#RSAC: How To Deal With a Panicked C-Suite During a Ransomware Event
Carol Barkes discussed the physiological considerations a CISO should consider when dealing with a panicked C-suiteRead More: https://www.infosecurity-magazine.com/news/rsac-csuite-ransomware-event/
FBI cybercrime seizure takes down one-time Ukraine IT Army collaborator
Written by AJ Vicens Jun 8, 2022 | CYBERSCOOP On May 31, the U.S. Department of Justice announced that it had seized a trio of domains as part of an
#RSAC: The Most Dangerous Attacks of 2022
A panel discussion at RSA gave organizations a chance to prioritize upcoming attack vectorsRead More: https://www.infosecurity-magazine.com/news/rsac-the-most-dangerous-attacks/
Implementing effective OT security posture
Written by CyberScoop Staff Jun 8, 2022 | CYBERSCOOP Operational technology (OT) has long been part of a technology environment that functions apart from most enterprise IT operations. That has
Experts say ransomware could be bigger threat for campaigns in 2022
Written by Tonya Riley Jun 8, 2022 | CYBERSCOOP With the 2022 election season around the corner, campaigns of all sizes need to be prepared for a widened set of
How one paper just blew up Bitcoin's claim to anonymity
By Jiap — Shutterstock It has been a totem of the cryptocurrency community that the numeric addresses of Bitcoin and other wallets will protect the identity of those using them
Vendor Security Network Boosted With Whistic Announcing $35m Funding Round
Vendor assessment process expert Whistic announced the closing of its Series B Funding on Tuesday.Read More: https://www.infosecurity-magazine.com/news/vendor-security-whistic-funding/
Cyberspace Solarium congressman, water officials decry EPA inaction on cybersecurity
Written by Suzanne Smalley Jun 8, 2022 | CYBERSCOOP Rep. Jim Langevin, D-R.I., is sounding the alarm over what he describes as continued inaction by the Environmental Protection Agency (EPA)
CISA Reveal Chinese Hackers Tactics Targeting US Telecoms and Network Service Providers
CISA published a new advisory warning organizations about China-based, state-sponsored cyber-attacksRead More: https://www.infosecurity-magazine.com/news/cisa-reveal-chinese-hackers/
Fed cyber officials detail Chinese state hackers using common exploits against telcos
Written by AJ Vicens Jun 8, 2022 | CYBERSCOOP Chinese hackers have targeted and compromised “major telecommunications companies and network service providers” by exploiting publicly known vulnerabilities in a range
Telegram Shared Personal User Data With German Authorities
The popular messenger app has transferred the data of its users to the German Federal Criminal Police Office. Telegram handed over users’ personal details to the German Federal Criminal Police
How XDR Solutions Can Help You Achieve Zero Trust
As cyber risk continues to increase, organizations need to resort to new frameworks, architectures, and technologies to stay safe and secure. Enterprises’ attack surfaces are getting wider and attackers are
Taming the Digital Asset Tsunami
Rob Gurzeev, CEO and Co-Founder of CyCognito, explores external attack surface soft spots tied to an ever-expanding number of digital assets companies too often struggle to keep track of and
#RSAC: How the US Government and Industry Work Together to Stop Cyber-Attacks
Government and law enforcement officials joined with Microsoft outlined how they took down the most impactful nation-state attackersRead More: https://www.infosecurity-magazine.com/news/rsac-how-government-and-industry/
Paying Ransomware Paints Bigger Bullseye on Target’s Back
Ransomware attackers often strike targets twice, regardless of whether the ransom was paid. Paying ransomware attackers doesn’t pay off and often paints a bigger target on a victim’s back. Eighty
Blackguard malware analysis
Blackguard malware is a popular stealer with recent tactics, techniques and procedures present and capable of stealing sensitive information from the victims’ machines. Blackguard is a kind of MaaS (malware-as-a-service)
World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized
Security Intelligence – World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized Home / Advanced Threats World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized Share On
OffSec Live
OffSec Live June 8th, 2022 Offensive Security .entry-content h3 { font-weight: bold; padding-bottom: 10px; } .entry-content h4 { padding-bottom: 10px; font-weight: 600 !important; } .article-header { display: none !important; }
Chinese State-backed Actors Hack Telecom Firms to Steal Data
An advisory recently published by multiple US federal agencies shows that Chinese state-backed cybercriminals have attacked and impacted important telecommunications organizations and network service providers in order to snatch credentials
How to Recover From a Ransomware Attack
The results of a ransomware attack are different for every organization. You might have paid the ransom and the hackers came through with their end of the deal, i.e. gave you
Black Basta Ransomware Teams Up with Malware Stalwart Qbot
The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found. A newcomer on the ransomware scene has coopted
NSA, FBI warning: Hackers are using these flaws to target VPNs and network devices
Image: Dzelat/Shutterstock The US is warning that hackers working for China have been exploiting publicly known flaws in network devices as part of broader attacks to steal and manipulate network
Deadbolt Ransomware Uses Multi-Tiered Extortion
In January 2021, news surfaced of a ransomware strain known as Deadbolt that targets backups and is intended at serious home users, hobbyists, and small companies. Deadbolt is designed to
Ransomware Pressure Forces UK CISOs to Consider Quitting
Stress levels mount for security leaders and SecOpsRead More: https://www.infosecurity-magazine.com/news/ransomware-pressure-cisos-consider/
Android security: Google updates fix these five critical vulnerabilities
Google’s Android security updates for June 2022 fix 41 vulnerabilities, including five classed as critical. The updates, for the Android operating system versions 10, 11 and 12, have been detailed
US and Euro Police Smash Cybercrime Marketplace
SSNDOB domains seized in coordinated operationRead More: https://www.infosecurity-magazine.com/news/us-and-euro-police-smash/
Attacker Dwell Time Surges 36% in 2021
Sophos data spells bad news for victim organizationsRead More: https://www.infosecurity-magazine.com/news/attacker-dwell-time-surges-36-in/
Cyber Security Giant Mandiant Denies Hacking Claims By LockBit Ransomware
According to a Mandiant representative, the company was aware of LockBit 2.0 claims, but there was no evidence of a cyberattack as yet. The infamous ransomware-as-a-service group using a variant of
#RSAC: Collective Effort Required to Strengthen National Cybersecurity
The government and private sector must pool expertise to protect against cyber-threats, says panel at RSARead More: https://www.infosecurity-magazine.com/news/collective-strengthen-national/
Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques
Trend Micro – Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a new malware variant
#RSAC: Schneier Declares AI Hacking Will Favor Defense
Bruce Schneier imagines a future of AI hacks and concludes that AI will favor the defense Read More: https://www.infosecurity-magazine.com/news/rsac-schneier-ai-hacking/
FBI takes down dark web marketplace for U.S. citizen personal data
Written by Tonya Riley Jun 7, 2022 | CYBERSCOOP The FBI on Tuesday seized an illicit marketplace that has made millions selling the personal data of roughly 24 million U.S.
#RSAC: Cryptographers Panel Outlines Perils of Adversarial AI and Blockchain
Leaders of cryptography took to the RSA Conference keynote stage to debate AI and blockchainRead More: https://www.infosecurity-magazine.com/news/rsac-panel-perils-ai-blockchain/
#RSAC: Cybersecurity Industry Can Provide Soulful Jobs for Technologists Tired of Soulless Social Media Employers
The cybersecurity industry must capitalize, argued Bryan Palmer during his keynote talk at the RSA ConferenceRead More: https://www.infosecurity-magazine.com/news/rsac-cybersecurity-social-media/
How to use AI in cybersecurity?
Let’s talk about how AI in cybersecurity protects the corporate networks of companies. Technological progress has not only pleasing but also bad consequences. Together with the accelerated pace of corporate
SUSE doubles down on security in its latest SUSE Linux Enterprise 15 release
Security is a primary consideration of Linux and open-source software today. So when European Linux giant SUSE released the SUSE Linux Enterprise 15 Service Pack 4 (SLE 14 SP4) it came
#RSAC: The Growing Relevance and Challenges of Privacy
Privacy is becoming a business issue, according to a panel of chief privacy officers at the RSA Conference 2022Read More: https://www.infosecurity-magazine.com/news/relevance-challenges-privacy/
Russian Ministry Website Hacked to Display “Glory To Ukraine” Message
The targeted website which belongs to the Russian Ministry of Construction, Housing, and Utilities, was also asked to pay a 0.5 BTC ransom to avoid the leak of stolen user
Google Publishes Monthly Android Security Bulletin, Patches Critical Vulnerabilities
Google published its Android security bulletin for June on Monday, which includes details of over 40 vulnerabilitiesRead More: https://www.infosecurity-magazine.com/news/google-android-security-patches/
Apple's Safety Check combats domestic abuse but timing its use is critical
Apple has debuted a new mobile tool to wrestle away control in coercive, domestic violence situations — but timing is crucial if you have to use this feature. The feature,
DOJ changes to CFAA guidance are overhyped, lawyers say
Written by Suzanne Smalley Jun 7, 2022 | CYBERSCOOP There are not many things that Andrew Crocker, who has long fought against the Computer Fraud and Abuse Act (CFAA) as
Get Back in the Groove —10 Things You Don’t Want to Miss at ChannelCon 2022
From networking opportunities to interactive community meetings to insightful presentations and best practices discussions, there are plenty of reasons to attend ChannelCon 2022, Aug. 2-4, in Chicago. Learn how to
Evil Corp Hacker Group Changes Ransomware Tactics to Evade US Sanctions
The Russian hacker group has shifted tactics and tools with an aim to continue profiting from its nefarious activityRead More: https://www.infosecurity-magazine.com/news/evil-corp-changes-ransomware/
Cross-Site Scripting Vulnerability In Download Manager Plugin
WordFence – On May 30, 2022, Security Researcher Rafie Muhammad reported a reflected Cross-Site Scripting (XSS) vulnerability to us that they discovered in Download Manager, a WordPress plugin installed on
Hackers are now hiding inside networks for longer. That's not a good sign
The amount of time cyber criminals intruders are spending inside victims’ networks is increasing, providing them with the ability to carry out higher complexity campaigns and more damaging cyber attacks.
Ransomware Gangs Now Employ a New Technique
Threat analysts have recently noticed a surprising tendency in ransomware gang strategies. According to them, the initial stages of victim extortion are becoming less visible to the public, as cybercriminals
Cyber Risk Retainers: Not Another Insurance Policy
The costs associated with a cyberattack can be significant, especially if a company does not have an Incident Response plan that addresses risk. The one-two punch of a cyberattack can
Behind the stage: Conti Leaks before and after
The Ukraine conflict comes to significant attention from the cybersecurity community because of cyberattacks conducted against Ukraine’s infrastructure. One threat group that has increased its operations is Conti Ransomware Group.