Tag Archive for: April

Check Point reveals top malware and vulnerabilities in April 2023


Check Point Software Technologies, a provider of cybersecurity solutions globally, has published its Global Threat Index for April 2023.

Last month, researchers uncovered a substantial Qbot malspam campaign distributed through malicious PDF files attached to emails seen in multiple languages.

Meanwhile, Internet-of-Things (IoT) malware Mirai made the list for the first time in a year after exploiting a new vulnerability in TP-Link routers, and Healthcare moved up to become the second most exploited industry, Check Point finds.

The Qbot campaign seen last month involves a new delivery method in which targets are sent an email with an attachment that contains protected PDF files. Once these are downloaded, the Qbot malware is installed on the device. Researchers found instances of the malspam being sent in multiple different languages, which means organizations can be targeted worldwide.

Last month also saw the return of Mirai, one of the most popular IoT malwares. Researchers discovered it was exploiting a new zero-day vulnerability CVE-2023-1380 to attack TP-Link routers and add them to its botnet, which has been used to facilitate some of the most disruptive distributed DDoS attacks on record. This latest campaign follows an extensive report published by Check Point Research (CPR) on the prevalence of IOT attacks.

There was also a change in impacted industries, with healthcare overtaking government as the second most exploited sector in April. Attacks on healthcare institutions have been well documented and some countries continue to face constant assaults. For example, cyber criminal group Medusa recently launched attacks on cancer facilities in Australia.

The industry remains a lucrative target for hackers as it gives them potential access to confidential patient data and payment information. It could have implications for pharmaceutical companies as it could lead to leaks regarding clinical trials or new medical drugs and devices.

Maya Horowitz, VP Research at Check Point Software, says, “Cyber criminals are constantly working on new methods to bypass restrictions and these campaigns are further proof of how malware adapts to survive.

“With Qbot on the…

Source…

Infosec products of the month: April 2023


Here’s a look at the most interesting products from the past month, featuring releases from: Abnormal Security, Arista Networks, Armorblox, BigID, Binarly, Cofense, Cyera, Cynalytica, D3 Security, Eclypsium, GitGuardian, Guardz, Halo Security, Immuta, Malwarebytes, ManageEngine, Netskope, Obsidian Security, Searchlight Cyber, Sotero, Stamus Networks, ThreatX, Traceable AI, Venafi, Veracode, Versa Networks, Wazuh, and Zyxel Networks.

infosec products April 2023

Malwarebytes unveils WorldBytes to help users reveal the hidden cyber threats around them

Powered by Malwarebytes and AI technology, WorldBytes empowers users to use their mobile devices to scan the world around them and get real-time threat assessments of anything and everything – including questionable Tinder dates, the unlabeled sauce at the back of their fridge and their neighborhood cat. The responses, powered by ChatGPT, humorously explain the potential cyber risks lurking within.

infosec products April 2023

Guardz releases cybersecurity platform for MSPs and IT professionals

Guardz’s new MSP cybersecurity platform is an all-in-one solution providing businesses with both 24/7 cyber protection and cyber insurance coverage. Within the platform, MSPs can seamlessly control multiple customers’ cyber posture, subscription plans, and remediation from a single, multi-tenant dashboard.

infosec products April 2023

Obsidian’s SSPM solution enables organizations to increase their SaaS security

Obsidian Security released its latest suite of SaaS security solutions. This suite of solutions comprising Obsidian Compliance Posture Management, Obsidian Integration Risk Management, and Obsidian Extend will together enable security and GRC teams to increase their SaaS security and compliance posture measurably.

infosec products April 2023

Stamus Networks U39 uncovers hidden anomalies in a proactive threat hunt

With U39, Stamus Security Platform users now have access to 21 new guided threat hunting filters and additional sources of threat intelligence, including 2 lateral movement rulesets and 3 suspicious domain lists. SSP can now detect activity from a match on the media type (also known as mime-type) and can ingest additional third-party threat intelligence feeds to trigger a detection event based on a match on IP…

Source…

Military Access, Mobility & Safety Improvement Program Updates for Week of April 30 — Colorado Department of Transportation


Colorado Springs — Construction on Interstate 25 between South Academy Boulevard and Santa Fe Avenue requires ramp closures on Thursday night and overnight lane closures throughout the week to shift traffic barriers to prepare for the northbound traffic switch from mile 128 to 135.

Beginning at 7 p.m. on Sunday, April 30, and continuing until Wednesday, May 3, drivers can anticipate left lane closures on northbound I-25. On Thursday night May 4, drivers can anticipate various lane closures and ramp closers on northbound I-25 to perform the traffic switch. All lanes reopen at 6 a.m. Monday through Friday, and at 9 a.m. on Saturday.

The traffic switch that was originally scheduled for Saturday night, April 29 has been rescheduled for Thursday night, May 4. Northbound I-25 traffic will move to the newly constructed southbound lanes and will be head-to-head, separated by temporary barrier with 11-foot lanes and two-foot shoulders, so northbound lanes can be constructed. Motorists can expect new on- and off-ramps, lane closures, ramp closures and several detours with the traffic switch.

Northbound I-25 ramp closure detours include:

  • Entrance 128 at Santa Fe Avenue.: Traffic will travel north on Santa Fe Avenue / CanAm Highway to South Academy Boulevard., turn west and enter I-25 at Entrance 135.
  • Exit 132 at Mesa Ridge Parkway: Traffic will continue north to South Circle Drive, turn around and travel south to Exit 132A or 132B
  • Entrance 132 at Mesa Ridge Parkway: Traffic will proceed west to southbound Entrance 132, travel south to Exit 128, turn east onto Santa Fe Avenue, continue north on CanAm Highway to South Academy Boulevard, turn west and enter I-25 at Entrance 135
  • Exit 135 at South Academy Boulevard: Traffic will continue north to South Circle Drive, turn around and travel south to Exit 135

Construction schedules are weather-dependent and subject to change

Northbound I-25 detour map for the night of May 4, 2023
Northbound I-25 detour map for the night of May 4, 2023

Traffic Impacts

I-25 between U.S. 85/Fountain (mile 127) and South Academy Boulevard (mile 135)
Nighttime closures:

  • Sunday, April 30, 7 p.m. to 6 a.m., northbound I-25 left lane closure between Mile Point 127 to 132
  • Sunday, April 30, 8 p.m. to 5 a.m., northbound I-25 left…

Source…

Android 13 for Nokia G20 in new markets, April security update for Nokia 5.3


We last reported about Nokia G20 receiving Android 13 update in some markets. Now, it seems that the update availability has spread to new markets. Coming to the security updates, Nokia 5.3 has started receiving the April security update 2023.

As per a recent tip that we have received Nokia G20 is getting Android 13 update in Serbia. Android 13 update for Nokia G20 comes with March security update 2023. The build version is V3.290 for and the update size is 1.95 GB.

Android 13 is supposed to bring many UI changes, new animations and features along with itself. You can check the list of Android 13 eligible Nokia smartphones and Tablets by clicking here.

Nokia Mobile has officially released Android 13 update to Nokia XR20 5G, Nokia X10 5G, Nokia X20 5G and Nokia G50 5G so far. Nokia Mobile however confirmed the compatibility of Android 13 for Eleven of its smartphones in Google Android Enterprise recommended devices list.

Nokia 5.3 on the other hand is receiving the April security update. Only Nokia T20 received the April security update 2023 before Nokia 5.3.

Nokia 5.3 April security update changelog:

Nokia 5.3 is receiving only the 2023 April Android security patch with the update. Here is what the April security update addresses as mentioned by Google on its official Security bulletin page.

The most severe of these issues is a critical security vulnerability in the System component that could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.

Thanks Kristijan & Tim for the tip. Cheers!

Source…