Tag Archive for: urgent

CISA Systems Hacked: Ivanti Vulnerabilities Exploited, Urgent Security Measures Advised


Officials from the Cybersecurity and Infrastructure Security Agency (CISA) recently disclosed a successful hack of the agency’s systems in February that involved hackers taking advantage of flaws in Ivanti products.

The CISA spokesperson confirmed this security incident, revealing that the agency detected suspicious activities pointing to exploiting Ivanti product vulnerabilities approximately a month ago, as reported by Recorded Future News.

The impact of the CISA breach was contained in two specific systems and swiftly taken offline as part of immediate response measures. Emphasizing the ongoing efforts to modernize and upgrade systems, the spokesperson assured that there is currently no operational impact.

The Impact of the CISA Cyber Breach

According to a person with knowledge, the hacked systems were the Infrastructure Protection (IP) Gateway and the Chemical Security Assessment Tool (CSAT). These two systems held important data about how U.S. infrastructure is interdependent and private sector chemical security plans. CISA has neither confirmed nor denied this information.

CSAT, recognized for storing susceptible industrial data, including tools for high-risk chemical facilities, site security plans, and security vulnerability assessments, was a focal point of the breach.

CISA Confirms Cyber Breach: Ivanti Product Flaws Exploited by Unknown Hackers

In this photo illustration a young man types on an illuminated computer keyboard typically favored by computer coders on January 25, 2021 in Berlin, Germany. 2020 saw a sharp rise in global cybercrime that was in part driven by the jump in online retailing that ensued during national lockdowns as governments sought to rein in the coronavirus pandemic. (Photo : Sean Gallup/Getty Images)

In response to the incident, CISA advised enterprises to study a Feb.29 alert warning of actively exploiting Ivanti Connect Secure and Ivanti Policy Secure gateway vulnerabilities. The vulnerabilities are CVE-2023-46805, 2024-21887, and 2024-21893.

“This is a reminder that any organization can be affected by a cyber vulnerability, and having an incident response plan in place is a necessary component of resilience,” the CISA spokesperson noted.

The CISA is a…

Source…

Urgent warning to Facebook users over ‘I can’t believe he’s gone’ scam that tricks you into downloading malware


  • Scammers use fake news articles to trick Facebook users into following links
  • Experts say pay close attention to the link URL to avoid downloading malware  



Cybersecurity experts have issued an urgent warning to Facebook users over a new scam that they’ve coined the ‘I can’t believe his gone scam’. 

This emotionally manipulative scam tricks users into downloading malware, with posts featuring fake BBC branding, and implying that a loved one has died. 

Clicking on the linked post will bring users to a compromised site designed to harvest their personal information.

Marijus Briedis, cybersecurity expert at NordVPN, said: ‘When you come across unexpected or alarming posts, especially those about personal emergencies, take a moment to verify their legitimacy before clicking any links.’ 

Here are the key signs to look out for to make sure you don’t fall victim to the scam. 

Cybersecurity experts have issued an urgent warning to Facebook users over a new scam that they’ve coined the ‘I can’t believe his gone scam’
This emotionally manipulative scam tricks users into downloading malware, with posts featuring fake BBC branding, and implying that a loved one has died (stock image)

READ MORE: Fresh warnings over latest ‘hi mum’ text scams where fraudsters ‘prey on our goodwill with emotive stories’ 

The ‘I can’t believe he’s gone scam’ was first highlighted by cybersecurity researcher Pieter Arntz from Malwarebytes.

As Mr Arntz explained in a blog post, the scam consists of a post containing some variation of ‘I can’t believe he’s gone. I’ll miss him so much’ and a link.

If you follow the link, you will be brought to another Facebook post showing what appears to be a BBC news article about a fatal road accident. 

This post will also contain slightly different text to the original, saying: ‘I can’t believe this, I’m going to miss him so much’.

But while this post might appear legitimate at first glance, this is actually a fake link to a malicious website.

Mr Arntz writes: ‘The BBC news logo in the picture and the BBCNEWS part of the URL are…

Source…

Urgent warning to smartphone users as cyber threats skyrocket


SMARTPHONE users are being urged to be app-rehensive amid a rise in dodgy apps.

According to cyber experts ESET, the number of Android threats soared by 57 per cent in the last few months of 2022.

Smartphone users are being urged to be apprehensive of dodgy apps on the riseCredit: Getty Images – Getty

This surge was driven by a 163 per cent increase in adware (the pop-up ads that are the bane of many user’s lives) and a growth of 83 per cent in “hidden app” detections.

Often bogus apps look just like the real thing.

Many people will only realise they’ve downloaded suspicious software when they’re hit with a charge they don’t recognise or see their battery drain for no reason.

However, experts from ESET, the internet security specialists, say that people can avoid downloading fake apps by doing some important checks before they hit download.

To keep your device safe, follow these seven tips for recognising a potential problem.

CHECK THE NUMBERS

Say you’re looking for what you would reasonably expect to be an app with hundreds of millions of users but only come across an app that, while sounding like the real thing, hasn’t racked up anywhere near as many downloads.

If that’s the case, the chances are high you’re dealing with an imposter app.

READ THE REVIEWS

If an app is rated poorly, you should probably give it a pass.

MOST READ IN THE IRISH SUN

On the other hand, tons of glowing reviews that all sound almost the same should also raise eyebrows.

This is especially the case with apps that have not been downloaded millions of times — many of those recommendations may be the work of fake reviewers or even bots.

CHECK THE VISUALS

Something about the app’s colour or the logo used doesn’t feel right . . .

If you’re in doubt, compare the visuals to those on the website of the service provider.

Malicious apps often mimic their legitimate counterparts and use similar, but not necessarily identical, logos.

Keep your eyes peeled for key details — a closer look, including at the URLs, often reveals some giveaways.

DOUBLE-CHECK ‘OFFICIAL APP’ CLAIMS

In one case documented by ESET research last year, cybercriminals distributed apps for online stores and…

Source…

Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days


Apple on Friday pushed out a major iOS security update to fix a pair of zero-day vulnerabilities already being exploited in the wild.

The newest iOS 16.4.1 and iPadOS 16.4.1 updates cover code execution software flaws in IOSurfaceAccelerator and WebKit, suggesting a complex exploit chain was detected in the wild hitting the latest iPhone devices.

“Apple is aware of a report that this issue may have been actively exploited,” Cupertino says in a barebones advisory that credits Google and Amnesty International with reporting the issue.

The advisory documents two separate issues — CVE-2023-28205 and CVE-2023-28206 — that expose iPhones and iPads to arbitrary code execution attacks.

Apple described the IOSurfaceAccelerator flaw as an out-of-bounds write issue that was addressed with improved input validation.

The WebKit bug, which has already been exploited via web content to execute arbitrary code with kernel privileges, has been fixed with improved memory management.

The company did not say if the newly discovered exploits are capable of bypassing the Lockdown Mode feature that Apple shipped to deter these types of attacks.

The iOS patch comes alongside news from Google that commercial spyware vendors are burning through zero-days to infect mobile devices with surveillance malware.

In one of the two campaigns described by Google this week, an attack started with a link being sent to the targeted user via SMS. When clicked, the link took the victim to malicious websites delivering Android or iOS exploits — depending on the target’s device. Once the exploits were delivered, victims were redirected to legitimate websites, likely in an effort to avoid raising suspicion. 

The iOS exploit chain also hit a WebKit vulnerability (CVE-2022-42856) that Apple patched in iPhones in December 2022. Attacks also involved a Pointer Authentication (PAC) bypass technique, and an exploit for CVE-2021-30900, a sandbox escape and privilege escalation vulnerability that Apple patched in iOS in 2021. 

So far this year, there have been at least 24 documented zero-day vulnerabilities exploited in the wild prior to discovery.

Related: Apple Adds ‘Lockdown Mode’ to Thwart .Gov Mercenary…

Source…