterX) PerimeterX commissioned a survey to gauge how shopping bots impact consumer behavior. Check out the results!
Chinese Threats in the Quantum Era (Booz Allen Hamilton) China is a major player in quantum computing. Here’s what CISOs need to know in order to manage related cyber risks.
Around 8 in 10 of remote workers are not familiar with the sophisticated cybersecurity threats including SIM jacking, reveals a new report (Digital Information World) A recent report by Unisys asserts that 61 percent of remote workers believe themselves accountable for sustaining digital safety.
'The game has changed': VMware exec says defense industry faces destructive cyberattacks, belligerent foes (Breaking Defense) VMware's Tom Kellerman linked an increased aggressiveness in attacks to geopolitical tensions with Russia and Belarus.
The Global CTO Survey 2021 Report (STXnext) Over 500 CTOs shared their management and technology decisions in the Global CTO Survey 2021. Read our detailed report to check your plans against theirs.
Annual Review 2021 (NCSC) Making the UK the safest place to live and work online
Cyber security needs to become a priority for UK manufacturers (The Manufacturer) Over the past 12 months alone, UK manufacturers have had to cope with an average of 30 cyber attacks - and this number is only set to rise.
Cybersec’s Messy Messaging (Javvad Malik) I saw an article on The Register today entitled, Crypto for cryptographers! Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees. TL;DR the argument is whether or no…
Marketplace
Low Code/No Code App Security Firm Zenity Emerges From Stealth (SecurityWeek) Low-code/no-code application security provider Zenity today announced that it has emerged from stealth mode with $5 million in seed funding.
Cyber Insurance Firm Resilience Raises $80 Million (SecurityWeek) Cyber insurance and security solutions provider Resilience has raised $80 million in a Series C funding round.
BlueHalo Announces Acquisition of Asymmetrik, Cementing Leadership Position in Cyber and SIGINT (PR Newswire) BlueHalo, a leading provider to the national security community of critical capabilities and technologies across Space Superiority, Space...
Retail giant Schwarz Group snaps up Israeli cyber security startup XM Cyber (Channel Pro) The startup will help support a planned expansion of the group's digital business
Why an emerging cloud security trend offers ‘good news’ to businesses (VentureBeat) In cloud security, tools such as CWPP and CSPM are coming together into a unified platform for cloud-native app protection, known as CNAPP.
Cybereason CEO on IPO and the "fall of Microsoft" (Verdict) The CEO of Cybereason has said an IPO is “the next step” for the US cybersecurity company but is unlikely to happen within the next six months.
Security vendor Mandiant launches Australian cloud delivery location (CRN Australia) Launching alongside new locations in Bahrain, Ireland and Singapore.
vArmour opens software development unit in Lithuania (Telecompaper) The US-based company vArour, focusing on cloud security issues, plans to open its software development unit in Lithuania, according to a statement from the agency Invest Lithuania. The company will become the main headquarters of the company in Europe.
Products, Services, and Solutions
Exclusive Networks Signs Global Deal with Infinipoint to Extend Zero-Trust Security to Device Identity (PR Newswire) Exclusive Networks, a global trusted cybersecurity specialist for digital infrastructure, today announced its worldwide distribution agreement...
BioCatch Unveils New Mule Account Detection Tool (FindBiometrics) BioCatch has released a new Mule Account Detection tool that was built specifically to help financial institutions identify mule activity
ArcusTeam Partners with Lansweeper to Deliver Accurate Data for Proactive Threat Analysis (ArcusTeam) With access to Lansweeper data, ArcusTeam’s DeviceTotal provides 100% risk accuracy and attack vector visibility for every device and site across an organization
Technologies, Techniques, and Standards
Better Cyber Hygiene Helps, but Federal Security Needs SASE Lift (MeriTalk) The recent Binding Operational Directive issued through the Cybersecurity and Infrastructure Security Agency (CISA) requiring Federal agencies to immediately patch hundreds of cybersecurity vulnerabilities affirms the Biden administration’s prioritization on securing Federal government networks and reinforces that improved cyber hygiene is critical to protect against malicious adversaries seeking to infiltrate government systems and compromise data.
How to defend your website against card skimmers (Malwarebytes Labs) With Black Friday just around the corner, retail websites can expect a lot of interest from cybercriminals with card skimmers.
Networks as 'center of gravity': Project Convergence highlights military's new battle with bandwidth (Breaking Defense) In desert experiments, Army races to develop tactics for transferring data — and realizes high-def video can create potentially fatal data bottlenecks.
Design and Innovation
Defense Innovation Unit publishes ethical AI guidelines (C4ISRNet) The Defense Innovation Unit now has its own guidelines for implementing the Pentagon's principles of ethical artificial intelligence use.
How Eye Movement Could Unlock New Levels of Computer Security (Colby News) Using artificial intelligence, professor and student work to improve accuracy of promising technology
Academia
BCPS ransomware price tag nears $10 million
(WYPR) Superintendent Williams to update school board Tuesday night on cyberattack.
Legislation, Policy, and Regulation
EU Lawmakers Pass Strict New Rules Affecting Big U.S. Tech (Bloomberg) Competing messaging apps may have to be interoperable. Companies would have to stop targeting some ads to minors.
A Canadian ban on Huawei 5G may come with whimper, not a bang (South China Morning Post) A ban is expected soon now that China has freed the ‘two Michaels’, but experts doubt serious retaliation from Beijing or a big impact on consumers.
Make Russia Take Responsibility for Its Cybercriminals (Foreign Policy) The United States needs a new legal doctrine to handle state-tolerated attacks.
Key features of the new Rwandan data protection law (JD Supra) On 13 October 2021, almost two years after the adoption of a bill on data protection, Rwanda's first data protection legislation, Law No. 058/2021...
TSA makes changes to new cyber requirements after industry feedback (Federal News Network) TSA is expected to issue new security directives for passenger and freight rail operators in the coming weeks.
Government Watchdog Welcomes Treasury’s Data Collection on Cyber Insurance Claims (Nextgov.com) A Government Accountability Office report on the Treasury Department’s role in shaping the market for cybersecurity insurance is expected next spring.
Litigation, Investigation, and Law Enforcement
Russian cybersecurity executive appeals to Putin as detention for treason extended (Reuters) Ilya Sachkov, the head of a Russian cybersecurity firm, on Tuesday appealed to President Vladimir Putin to let him be moved to house arrest while he awaits trial on treason charges after his detention was extended until February.
Massive Hack Gave Police a Window on Cocaine, Cash and Killers (Wall Street Journal) Special handsets have helped criminals flood Europe with cocaine, but when authorities got inside the networks, they gained an unobstructed view of the gangs at work—and the chance to thwart them.
France to probe whether Egypt used its intel to target civilians (Al-Monitor: The Pulse of the Middle East) A report from investigative website Disclose said that intelligence from a joint covert military mission in Libya may have been used by Egypt to target and killing smugglers.
Australia Defamation Case Signals a Crackdown on Ordinary Citizens, Critics Say (New York Times) A government minister sued and won over a brief Twitter post that called him a “rape apologist.” A journalist sees “asymmetric warfare.”
Apple files lawsuit against NSO Group, saying U.S. citizens were targets (Reuters) Apple Inc said on Tuesday it has filed a lawsuit against Israeli cyber firm NSO Group and its parent company OSY Technologies for alleged surveillance and targeting of U.S. Apple users with its Pegasus spyware.
Apple sues NSO Group to curb the abuse of state-sponsored spyware (Apple Newsroom ) Apple today filed a lawsuit against NSO Group to hold it accountable for abusive surveillance and the targeting of a small number of Apple users.
Apple Sues Israeli Firm NSO Over Spyware, Claiming iPhone Hacks (Wall Street Journal) The lawsuit seeks to bar the surveillance-software company from using the iPhone maker’s products.
Apple Sues Israeli Spyware Maker, Seeking to Block Its Access to iPhones (New York Times) Apple accused NSO Group, the Israeli surveillance company, of “flagrant” violations of its software, as well as federal and state laws.
Apple sues Israeli spyware maker NSO over its Pegasus spyware (Washington Post) The lawsuit comes just weeks after the U.S. Commerce Department blacklisted NSO from doing business with American companies.
Apple Slaps Lawsuit on NSO Group Over Pegasus iOS Exploitation (SecurityWeek) The troubles for Israeli surveillance software maker NSO Group continues to pile up with news that Apple has filed suit to ban the company from using its software, services or devices.
Apple sues Israeli spyware firm NSO Group for surveillance of users (the Guardian) iPhone-maker also seeks to ban firm behind Pegasus spyware from using any Apple software, services or devices
Apple sues NSO Group for targeting its users with spyware (Computing) Seeks to bar the Israeli firm from using its products
Apple sues spyware maker NSO Group (The Record by Recorded Future) Apple announced earlier today that it filed a lawsuit against NSO Group, the Israeli company behind Pegasus, a powerful spyware and surveillance platform capable of infecting and taking over even the most secure and up-to-date iPhones.
How the pandemic pulled Nigerian university students into cybercrime (The Record by Recorded Future) “I needed to do something. I needed to survive,” said one student who began committing cyber fraud in lockdown.
Amazon and Apple handed $225 million in Italian antitrust fines (Reuters) Italy's antitrust authority has fined U.S. tech giants Amazon.com and Apple Inc a total of more than 200 million euros ($225 million) for alleged anti-competitive cooperation in the sale of Apple and Beats products.
Cyber Scammer Confesses to Fraud Fueled by Cocaine, Whiskey (Bloomberg) Case is part of multinational effort against cyber-trade fraud. Scheme was run out of call centers in Eastern European cities.
The McDonald’s Ice Cream Machine Hacking Saga Has a New Twist (Wired) The cold war between a startup and a soft-serve machine manufacturer is heating up, thanks to a newly released trove of internal emails.
Ontario government worker charged in COVID-19 vaccination data breach (Global News) Two people have been charged in connection with a breach of Ontario's COVID-19 vaccination system that involved some residents receiving spam messages.
Eskenazi Health patient seeks class-action status in suit over May ransomware attack (Beckers Hospital Review) A patient is seeking class-action status in a lawsuit against Indianapolis-based Eskenazi Health after a May ransomware attack that potentially affected 1.5 million people, Nov. 19 documents filed in the Indiana Commerical Court.
Pfizer Says Employee Stole Confidential Docs On COVID Vax (Law360) Pfizer Inc. said Tuesday that it was investigating a longtime employee who it believes downloaded thousands of documents containing confidential information, some of which is related to the pharmaceutical giant's COVID-19 vaccine, according to a suit filed in California federal court.
Ohio county commissioner denies knowledge of attempted breach of local election network (Washington Post) A commissioner in Lake County, Ohio, whose government office was used to plug a private laptop into the county network during the spring primary said Tuesday that he was not aware of an attempt to breach the local election board’s computers.