Blacksite's Intelligence Report - Week of June 23rd, 2022
The Blacksite Weekly Intelligence Report
NSO Confirms Spyware Pegasus Being Used by European Countries
Israeli spyware vendor NSO Group admitted to EU lawmakers that its Pegasus tool was used by at least five countries in the region. The company stressed the need for an international standard to regulate the government use of spyware. The disclosure comes as a special inquiry committee was launched in April 2022 to investigate alleged breaches of E.U. law following revelations that the company's spyware is being used to snoop on politicians, diplomats, and civil society members. The European Data Protection Supervisor (EDPS) called for a ban on the development and the use of commercial spyware in region.
More information: https://www.politico.eu/article/pegasus-use-5-eu-countries-nso-group-admit/
NSA Recommends Securing Devices with Powershell
The National Security Agency and cybersecurity partner agencies issued an advisory today recommending system administrators to use PowerShell to prevent and detect malicious activity on Windows machines. The NSA and cyber security centers in the U.S. (CISA), New Zealand (NZ NCSC), and the UK (NCSC-UK) have created a set of recommendations for using PowerShell to mitigate cyber threats instead of removing or disabling it. The agencies propose turning on features like Deep Script Block Logging (DSBL), Module Logging, and Over-the-Shoulder transcription (OTS).
More information: https://media.defense.gov/2022/Jun/22/2003021689/-1/-1/1/CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_AND_EMBRACE_20220622.PDF
Mark of Web Feature Now Supported in 7-Zip
7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files. Windows adds a special 'Zone.Id' alternate data stream to the file called the Mark-of the-Web (MoTW) This identifier tells Windows and supported applications that the file was downloaded from another computer or the Internet and, therefore, could be a risk to open. Microsoft Office will also check for the MoTW, and if found, it will open documents in Protected View, with the file in read-only mode.
More information: https://textslashplain.com/2016/04/04/downloads-and-the-mark-of-the-web/
Google Chrome Browser Extensions Can Be Fingerprinted
A researcher has created a website that uses your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. The fingerprinting site is called 'Extension Fingerprints' that can generate a tracking hash based on a browser's installed Chrome extensions. Some of the extensions that the website will identify are uBlock, LastPass, Adobe Acrobat, Honey, Grammarly, Rakuten, and ColorZilla. The site only works with Chromium browsers installing extensions from the Chrome Web Store.
More information: https://www.infosecurity-magazine.com/news/chrome-extensions-track-users/
How Blacksite ZTNA Can Help Protect Your Business Against Cyber Threats
The first step in protecting your company against cyber threats is to make sure you have a solid cybersecurity plan. A cybersecurity plan helps you make sure that your company has the proper safeguards in place to protect your business. Expert security company Blacksite can help you with all your cybersecurity needs. At Blacksite we can help your company develop a cybersecurity plan that is tailored to your business needs. Blacksite implements the latest ZTNA technology to keep your business apps, data, and services safe from prying eyes and potential cybersecurity threats that you might experience in the future. Blacksite specializes in providing cybersecurity solutions in data protection, risk management, encryption, cyber security strategy, and cyber security education at an affordable price to accommodate your business whether it’s a small family owned to that of the size of a fortune 500.
More information: https://blacksite.solutions/products
Please contact us and we’ll be glad to assist you.
Become invisible, become secure.