Bing Chat Responses Infiltrated by Ads Pushing Malware
Article Link: https://www.bleepingcomputer.com/news/security/bing-chat-responses-infiltrated-by-ads-pushing-malware/
- Malicious advertisements are now being injected into Microsoft’s AI-powered Bing Chat responses, promoting fake download sites that distribute malware.
- Malicious ads spotted by Malwarebytes are pretending to be download sites for the popular ‘Advanced IP Scanner’ utility, which has been previously used by RomCom RAT and Somnia ransomware operators.
- The display of malvertising within Bing Chat conversations highlights the expanding frontier of cyber threats and makes it crucial for users to be wary of chatbot results and always double-check URLs before downloading anything.
CISA Kicks Off Cybersecurity Awareness Month With New Program
Article Link: https://www.securityweek.com/cisa-kicks-off-cybersecurity-awareness-month-with-new-program/
- To celebrate the 20th Cybersecurity Awareness Month, CISA has launched a new program, meant to promote four critical actions that businesses and individuals can take to improve cybersecurity.
- As part of this awareness-raising initiative, CISA is encouraging small to medium-sized businesses (SMBs), individuals, and families to use strong passwords, to turn on multi-factor authentication, to be wary of unsolicited messages and report them, and to always keep their software updated.
- Link to CISA’s Awareness Campaign Video: https://youtu.be/4E6a-8HuccA?si=hfrjN0MDr-TxGFFT
Johnson Controls Ransomware Attack Could Impact DHS
Article Link: https://www.securityweek.com/johnson-controls-ransomware-attack-could-impact-dhs/
- Sensitive Department of Homeland Security (DHS) information might have been compromised in a recent ransomware attack aimed at the government contractor Johnson Controls International.
- While the company did not share information on the type of cyberattack it had suffered, the disruptions are indicative of file-encrypting ransomware being deployed on the company’s internal systems.
- An internal DHS memo reportedly states that Johnson Controls holds documents depicting “the physical security of many DHS facilities”, such as floor plans and security information, and that these documents might have been stored on the compromised servers.
Cisco Catalyst SD-WAN Manager Flaw Allows Remote Server Access
Article Link: https://www.bleepingcomputer.com/news/security/cisco-catalyst-sd-wan-manager-flaw-allows-remote-server-access/
- Cisco is warning of five new Catalyst SD-WAN Manager product vulnerabilities with the most critical allowing unauthenticated remote access to the server.
- The most severe of the disclosed flaws impacting the product is CVE-2023-20252 (CVSS v3.1: 9.8), which allows unauthorized access due to issues with the Security Assertion Markup Language (SAML) APIs.
- None of the flaws are reported as actively exploited, yet upgrading to the recommended versions should be treated with urgency.
Cybersecurity Gaps Plague US State Department, GAO Report Warns
Article Link: https://www.darkreading.com/cloud/cybersecurity-gaps-plague-state-department-gao-report
- The federal department that oversees the US diplomatic corps abroad suffers a serious lack of visibility into the cyber threats it faces and the security vulnerabilities it’s harboring.
- The report noted the department also faces challenges in implementing its incident response program, updating and testing information system contingency plans, and configuring its inventory database properly.
- The State Department’s CIO also faces limitations in securing IT systems due to shared management responsibilities and poor communication, the report added.
Great Security Training is a Real Challenge
Article Link: https://www.helpnetsecurity.com/2023/09/14/security-training-challenge/
- All employees need security training, yet it’s generally a resented afterthought. A variety of studies over the last few years show that human error is generally felt to be the largest vulnerability in organizations.
- Everyone claims to take security seriously, but if CISOs and department leads are not regularly and frequently (this is the key part) refreshing, testing, or even deploying red team tactics against all employees, then they are not being totally honest with themselves.
- Technical and line-of-business people alike must understand what the major areas of risk are for the business and their own roles. Make it safe for people to check in or admit fault when they take their training back to the real world.
