Cyber Threats
APT33 Botnets Used for Extreme Narrow Targeting
Learn about the APT33 threat group that is using live C&C servers for extremely narrow targeting. Also, read about Trend Micro’s complete smart factory solutions and November Patch Tuesday updates.
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the APT33 threat group that is using live C&C servers for extremely narrow targeting. Also, read about Trend Micro’s complete smart factory solutions and November Patch Tuesday updates.
Trend Micro Enhances Protection for Industrial Orgs
This week, Trend Micro announced its complete smart factory solutions, designed to provide enhanced visibility and protection for embattled industrial control system (ICS) environments. The solutions will secure across all layers of Industry 4.0, mitigating this growing area of cyber risk to keep operations running.
Faster and More Accurate Malware Detection Through Predictive Machine Learning
Machine learning gives traditional cybersecurity solutions the edge it needs to catch destructive threats such as ransomware before it gets deployed in a system, which saves organizations’ time, money, and reputations.
Microsoft's November 2019 Patch Tuesday Arrives with a Patch for an IE Zero-Day
Microsoft has released the November 2019 Patch Tuesday security updates. This month's updates include a patch for a vulnerability in the Internet Explorer scripting engine that hackers have been seen exploiting in the wild.
Amazon Patches Ring Video Doorbell Pro Vulnerability that Threatens Network Security
Researchers at Bitdefender discovered a vulnerability in Amazon’s Ring Video Doorbell Pro that, if exploited, could allow a threat actor to get network or Wi-Fi credentials. Amazon fixed the issue back in September, but the vulnerability was only recently disclosed.
ASP.NET Service Provider SmartASP.net Targeted by Ransomware Attack
Less than a week after ransomware attacks disrupted operations of various Spanish companies and government services in the Canadian territory of Nunavut, another company has disclosed that that they were hit by an attack, this time involving the encryption of the customer data of SmarterASP.net, a popular hosting service provider for the web application framework ASP.NET.
BlueKeep Exploit Will Get an Update Following Recent Attacks
Reports from security researchers have shed light on the recent BlueKeep attacks that installed cryptocurrency miners on compromised devices. In November, Kevin Beaumont noticed that his honeypots kept crashing and later determined that the cause was the BlueKeep exploit module. These blue screen of death (BSOD) crashes in the honeypots were the issues that helped Beaumont discover the real-world attacks.
YouTube Videos Promise Private Key Generator for Bitcoin Addresses, Lead Users to Info-Stealing Trojan Instead
YouTube videos were being used in a scam to deliver an information-stealing Trojan called Predator the Thief (detected by Trend Micro as TrojanSpy.MSIL.PREDATOR.AA). Discovered by security researcher Frost, the threat actors use the videos to promote a tool that can generate a bitcoin address’ private key.
New 5G Flaws Can Track Phone Locations and Spoof Emergency Alerts
Security researchers at Purdue University and the University of Iowa have found nearly a dozen 5G vulnerabilities, which they say can be used to track a victim’s real-time location, spoof emergency alerts that can trigger panic or silently disconnect a 5G-connected phone from the network altogether.
DDoS Attacks That Employ TCP Amplification Cause Network Congestion, Secondary Outages
Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks through Transmission Control Protocol (TCP) amplification.
APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims
The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets. As of last month, researchers counted 10 live bot C2s in active operation.
There Is a Skills Shortage, but It Isn’t Your Real Problem
Without automated event correlation and analysis, the skills problem ceases to be a crisis. Bill Malik, vice president of infrastructure strategies at Trend Micro, discusses how organizations can use automation, a managed detection and response tool (like MRDR) and a cross-platform discovery and response tool (like XDR) to help alleviate the information security skills gap.
Is your company taking steps and using solutions to alleviate the information security skills shortage? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.