List of IPs and Domains Targeting the Russian Infrastructure with DDoS Was Made Public by the Govt
As the conflict between Russia and Ukraine rages on, the Russian government published yesterday a massive list containing 17,576 IP addresses and 166 domains that seem to be behind a
Suricata: What is it and How Can We Use it
What is Suricata? Suricata is an open-source detection engine that can act as an intrusion detection system (IDS) and an intrusion prevention system (IPS). It was developed by the Open
Why You Should Start Using Two-Factor Authentication Now
Two-factor authentication, also called multiple-factor or multiple-step verification, is an authentication mechanism used to double-check that your identity is legitimate. How Does Two-Factor Authentication Work? When you want to sign
5 Key Benefits of Digitalizing Your Business’ Payments and Collections
As a business person, you become more empowered if you know more about your cash flow and how technology works. Nevertheless, one gets completely involved in other daily issues, which
Victims of the T-Mobile 2021 Data Leak Are in Danger of Identity Theft
On August 14, 2021, a database holding the data of 30 million consumers was put up for sale on a hacker site for six bitcoins ($280K). The threat actors had
NSA report: This is how you should be securing your network
The National Security Agency (NSA) has released a new report that gives all organizations the most current advice on how to protect their IT network infrastructures from cyberattacks. NSA’s report
Get patching now: CISA adds another 95 flaws to its known exploited vulnerabilities list
The US Cybersecurity and Infrastructure Security Agency (CISA) just added a whopping 95 new bugs to its catalogue of known exploited vulnerabilities, including multiple critical Cisco router flaws, Windows flaws
These are the problems that cause headaches for bug bounty hunters
Bug bounty programs have become an invaluable channel for the disclosure and remediation of vulnerabilities, but like any industry, they come with their own set of problems. Ukraine Crisis Bug
Nearly All Cybersecurity Companies Expose AWS Assets – Report
Study uncovers 200,000 such assets across 35 vendorsRead More: https://www.infosecurity-magazine.com/news/cybersecurity-companies-expose-aws/
Over 60% of SOC Analysts Are Planning to Quit Next Year
Report reveals SecOps teams are overworked and understaffedRead More: https://www.infosecurity-magazine.com/news/60-soc-analysts-planning-quit-next/
Zero Trust Explained: What It Is and How It Can Benefit Your Company
In the digital world, security is a top priority. The internet is riddled with hackers, phishers, and other cybercriminals who are always looking for ways to steal data and money
Russian Claims YouTube “Misinformation” to Blame for Protests
In the meantime, Ukrainian sites are being hacked to spread fake newRead More: https://www.infosecurity-magazine.com/news/russian-youtube-misinformation/
How to Report Email Fraud
Have you, a colleague or a friend ever received a suspicious email? It is of paramount importance to know how to report email fraud in order to avoid all the
Elon Musk warns to use Starlink 'with caution' in Ukraine
Days after sending SpaceX Starlink internet terminals to Ukraine, Elon Musk is warning people there to “please use with caution.” As a non-Russian communications system, the Starlink satellite internet service
Some 'Smol' NFTs returned after Treasure marketplace exploit leads to theft
Hackers who exploited a vulnerability in NFT marketplace Treasure began returning most of the “Smol Brain” and “Legion” NFTs they stole on Thursday. The people behind the attack were able
Twitch to ban users who persistently share 'harmful misinformation'
By Ink Drop — Shutterstock Under Twitch’s latest content policy update, the streaming platform said it will ban “harmful misinformation actors” from using its service. “We’re proud that Twitch can
Ukrainian cities hit with blackouts after attacks on energy infrastructure
Multiple cities in Ukraine are experience power outages due to the ongoing invasion by Russian forces that started last week. Global internet access tracker NetBlocks shared data showing widespread internet
Treasury Department sanctions alleged Russian cyber-espionage, disinformation sources
Written by Suzanne Smalley Mar 3, 2022 | CYBERSCOOP The Biden administration on Thursday sanctioned Russian oligarchs and organizations for their role in spreading disinformation and supporting Russian President Vladimir
Cisco stands on guard with our customers in Ukraine
As the Russia-led invasion intensifies, Ukraine is being attacked by bombs and bytes. Cisco is working around the clock on a global, company-wide effort to protect our customers there and
75% of Tested Smart Infusion Pumps Vulnerable to Hacking
As of 2020, about 80% of hospitals in the United States were using smart infusion pumps. Palo Alto Networks Unit 42 researchers analyzed data crowdsourced from over 200,000 network-linked infusion
ICANN rejects Ukraine's request to block Russia from the internet
Following Russia’s invasion, Ukraine had asked the Internet Corporation for Assigned Names and Numbers (ICANN) to revoke Russia’s top-level domains (TLD), such as .ru, .рф, and .su be revoked along with the
We’re Now Blocking 10,000 Requests Per Hour in Ukraine From Known Malicious IPs
WordFence – 48 hours ago we deployed our commercial real-time threat intelligence automatically, and for free, to all Ukrainian websites with the .UA top-level domain. That has made over 8,000
Cyber-Attack on New York Ethics Watchdog
Servers of Joint Commission on Public Ethics targeted by cyber-criminals Read More: https://www.infosecurity-magazine.com/news/cyber-attack-on-new-york-ethics/
HHS Issues Threat Warning to US Healthcare Sector
Healthcare organizations told they could be targeted by cyber-attacks linked to Russian invasion of Ukraine Read More: https://www.infosecurity-magazine.com/news/hhs-issues-warning-us-healthcare/
Phishing Campaign Targeted Those Aiding Ukraine Refugees
A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians. Cyberattackers used a compromised Ukrainian military email address to phish EU government employees who’ve
Most Disclosed ICS Vulnerabilities are Low Complexity
Past four years sees surge in ICS vulnerability disclosures with most vulnerabilities of low complexity Read More: https://www.infosecurity-magazine.com/news/ics-vulnerabilities-low-complexity/
Russia Leaks Data From a Thousand Cuts–Podcast
It’s not just Ukraine: There’s a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking
Emerging nations more open to cryptocurrency, see long-term potential
Emerging markets are more open towards cryptocurrency than developed nations, with residents in the former more likely to have invested in it. Those in developing Asia-Pacific nations are most familiar
Intel debuts vPro enterprise platform supported by 12th-gen processor range
Intel has debuted the vPro computing platform, supported by 12th-gen processors, with hybrid work and enhanced security in mind for today’s businesses. Hybrid and remote working arrangements are now a
From Promise to Profit: How MSPs Can Make Money in AI and IoT
Artificial intelligence and internet of things are among the biggest opportunities in IT today. As demand—and customer inquiries—ramp up, managed service providers should start to know how to answer questions
Ukrainian military emails hacked to phish and steal refugee data
Threat actors are using the hacked accounts for phishing scams targeting European government officials to steal Ukrainian refugees and supply data. A newly discovered phishing campaign uses compromised email accounts
SMBs Need to Go on the Offensive with Cyber Security
Recently there has been a push for more proactive cyber security strategies, even to the point of organizations going on the offensive to find and stop bad actors before they
#CCSE22: Why Are Organizations Getting Zero Trust “Wrong”?
A star-studded panel discussion explored implementing zero trust and reducing overall riskRead More: https://www.infosecurity-magazine.com/news/ccse22-zero-trust-wrong/
Personal data from T-Mobile breach still spreading on dark web, state governments warn
Written by Joe Warminsky Mar 3, 2022 | CYBERSCOOP The top law enforcement officials from multiple states are alerting people affected by an August 2021 breach at T-Mobile that their
Securing Data With a Frenzied Remote Workforce–Podcast
Stock the liquor cabinet and take a shot whenever you hear GitLab Staff Security Researcher Mark Loveless say “Zero Trust.” The baby upchucks. The dog loudly informs you that she’s
#CCSE22: The Latest Cybersecurity Workforce Trends
ISC(2) provided a deepdive insight into the current state of the cybersecurity workforceRead More: https://www.infosecurity-magazine.com/news/latest-cybersecurity-workforce/
Security researchers warn of phishing attempts against officials helping refugees
Staff at organisations involved in the efforts to aid refugees from the conflict in Ukraine have been targeted by what security researchers describe as a likely state-sponsored phishing campaign that
US launches KleptoCapture force to tackle cryptocurrency use in Russian sanction avoidance
The US government has launched a new initiative to tackle the use of cryptocurrency and assets to circumvent new sanctions imposed on Russia. On Wednesday, Attorney General Merrick Garland, through
Old Critical Vulnerabilities Impact More Than 100,000 Medical Infusion Pumps
According to data gathered from over 200,000 network-connected medical infusion pumps used to deliver medication and fluids to patients, 75% of them have known security flaws that threat actors could
Countries Assisting Ukraine Refugees Targeted in Phishing Cyberattacks
European government personnel involved in helping Ukraine refugees with logistics support has been the target of a spear-phishing campaign, a new report underlines. Spear-Phishing Campaign Against Countries Helping Ukraine Refugees
Log4Shell flaw: Still being used for crypto mining, botnet building… and Rickrolls
Log4Shell, the critical bug in Apache’s widely used Log4j project, hasn’t triggered the disaster that was feared, but it’s still being exploited and predominantly from cloud computers in the US.
Vulnerability Exploit Attempts Surge Tenfold Against Ukrainian Websites
Thirty Ukrainian university sites compromised during first days of invasionRead More: https://www.infosecurity-magazine.com/news/vulnerability-exploit-attempts/
Russia Denies Satellite Hacking and Warns of Wider War
Roscosmos boss says such a provocation would be causus belliRead More: https://www.infosecurity-magazine.com/news/russia-denies-satellite-hacking/
NATO Completes Quantum-Safe Comms Test
UK company’s VPN could mitigate risk of quantum computer hackingRead More: https://www.infosecurity-magazine.com/news/nato-completes-quantumsafe-comms/
Help for Ukraine: Free decryptor for HermeticRansom ransomware
Avast – On February 24th, the Avast Threat Labs discovered a new ransomware strain accompanying the data wiper HermeticWiper malware, which our colleagues at ESET found circulating in the Ukraine.
Singapore to set up digital intelligence unit as cyber threats intensify
Singapore is building a new digital intelligence unit within its armed forces that will look to boost the country’s defence against cyber threats. The government has described the move as
'Several combinations of social engineering' used during cyberattack on camera maker Axis
Camera maker Axis released more details about a cyberattack that started on the night of Saturday, February 19. In its initial messages on its website, the Swedish camera giant said it got
TeaBot Trojan Haunts Google Play Store, Again
Malicious Google Play apps have circumvented censorship by hiding trojans in software updates. The TeaBot banking trojan – also known as “Anatsa” – has been spotted on the Google Play