#Infosec

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

by

December 1, 2023 at 09:58PM The FBI, CISA, NSA, EPA, and INCD issued a joint advisory about Iranian IRGC-affiliated cyber actors targeting operational technology, specifically Israeli-made Unitronics PLCs used in critical sectors in the US. Since November 2023, these actors have exploited poor security, primarily default passwords, to deface and potentially disrupt systems. Mitigations include … Read more

The Latest Delinea Secret Server Release Boosts Usability With New Features

by

December 1, 2023 at 05:34PM Delinea announced new features for its Secret Server to enhance usability and facilitate Privileged Access Management adoption. Improvements include a Web Password Filler, enhanced Connection Manager, and mobile app updates for secure, convenient access to privileged credentials, addressing the balance between risk, security, and productivity. Meeting Takeaways: 1. Delinea has … Read more

[Test] Tony

by

December 1, 2023 at 10:07AM Get the latest in cybersecurity: threats, vulnerabilities, breaches, and trends via daily or weekly email updates. Clear takeaways from the meeting notes: 1. Subscribe to updates on cybersecurity to stay informed about the latest threats. 2. Ensure that information about newly discovered vulnerabilities is received regularly. 3. Keep abreast of … Read more

Okta data breach dilemma dwarfs earlier estimates

by

November 29, 2023 at 04:35PM Okta’s October support system breach impacted all customer accounts, far more than the initial 134 reported. Although mostly names and emails were accessed, the risk of phishing is heightened. Okta urges customers to use multi-factor authentication. The scale of the breach was realized after additional analysis and the discovery of … Read more

Leader of pro-Russia DDoS crew Killnet unmasked by Russian state media

by

November 27, 2023 at 06:11AM A man believed to be the leader of the cybercrime gang Killnet, known as “Killmilk,” has allegedly been exposed by Russian state media. Killmilk is known for launching major attacks on targets like US government agencies and hospitals. The FBI’s takedown of the Qakbot botnet has significantly reduced attempted exploits … Read more

Royal Mail cyber security still a mess, say infosec researchers

by

November 13, 2023 at 01:32AM The UK’s Royal Mail has been found to have an open redirect flaw on one of its websites, which potentially exposes customers to malware infections and phishing attacks. The vulnerability allows attackers to use the legitimate website to redirect users to malicious sites. The Royal Mail has been notified of … Read more

What to do with a cloud intrusion toolkit in 2023? Slap a chat assistant on it, duh

by

November 9, 2023 at 02:08AM A cybersecurity tool called Predator AI has been discovered by infosec researchers. It can be used to compromise poorly secured cloud services and web apps, and also includes a partially functional chat-bot assistant. While it is supposedly intended for educational purposes, it has the potential to be used maliciously. The … Read more

Okta breach affected 134 orgs, ‘or less than 1%’ of customers, company admits

by

November 6, 2023 at 09:11AM Okta has confirmed that its October breach resulted in the compromise of files belonging to 134 customers, which is less than 1 percent of their customer base. Among the affected customers are 1Password, BeyondTrust, and Cloudflare. The breach involved an employee signing into their personal Google account on a company-managed … Read more

Microsoft opens early access to AI assistant for infosec, Security Copilot

by

October 23, 2023 at 09:08AM Microsoft is launching the early access program for Security Copilot, an AI cybersecurity tool embedded in the Microsoft 365 Defender XDR platform. The tool aims to save time for security teams by providing step-by-step instructions on managing incidents and offering insights to upskill existing staff. It can generate natural language … Read more

Regulator, insurers and customers all coming for Progress after MOVEit breach

by

October 15, 2023 at 11:00PM The US Securities and Exchange Commission (SEC) is investigating Progress Software’s MOVEit file transfer software following a data breach. Progress admitted to receiving a subpoena from the SEC and stated that it is facing multiple class-action lawsuits and other litigation over the breach. Progress also disclosed that it has received … Read more