North Korean hackers were a major cause
Monthly Archives: February 2023
Researchers Warn of Crypto Scam Apps on Apple App Store
City of London on High Alert After Ransomware Attack
APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
State-sponsored threat groups increasingly use ransomware-like attacks as cover to hide more insidious activities. Russian advanced persistent threat (APT) group Sandworm used ransomware programs to destroy data multiple times over the past six months while North Korea’s Lazarus group used infrastructure previously associated with a ransomware group for intelligence gathering campaigns.
At the same time, some Chinese APTs that were traditionally targeting entities in Asia shifted their focus to European companies, while Iran-based groups that traditionally targeted Israeli companies started going after their foreign subsidiaries. At least one North Korean group that was focused on South Korea and Russia has started using English in its operations. All these operational changes suggest organizations and companies from Western countries are at increased risk from APT activity.
Smashing Security podcast #307: ChatGPT and the Minister for Foreign Affairs
Could a senior Latvian politician really be responsible for scamming hundreds of “mothers-of-two” in the UK? (Probably not, despite Graham’s theories…) And should we be getting worried about the AI wonder that is ChatGPT?
All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.
Oracle Quarterly Critical Patches Issued January 17, 2023
Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution.
Take a tour of the Edgescan Cybersecurity Platform
Graham Cluley Security News is sponsored this week by the folks at Edgescan. Thanks to the great team there for their support! Edgescan simplifies Vulnerability Management (VM) by delivering a single full-stack SaaS solution integrated with world-class security professionals. Edgescan helps enterprise companies consolidate managing multiple point scanning tools for each layer of the attack … Continue reading “Take a tour of the Edgescan Cybersecurity Platform”
New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs
A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack Reference (OSC&R) initiative, led by OX Security, evaluates software supply chain security threats, covering a wide range of attack vectors including vulnerabilities in third-party libraries and components, supply chain attacks on build and deployment systems, and compromised or malicious software updates. Cybersecurity professionals among the matrix’s founding consortium include representatives from GitLab as well as former leaders from Microsoft, Google Cloud, Check Point Technologies, and OWASP.
Ransomware Attack Forces Closure of Nantucket Schools
The district’s superintendent Elizabeth Hallett announced the decision in an email to parents
Google Fi Confirms Data Breach, Hints At Link to T-Mobile Hack
The company uses a combination of T-Mobile and US Cellular for network connectivity