News – Page 177

Refreshed ‘cyber security toolkit’ helps board members to govern online risk

Posted on 30 March 2023

From ncsc.gov.uk

I am delighted to announce the launch of the NCSC’s refreshed cyber security Board Toolkit.

Originally published in 2019, the toolkit proved very popular with boards and it’s their feedback, together with input from non-executive directors and our i100 industry team, that will ensure the toolkit remains up-to-date, relevant, and framed in language that boards are familiar with.

The toolkit helps boards ensure that cyber resilience and risk management are embedded throughout their organisations. It will help you to make informed cyber decisions that are aligned to your wider organisational risks, and ensure cyber security is assigned appropriate investment against other competing business demands.

SafeMoon ‘burn’ bug abused to drain $8.9 million from liquidity pool

Posted on 30 March 2023

From bleepingcomputer.com

The SafeMoon token liquidity pool lost $8.9 million after a hacker exploited a newly created ‘burn’ smart contract function that artificially inflated the price, allowing the actors to sell SafeMoon at a much higher price.

Liquidity pools in DeFi platforms are large deposits of funds (cryptocurrency) that facilitate trading, provide market liquidity, and generally allow exchanges to function without borrowing from a third party.

SafeMoon confirmed the security incident today on Twitter and stated that it is currently working on resolving the issue.

WiFi protocol flaw allows attackers to hijack network traffic

Posted on 29 March 2023

From bleepingcomputer.com

Cybersecurity researchers have discovered a fundamental security flaw in the design of the IEEE 802.11 WiFi protocol standard, allowing attackers to trick access points into leaking network frames in plaintext form.

WiFi frames are data containers consisting of a header, data payload, and trailer, which include information such as the source and destination MAC address, control, and management data.

These frames are ordered in queues and transmitted in a controlled matter to avoid collisions and to maximize data exchange performance by monitoring the busy/idle states of the receiving points.

Best Practices for Secure Remote Development

Posted on 28 March 2023

From trendmicro.com

Remote work and work from home have become commonplace in software development. When done properly, it allows software teams to collaborate from anywhere, which can potentially reduce company overhead, boost productivity, and aid recruitment.

But without the right security measures in place, developing from home can increase an organization’s exposure to security breaches. Some of the common risks that a developer might face when working from home include:

Malware: any software created with hostile intentions, such as restricting access to data or destroying it completely
Phishing: a form of trickery aiming to get the user to click on a bad link or volunteer information
Data theft: attacks targeted at gaining access to private or sensitive data
Ransomware: software that locks out users from systems and demands a ransom in exchange for not deleting or making data public
Spyware: software that won’t make itself known to you and will share your activities and data with a malicious actor

Cyberattack at Puerto Rico water authority under federal probe

Posted on 28 March 2023

From scmagazine.com

The FBI and Cybersecurity and Infrastructure Security Agency have launched an investigation into a cyberattack against the Puerto Rico Aqueduct and Sewer Authority which was confirmed to have compromised the U.S. territory’s water agency’s customer and employee data but not its critical infrastructure, according to The Record, a news site by cybersecurity firm Recorded Future. Security protocols have been implemented following the attack, said PRASA Executive Director Nannette Martinez. While PRASA has not provided any specifics regarding the threat actor behind the intrusion due to the ongoing probe, the water authority has been claimed to be compromised by the Vice Society ransomware operation, which posted on Friday samples of stolen data, including driver’s licenses and passports.

Romance scams loss termed to have reached £10k on an average in UK

Posted on 28 March 2023

From cybersecurity-insiders.com

A report compiled by Barclays states that the amount of money lost in romance scams has reached an average of £10k in the UK in the last 6-8 months. This amount is what fraudsters earn on average, and the actual number might be much higher than what is estimated now.

The survey also revealed that one in three Britons have experienced a scam or know at least one or two people who have gone through this negative experience in the past year or so. Scammers are constantly developing new tactics to deceive victims, and the credit goes to their innovation.

New Infostealer LummaC2 Being Distributed Disguised As Illegal Cracks

Posted on 28 March 2023

From asec.ahnlab.com

A new Infostealer called “LummaC2” is being distributed disguised as illegal programs such as cracks and keygens.

Other malware such as CryptBot, RedLine, Vidar, and RecordBreaker (Raccoon V2) are distributed in a similar manner and have been covered here on ASEC Blog.

It appears that the LummaC2 Stealer has been available for purchase on the dark web since the beginning of this year, and since March, it has been distributed by a threat group disguised as a crack. Although this method of malware distribution is mostly used by RecordBreaker (Raccoon V2), LummaC2 Stealer is also being discovered from time to time. The LummaC2 Stealer was first discovered on March 3rd, and additional distributions were confirmed on the 12th and 20th of the same month, indicating an approximate activity rate of once a week.