Tag Archive for: Abound

Truebot Malware Variants Abound, According to CISA Advisory

/in


An advisory from the Cybersecurity and Infrastructure Security Agency (CISA), several US organizations, and the Canadian Center for Cyber Security (CCCS) warns of Truebot malware variants that are increasingly being utilized by threat actors against various organizations in the US and Canada.

Truebot, alternatively known as Silence.Downloader, is a botnet used by malicious cybergroups such as Cl0p ransomware cybergang to gather information from the victims they target. Older variants of Truebot were mainly distributed by threat actors by phishing email attacks in the form of malicious attachments. Newer versions of the malware allow these threat actors to gain initial access by exploiting a remote code execution (RCE) vulnerability in Netwrix Auditor — otherwise listed as CVE-2022-31199.

Cyber-threat actors are also using phishing campaigns with malicious hyperlinks to deliver their Truebot variants. The agencies urge those searching for this kind of malicious activity to apply vendor patches to the 10.5 version of Netwrix Auditor and to use the outlined guidance in the joint advisory.

“Any organization identifying indicators of compromise (IOCs) within their environment should urgently apply the incident responses and mitigation measures detailed in this CSA and report the intrusion to CISA or the FBI,” the organizations stated. 

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Source…

NFT, DeFi and crypto hacks abound — Here’s how to double up on wallet security

/in


The explosiveness and high dollar value of nonfungible tokens (NFTs) seem to either distract investors from upping their operational security to avoid exploits, or hackers are simply following the money and using very complex strategies to exploit collectors’ wallets.

At least, this was the case for me way back when after I fell for a classic message sent to me over Discord that caused me to slowly but all too quickly lose my most valuable assets.

Most of the scams on Discord occur in a very similar fashion where a hacker takes a roster of members on the server and then sends direct messages to them in hopes they will bite at the bait.

“It happens to the best of us,” are not the words you want to hear in relation to a hack. Here are the top three things I learned from my experience on how to double-up on security, starting with minimizing the use of a hot wallet and simply ignoring DM’d links

A quick crash course in hardware wallets

After my hack, I was immediately reminded and I cannot reiterate it enough, never share your seed phrase. No one should be asking for it. I also learned that I could no longer forego security at the privilege of convenience.

Yes, hot wallets are much more seamless and quicker to trade with, but they do not have the added security of a pin and a passphrase like they do on a hardware, or cold, wallet.

Hot wallets like MetaMask and Coinbase are plugged into the internet, which makes them more vulnerable and susceptible to hacks.

Contrary to hot wallets, cold wallets are applications or devices whereby the user’s private keys are offline and do not connect to the internet. Since they operate offline, hardware wallets prevent unauthorized access, hacks and typical vulnerabilities by systems, something which are susceptible to when they are online.

Source…

Cyber threats abound as Springfield awaits center to fight them

/in


SPRINGFIELD — Cybercriminals have latched onto confusion surrounding COVID-19 in their efforts to gain access to secure computer systems.

“They might say, ‘You have a signed check waiting,’” Stephanie Helm, director of the MassCyberCenter, said on a call with local officials Monday. “Or they might say, ‘COVID vaccines are available.’ Anything to get your attention.”

Cybercriminals are also infiltrating Zoom software and other remote conferencing programs.

“It could be for money, as a ransom,” Helm said. “Or it could be just to make sure things don’t work. It might be people who just want to disrupt.”

Monday’s event — coinciding with National Cybersecurity Awareness Month and Massachusetts Cybersecurity Month — served as a preview for CyberPlus New England, a facility at Union Station operated in conjunction with Bay Path University.

The Springfield Redevelopment Authority, which manages the station, received $1 million for CyberPlus from the state’s IT Bond Bill passed this summer. State Rep. Angelo J. Puppolo Jr., D-Springfield, sponsored the measure on the city’s behalf.

CyberPlus New England will be a training program with at least two 20-student classrooms and all the modern technology, said Paul Stelzer, president of Appleton Corp., which manages operations at Union Station. Once the money is actually available, the center could be up and running in nine months.

CyberPlus will be on the second floor of the station, in renovated office space. It will be open to educators, employers and others.

U.S. Rep. Richard E. Neal, D-Springfield, was on hand to talk about the federal role and to catch up on progress.

He wrote much of the CARES Act in his role as chairman of the House Ways and Means Committee, and noted Monday that it has money to help enhance cybersecurity for state-run unemployment systems.

Training in-demand cybersecurity professionals and making them available to growing companies is a business opportunity, said Western Massachusetts Economic Development Council President and CEO Richard K. Sullivan Jr.

Neal asked about the security concerns surrounding the state’s military bases, including Westover Air Reserve Base in Chicopee and Barnes…

Source…

Mobile security risks abound: Here’s what you should be focusing on – ITProPortal

/in

ITProPortal

Mobile security risks abound: Here's what you should be focusing on
ITProPortal
A 2015 survey by Ponemon Institute found that 40 per cent of the 400 organisations studied aren't scanning the code in their apps for security vulnerabilities and roughly 50 per cent do not devote any budget to mobile security. Given the dominance of

“mobile security” – read more