CISA and the FBI issue an advisory with technical details, and urge organizations to increase their monitoring of Microsoft Exchange Online environments. Read More
The CyberWire
The all in one place for non-profit security aid.
CISA and the FBI issue an advisory with technical details, and urge organizations to increase their monitoring of Microsoft Exchange Online environments. Read More
The CyberWire
Microsoft fixes Windows zero-day exploited in QakBot malware attacks
Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems. […] Read More
Wireshark 4.2.3 Released: What’s New!
[[{“value”:”
Wireshark, the most popular network protocol analyzer worldwide, has released version 4.2.3, which includes new features and upgrades.
Wireshark, a well-known open-source network protocol analyzer, enables users to view and record network data in real time. Important features include its rich protocol support, user-friendly design, active community and updates, customizable output, powerful filtering tools, and search capabilities.
It permits in-depth analysis of network traffic for the following uses:
Troubleshooting
Analysis
Security purposes
Development
Education
Wireshark 4.2.3 offers bug fixes, enhanced protocol support, and additional improvements.
#Wireshark 4.2.3 has been released. Enjoy.https://t.co/ki99oJzoD1
You can keep these releases coming by donating at https://t.co/qieuMbDyZ4
— Wireshark Foundation (@WiresharkNews) February 14, 2024
Document
Live Account Takeover Attack Simulation
How do Hackers Bypass 2FA?
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks
.
Capture start fails when the file set is enabled and file extension is not supplied if the directory contains a period. Issue 14614.
Cannot drag and move custom filter buttons in toolbar. Issue 19447.
Not equal won’t work when used with wlan.addr. Issue 19449.
sshdump fails to connect with private key (ssh-rsa) Issue 19510.
ChmodBPF installation fails on macOS Sonoma 14.1.2. Issue 19527.
Windows installers should check for Windows 8.1. Issue 19569.
Fuzz job crash output: fuzz-2024-01-05-7725.pcap. Issue 19570.
Fuzz job crash output: fuzz-2024-01-06-7734.pcap. Issue 19578.
Incorrect recursion depth asserts failure when dissecting a legitimate GOOSE message. Issue 19580.
OPC UA – large read request is reported as malformed in 4.2.1 but not in 4.0.12. Issue 19581.
TFTP dissector bug type listed as netscii instead of netascii doesn’t show all TFTP packets including TFTP blocks. Issue 19589.
SMB1 replies from LAN Drive app only show up as NBSS Continuation Message. Issue 19593.
ciscodump – older SSH key exchange algorithms not supported. Issue 19594.
Problem decoding LAPB/X.25/FTAM after adding X.75 decoding. Issue 19595.
Wireshark Filter not working. Issue 19604.
CFLOW: failure to decode 0 length data fields of IPFIX variable length data types. Issue 19605.
Copy …as Printable Text Feature Missing in 4.1/4.2. Issue 19607.
Export Objects – HTTP is missing some HTTP/2 files in a two-pass analysis. Issue 19609.
ASAM-CMP Plugin: Malformed message, length mismatch if vendor-defined data of status messages has odd length. Issue 19626.
OSS-Fuzz 66561: wireshark:fuzzshark_ip_proto-udp: Null-dereference READ in wmem_map_lookup. Issue 19642.
ASAM CMP, CAN, CFLOW, CMIP, CMP, DAP, DICOM, DISP, E2AP, GLOW, GOOSE, GTP, GTPv2, H.225, H.245, H.248, HTTP2, IEEE 1609.2, IEEE 1722, IPv4, IPv6, ISO 15765, ISUP, ITS, Kerberos, LDAP, MMS, NBT, NRUP, openSAFETY, P22, P7, PARLAY, RTMPT, RTP, SCSI, SOME/IP, T.38, TCP, TECMP, TFTP, WOW, X.509if, X.509sat, X.75, X11, Z39.50, and ZigBee Green Power.
pcap and pcapng
“If you are upgrading Wireshark 4.2.0 or 4.2.1 on Windows you will need to download and install Wireshark 4.2.3 or later by hand”, reads the Wireshark release notes.
The majority of UNIX and Linux vendors provide their own Wireshark packages. Typically, the package management system peculiar to that platform can be used to install or update Wireshark. The download page of the Wireshark website has a list of third-party packages.
To get the most recent version of Wireshark (Wireshark 4.2.3) from the Wireshark Foundation, you can visit the official download page that you can access here.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post Wireshark 4.2.3 Released: What’s New! appeared first on Cyber Security News.
“}]] Read More
Cyber Security News
60% of small businesses are concerned about cybersecurity threats
[[{“value”:”
According to a recent poll by the US Chamber of Commerce, 60% of small businesses are concerned about cybersecurity threats, and 58% are concerned about a supply chain breakdown.
Not surprisingly, small businesses in the professional services sector feel significantly more concerned about cybersecurity threats than those in manufacturing or services, but the poll explains that they also feel more prepared to handle them.
“The small businesses most concerned about cybersecurity threats include businesses with 20-500 employees (74%) and businesses in the professional services industry (71%). On the other hand, small businesses that are least likely to say they are prepared for cyber threats include businesses in the manufacturing sector (61%), female-owned businesses (68%), and businesses in average health (64%).”
Services businesses are right to be concerned. The most serious cyberthreat faced by organizations is ransomware, and on any given month, in almost any country, the services sector is the one hardest hit by ransomware.
However, while the services sector suffers more attacks than manufacturing, the difference has been steadily narrowing, so that it is almost insignificant
Known ransomware attacks by industry sector, February 2024
Small businesses are not sitting on their hands though. 49% say they have trained staff on cybersecurity measures in the past year, 23% think they are “very prepared” to handle cyberthreats, and 50% feel “somewhat prepared.”
It’s no surprise that small businesses are concerned—they have limited resources, and yet they need to be ready to fight off the same sophisticated criminal gangs as the biggest enterprises.
And, as you can read in our 2024 State of Malware report, cybercriminals continue to evolve their tactics. They like to use social engineering, and vulnerabilities in internet-connected devices and services, rather than old-fashioned malware to infiltrate systems and networks. And once they’ve broken in to a company network, they are increasingly turning to legitimate tools instead of malware to carry out their attacks, a tactic known as living-off-the-land (LOTL)
This requires a different approach and security solutions capable of dealing with these threats.
We don’t just report on threats—we block and remove them.
ThreatDown can help small business to be secure. Choose the ThreatDown bundle that’s right for your organization.
“}]] Read More
Malwarebytes