How to Keep Your CMS Safe and Secure
Security

How to Keep Your CMS Safe and Secure

One point of entry for bad actors could be a weak content management system (CMS). Most businesses have a CMS either for the backend of their corporate website, online store or perhaps an internal CMS for documents and other (often sensitive) files shared by employees, partners and suppliers. Whether your business is using a CMS for external or internal use, securing it is essential. The UK Government’s Cyber Security Breaches Survey 2022 revealed that 39% of UK businesses identified a cyber-attack in the last twelve months, while our own survey has revealed that 32% of some of the world’s largest businesses specifically encounter a CMS security breach every single week. Our findings have also revealed that 46% had a CMS security issue affect their content. Yet, many b...
Researchers Uncover ‘Hermit’ Android Spyware Used in Kazakhstan, Syria, and Italy
Security

Researchers Uncover ‘Hermit’ Android Spyware Used in Kazakhstan, Syria, and Italy

An enterprise-grade surveillanceware dubbed Hermit Spyware has been put to use by entities operating from within Kazakhstan, Syria, and Italy over the years since 2019, new research has revealed. Lookout attributed the spy software, which is equipped to target both Android and iOS, to an Italian company named RCS Lab S.p.A and Tykelab Srl, a telecom services provider which it suspects to be a front company. The San Francisco-based cybersecurity firm said it detected the campaign aimed at Kazakhstan in April 2022. Hermit is modular and comes with myriad capabilities that allow it to "exploit a rooted device, record audio and make and redirect phone calls, as well as collect data such as call logs, contacts, photos, device location and SMS messages," Lookout researchers Justin Alb...
Microsoft Addresses Wi-Fi Hotspot Issues in Latest Update
Security

Microsoft Addresses Wi-Fi Hotspot Issues in Latest Update

Microsoft added a new known issue affecting its operating systems’ Wi-Fi hotspot feature to its official Health Dashboard page. Affecting Windows 10 and 11 machines, the bug would have been introduced with a Windows update the company released earlier this month. “After installing KB5014697, Windows devices might be unable [to] use the Wi-Fi hotspot feature.” For context, the update, released on June 14, addresses various security issues.  “This update contains miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release,” wrote Windows in a blog post. The new patch also improves the servicing stack on Windows 11 machines (the component that installs Windows updates). “Servicing stack updates (SSU) ...
Reimagine Hybrid Work: Same CyberSec in Office and at Home
Security

Reimagine Hybrid Work: Same CyberSec in Office and at Home

It was first the pandemic that changed the usual state of work - before, it was commuting, working in the office & coming home for most corporate employees. Then, when we had to adapt to the self-isolation rules, the work moved to home offices, which completely changed the workflow for many businesses. As the pandemic went down, we realized success never relied on where the work was done. Whether your office is your kitchen, your bedroom, a nearby cafe, or your actual workplace in an office building, it all comes down to the fact that job success has nothing to do with your location. The role of the office in the hybrid era is also changing - according to the research conducted by PwC, it now serves the purpose of collaborating with team members and building relationshi...
Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
Security

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implement[ed] an interesting web shell backdoor, create[d] a secondary form of persistence, and ultimately launch[ed] attacks against the customer's staff," Volexity said in a report. "These attacks aimed to further breach cloud-hosted web servers hosting the organization's public-facing websites." The zero-day flaw in question is tracked as CVE-2022-1040 (CVSS score: 9.8), and concerns an authentication bypass vulnerability that can be weaponized to execute arbitrary code remotely. It affects Sophos Firewal...
Over a Million WordPress Sites Forcibly Updated to Patch a Critical Plugin Vulnerability
Security

Over a Million WordPress Sites Forcibly Updated to Patch a Critical Plugin Vulnerability

WordPress websites using a widely used plugin named Ninja Forms have been updated automatically to remediate a critical security vulnerability that's suspected of having been actively exploited in the wild. The issue, which relates to a case of code injection, is rated 9.8 out of 10 for severity and affects multiple versions starting from 3.0. It has been fixed in 3.0.34.2, 3.1.10, 3.2.28, 3.3.21.4, 3.4.34.2, 3.5.8.4, and 3.6.11. Ninja Forms is a customizable contact form builder that has over 1 million installations. According to Wordfence, the bug "made it possible for unauthenticated attackers to call a limited number of methods in various Ninja Forms classes, including a method that unserialized user-supplied content, resulting in Object Injection." "This cou...
A Smarter Cyber-Risk Management Strategy
Risk

A Smarter Cyber-Risk Management Strategy

Cybersecurity is now listed as one of the top priorities globally, according to the latest Annual Global CEO Survey by PwC, sitting only behind the pandemic in terms of extreme concerns. So cybersecurity risk management strategy should no longer be seen as a concern solely for the CTO and IT Director; it needs to be on the agenda with every supply chain and technical director. Data has the potential to transform risk management and resilience. The right data, analysis and reporting tools can help establish where future risk is more likely to occur and where it isn’t, enabling resources to focus on areas where the greatest value is at stake. Using these metrics can also help to avoid emotional bias in decision-making: the risks that we assume are greater are not always tho...
NakedPages Phishing Toolkit is Now Available on Cybercrime Forums said CloudSEK
Security

NakedPages Phishing Toolkit is Now Available on Cybercrime Forums said CloudSEK

Cybersecurity researchers at CloudSEK have spotted a new and sophisticated phishing toolkit for sale across several cybercrime forums and Telegram channels Dubbed “NakedPages,” the toolkit, which was developed using NodeJS Framework and runs JavaScript code, is fully automated and comes preloaded with more than 50 phishing templates and site projects.   “Naked Pages is the phishing tool any serious developer//spammer needs with more features than any other reverse proxy combined or PHP phishing framework combined,” reads a post on a cybercrime forum, which was viewed by CloudSEK. The post also mentions that there is a possibility of providing software licenses upon payment of $1000 and contributing to the development of the open-source project on GitHub, w...
Global Police Arrest Thousands in Fraud Crackdown
Security

Global Police Arrest Thousands in Fraud Crackdown

Interpol has hailed a two-month anti-fraud operation that saw thousands of suspects arrested and tens of millions of dollars intercepted. Operation First Light 2022 took place from March-May this year, with 76 countries taking part in the crackdown on email and phone-based fraud. As part of the operation, police raided 1770 locations including call centers used in phone scams, and arrested at least 2000 “operators,” as well as suspected fraudsters and money launderers. They identified a further 3000 suspects, froze 4000 bank accounts and intercepted $50m in illicit funds, according to Interpol. Romance scams and email-based fraud were among the key cybercrime types police focused on. Romance fraud led to $956m in losses last year, according to the FBI. Among t...
Cyber-Criminals Smuggle Ukrainian Men Across Border
Security

Cyber-Criminals Smuggle Ukrainian Men Across Border

The war in Ukraine continues to offer cyber-criminals new opportunities to monetize conflict, with threat researchers observing ads offering to smuggle men out of the war-torn country. Intel 471 said cyber-criminals are using insiders, including border service staff, to offer people smuggling services on the dark web. Since the start of the war, the Ukrainian government has forbidden any males of fighting age from leaving the country. “Shortly after the start of the war, the actor claimed the insider could facilitate illegal border crossings for Ukrainian males aged 18 to 60,” the report noted. “Accomplices used to facilitate the activity allegedly would transfer a person seeking to cross the Moldova-Ukraine border and bypass official checkpoints. The border crossing rec...