September 30, 2023

    Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings . This review is for the week ending Saturday, March 04th, 2023.

    1. CISA Debuts Decider Tool to Help with MITRE ATT&CK Mapping

    The US CISA has released a tool designed to help researchers, analysts and network defenders map threat actors’ tactics, techniques, and procedures to the MITRE ATT&CK framework. The Homeland Security Systems Engineering and Development Institute (HSSEDI) developed the Decider tool with MITRE’s ATT&CK team.

    2. Cisco Acquiring Valtix

    Cisco has a plan to acquire cloud-native network security startup Valtix as part of a push to enhance its Security Cloud portfolio.Valtix, established in 2018, offers a multicloud network security platform designed to enable cloud teams to meet the most stringent security requirements in a cloud-first and straightforward way. Valtix claims the platform discovery feature achieves 100% security coverage through continuous discovery and takes 30 seconds to adapt to new apps and changes to existing apps dynamically.


    3. NIST CSF Getting a Major Revamp Soon

    The US NIST is about to bring significant changes to its Cybersecurity Framework (CSF) – seen as the biggest review in the last five years. The initial version is published in 2014 and later in the year 2018, updated to version 1.1. The CSF’s major role is to provide guidelines and best practices for managing cybersecurity risks. The CSF is designed to be flexible and adaptable rather than prescriptive and is widely used by organizations and government agencies across the globe to create cybersecurity programs and measure their maturity

    4. Anonymous Sudan takes down Swedish Hospital Websites

    Anonymous Sudan, a newly risen threat actor group has taken credit for DDoS attacks on sweden hospitals, that are carried out in retaliation for activists who had burned the Quran in Denmark over the last month


    We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day.

    5. Russia Banned Foreign Messenger Apps from Government Orgs

    The Russian Federal Service for Supervision of Communications, Information Technology, and Mass Media (Roskomnadzor) has banned apps like WhatsApp, Skype for Business, Teams, etc. for state employees` communication. From March 1st, 2023, as a consequence of a law signed by Russian president Vladimir Putin in December 2022. The law prevents the use of foreign messenger platforms for people who work for state services or fulfill government orders.

    6. LastPass Breach – Post Mortem Report

    LastPass suffered a series of attacks where the threat actor used data and combined the information available from a third-party data breach. Then the attackers exploited a flaw in a third-party media software package to target the firm.

    As per the report “the investigation has revealed that the threat actor pivoted from the first incident, which ended on August 12, 2022, but was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activities aligned to the cloud storage environment spanning from August 12, 2022, to October 26, 2022.


    7. ChromeLoader disguises Cracked Game VHD

    Researchers have uncovered a malware campaign distributing the ChromeLoader using VHD files as a source. ChromeLoader is a malicious Chrome browser extension, it is classified as a pervasive browser hijacker that modifies browser settings to redirect user traffic.

    These VHD files are disguised as applications and hacks or cracks for popular Nintendo and Steam games,

    • Dark Souls 3
    • Red Dead Redemption 2
    • Call of Duty Deluxe Edition
    • Minecraft
    • The Legend of Zelda
    • Pokemon Ultra Moon
    • Animal Crossing New Horizons
    • Mario Kart 8 Deluxe

    8. US Marshals Services Suffers a CyberAttack

    The U.S. Marshals Service was hacked in a ransomware attack late last month, resulting in the theft of sensitive data. As per the Marshals Service spokesperson saying that the ransomware attack affected system containing law enforcement sensitive information, including returns from legal process, administrative information and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.

    This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on FacebookTwitterInstagram


    Leave a Reply

    %d bloggers like this: