MITRE introduces D3FEND framework

The US National Security Agency (NSA) has announced it will fund the development of a knowledge base of defensive countermeasures for the most common techniques used by malicious threat actors. The project will be made available through MITRE and will be called D3FEND as it complements MITRE’s existing ATT&CK framework. MITRE ATT&CK...

55m

City of Liège hit by ransomware, Ryuk suspected

Liège, the third largest city in Belgium, and a major educational hub, has been hit by a ransomware attack, disrupting its IT services and network. The municipality of Liege’s official website, which was translated from the French. According to its official website (pictures above): The City of Liège is currently the victim of a...

6h

Hotel staff bust Hermes SMS scammer with suspiciously large number of cables

If you’re in the UK, you’ve likely received a fake delivery SMS at this point. The original big driver for this over the pandemic was a non-stop wave of Royal Mail phishing scams. As that article mentions, most if not all of our interactions with organisations is done by mobile. I receive medical appointment updates by phone. Notifications from school?...

1d

Atomic research institute breached via VPN vulnerability

Remember when we told you to patch your VPNs already? I hate to say “I told you so”, but I informed you thusly. According to South Korean officials a North Korean cyber-espionage group managed to infiltrate the network of South Korea’s state-run nuclear research institute last month. The crime: time and place Cybersecurity...

2d

A week in security (June 14 – June 20)

Last week on Malwarebytes Labs: How to delete your Instagram account.Working from home? You’re probably being spied on.Another one bites the dust: Avaddon ransomware group shuts down operation.Patch now! Apple fixes in-the-wild iPhone vulnerabilities.Windows 10 to retire in four years (or 52 Patch Tuesdays, in sysadmin years).Twitter takes...

2d

Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11

Ransomware attacks are on a different scale this year, with major attacks not just dismantling the business and management of Colonial Pipeline in the US, the Health Service Executive in Ireland, and the meatpacker JBS in Australia, but also disrupting people’s access to gasoline, healthcare, COVID-19 vaccinations, and more. So, what is it...

2d

Two Google plans that could make open source code more secure

Recently Google announced that it will fund the further development of Rust. Rust is a low-level programming language that is designed to be more memory secure than other popular programming languages, such as C. Google has also proposed an end-to-end framework for supply chain integrity which it has dubbed Supply chain Levels for Software...

5d

Polazert Trojan using poisoned Google Search results to spread

Trojan.Polazert aka SolarMarker has gone back and fine-tuned an old tactic known as SEO-poisoning to plant their Remote Access Trojan (RAT) on as many systems as possible. This RAT runs in memory and is used by attackers to install additional malware on affected systems. Trojan.Polazert Trojan.Polazert is specifically designed to steal...

5d

The 6 best Chrome extensions for privacy and security

While searching for security- and privacy-improving extensions, users may end up installing an extension that is counterproductive to their goals. To help our readers I have compiled a list of Chrome extensions that can actually help you improve your online privacy and security. Our regular readers have seen me post various warnings about malicious...

6d

Clop stopped? Ransomware gang loses Tesla and other treasures in police raid

Ukrainian law enforcement officials announced Wednesday that they had arrested several individuals involved in criminal activity committed by the Clop ransomware gang, a cybercriminal gang that helped popularize the “double extortion” model of not only threatening to encrypt a victim’s files, but also threatening to release confidential data that was...

6d