Insights

Holiday Scams

The holiday season is a time when people are shopping, looking for bargains, and rushed. Cybercriminals know this and have scams to fit the season. But still steal your money, credit cards, and more. This Insights looks at the scams and offers ways to be safer. 

 

So many ways to steal your money


Decade-Old Cisco Vulnerability Under Active Exploit

A vulnerability that has existed for over 10 years in an older version of Cisco Adaptive Security Appliance is under attack. The vulnerability cannot be patched so Cisco is advising customers to upgrade to a version of the ASA not affected by this vulnerability. 

 

Old doesn't mean safe


CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

CISA, the official cybersecurity agency has identified serious vulnerabilities in a number of products and services. One of them is rated at 10.0, the highest possible score meaning it is very dangerous. This article provides more information and suggestions to be safer. 

 

More vulnerabilities discovered


Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels

In yet another use of legitimate cyber services and tools to deliver malware, a Russian Advanced Persistent Threat, APT, group is using Cloudflare encrypted tunnels to deliver its malware. 

 

Malware hiding in plain site


Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

The flaws found in these frameworks are serious. Flaws discovered earlier were on the server side. These flaws are on the client side and can result in attackers being able to execute code on your systems. With the ability to execute code, nothing on your systems is safe.

 

Machine learning data leaks


No Need To Break In If You Have The Key

In a type of attack called malware free, cybercriminals gain access through social engineering of the help desk. It is surprisingly successful and can cause permanent loss of an account to the attackers. 

 

Social engineering very effective


Alleged Ford 'Breach' Encompasses Auto Dealer Info

Attackers claim to have breached Ford and stolen large quantities of data. But what really happened is the information is from a 3rd party and is already publicly available. The attackers’ hopes were to get Ford to pay them to not release it. This isn’t the first time attackers have claimed to have breached a large company and stolen sensitive data. But it turns out to be false or at least not nearly as serious as the attackers claimed. 

 

Fake breaches sow fear

 


Oracle Patches Exploited Agile PLM Zero-Day

Oracle has issued a patch for serious zero-day vulnerability in their Agile Product Lifecycle Management. Be sure to install the patch if your use this product. 

 

Oracle Zero Day patch issued, install now


North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs

A few weeks ago, it was reported that North Koreans have created an elaborate network to gain legal employment in the United States. This is used to steal information from legitimate companies and to use the earnings as a way to circumvent sanctions. Now the scheme gets more elaborate by impersonating real US firms to provide fake employment histories and references. All to fund the North Korean missile programs. 

 

North Korea expands IT imposters


Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

Two vulnerabilities in Palo Alto Networks devices are being exploited. One has a CVSS score of 9.3 which is very serious and the other a score of 6.9, lower but still serious. When the two are combined they give hackers authentication bypass and privilege escalation. 

 

Palo Alto active attack

 


Cyberthreats In Retail

The holiday season is busy time for the retail industry. Cybercriminals know this and ramp up their attacks on retail businesses. The attacks range from annoying to disastrous. Knowing what may be coming helps you better protect against them.  

 

Holiday season for cyber attackers


Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Microsoft issued patches for 90 recently discovered vulnerabilities. Four of the vulnerabilities are rated as critical. Be sure to determine which of the patches apply to your systems and which have the most impact on you. Then install those first. 

 

Microsoft patches 90 vulnerabilities - install now


Citrix 'Recording Manager' Zero-Day Bug Allows Unauthenticated RCE

A Zero-Day in Citrix Recording Manager allows attackers to install and execute code on the platform with no authentication. A patch was just issued. Install it now!

 

Citrix under attack again


'GoIssue' Cybercrime Tool Targets GitHub Developers En Masse

For only $700 you can purchase a tool that steals email addresses from the public profiles on GitHub. The stolen emails help cybercriminals steal other credentials, deliver malware, circumvent access protections, and more.   

 

Cheap tool steals GitHub addresses


Microsoft Power Pages Leak Millions of Private Records

Low code and no code make it easy for almost anyone to create something. Microsoft’s Power Pages use it to let people build websites quickly and easily. However, these environments do not help people understand the security implications. The  result is massive cybersecurity gaps and confidential information exposures. A recent example is Microsoft’s Power Pages with millions of private pages exposed on websites built using this platform. 

 

Massive leak from misunderstanding requirements