New attacks launched by reemergent The Mask APT

After targeting the organization with the Microsoft OneDrive-targeting Careto2 and Google Drive-targeting Goreto malware frameworks in 2019, The Mask subjected the entity to yet another attack involving the exploitation of the WorldClient webmail component for persistence three years later, according to a Kaspersky analysis. Source link

Turkish defense orgs subjected to Bitter cyberespionage intrusions

Bitter leveraged phishing emails with foreign investment project lures to spread a RAR archive containing a shortcut link, which when opened prompted PowerShell execution in alternative data streams and a scheduled task that facilitates malicious curl commands, including one that retrieves WmRAT, an analysis from Proofpoint showed. Source link

Massive Cisco data trove partially exposed by IntelBroker

Hackread reports that Cisco had 2.9 GB of the 4.5 TB dataset compromised from a misconfigured DevHub portal in October leaked by IntelBroker earlier this week. IntelBroker disclosed that the exposed data trove included Cisco’s Identity Services Engine security policy platform, Secure Access Service Edge solution, Webex collaboration platform, Umbrella DNS cloud security platform, IOS XE and XR […]

DarkGate malware spread via Microsoft Teams, AnyDesk

Bitter leveraged phishing emails with foreign investment project lures to spread a RAR archive containing a shortcut link, which when opened prompted PowerShell execution in alternative data streams and a scheduled task that facilitates malicious curl commands, including one that retrieves WmRAT, an analysis from Proofpoint showed. Source link

Major data breach leads to $264M fine for Meta

Account tokens obtained through the exploitation of a trio of vulnerabilities within Facebook’s “View As” feature have enabled the widespread hijacking of Facebook user accounts, according to the Irish data watchdog. Source link

Misconfiguration exposes Virtavo security cam user data

Cybernews reports that security camera maker Virtavo had information from more than 100,000 users of its Home V App for iOS, most of whom are in China, potentially exposed as a result of a misconfigured Elasticsearch server that was secured nearly two months after disclosure. Over 8.7 million records, many of which are duplicates, were discovered within the […]

Experience trumps software every time: What to look for in a partner

When attending to a client’s needs, service providers often apply a one-size-fits-all approach, following a well-worn playbook and handling the matter as a routine procedure. This approach may work well in certain situations. But when dealing with sensitive matters such as a data breach and the possible compromise of company secrets or personally identifiable information, […]

CISA orders federal agencies to secure Microsoft 365 cloud apps

The Cybersecurity and Infrastructure Security Agency (CISA) on Dec. 17 issued Binding Operational Directive (BOD) 25-01, which ordered federal civilian agencies to implement CISA’s secure cloud practices for Microsoft 365 environments. BOD 25-01 requires federal civilian agencies to identify specific cloud tenants, implement CISA’s assessment tools, and align cloud environments to CISA’s Secure Cloud Business […]

Regional Care breach impacts 225K

Aside from leading to the deferral of patient care and prescription processing, such an attack against Change Healthcare has also led to the proliferation of malicious actors purporting to be hospital representatives to obtain credit card numbers, as well as excessive burdens for health providers, according to the lawsuit. Source link

Change Healthcare breach prompts Nebraska lawsuit

Change Healthcare has been sued by Nebraska Attorney General Mike Hilgers over its negligent cybersecurity practices, which resulted in the massive cyberattack earlier this year that impacted nearly 100 million Americans and disrupted health providers across the U.S., reports The Record, a news site by cybersecurity firm Recorded Future. Aside from leading to the deferral of patient […]