2020, Backups, Blog and Internet - Cyber Security Informer

Microsoft Patch Tuesday, May 2020 Edition

Krebs on Security

MAY 12, 2020

” For example, Satnam Narang from Tenable notes that two remote code execution flaws in Microsoft Color Management ( CVE-2020-1117 ) and Windows Media Foundation ( CVE-2020-1126 ) could be exploited by tricking a user into opening a malicious email attachment or visiting a website that contains code designed to exploit the vulnerabilities.

Backups

Backups Software Risk Media

Microsoft Patch Tuesday, April 2020 Edition

Krebs on Security

APRIL 14, 2020

Near the top of the heap is CVE-2020-1020 , a remotely exploitable bug in the Adobe Font Manager library that was first detailed in late March when Microsoft said it had seen the flaw being used in active attacks. A reliable backup means you’re not losing your mind when the odd buggy patch causes problems booting the system.

Backups

Backups Software Internet Internet

‘Wormable’ Flaw Leads July Microsoft Patches

Krebs on Security

JULY 14, 2020

Top of the heap this month in terms of outright scariness is CVE-2020-1350 , which concerns a remotely exploitable bug in more or less all versions of Windows Server that attackers could use to install malicious software simply by sending a specially crafted DNS request. .” Thankfully, I was able to restore from a recent backup.

DNS

DNS Backups System Administration Software

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

This World Backup Day, Our Customers Do the Talking

Webroot

MARCH 31, 2021

Are you taking the pledge this World Backup Day? Now in its tenth year, World Backup Day remains one of our favorite reminders of the risks of not backing up the data we hold dear. Numbers are great, and necessary for showing the scope of the problem, but I wanted to see how data loss—and backups—affect real people.

Backups

Backups Data preservation Ransomware Encryption

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

. “Snatch threat actors have been observed purchasing previously stolen data from other ransomware variants in an attempt to further exploit victims into paying a ransom to avoid having their data released on Snatch’s extortion blog,” the FBI/CISA alert reads. “Experience in backup, increase privileges, mikicatz, network.

Ransomware

Ransomware Accountability Cybercrime Backups

Microsoft Patch Tuesday, February 2020 Edition

Krebs on Security

FEBRUARY 11, 2020

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. That vulnerability, assigned as CVE-2020-0674 , has been patched with this month’s release.

Backups

Backups Malware Internet Internet

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. As an enterprise security team, you could restrict internet access at your egress points, but this doesn’t do much when the workforce is remote. Back up your data and secure your backups in an offline location.

Ransomware

Ransomware Risk Internet Internet

The Upcoming U.S. Labor Day Weekend is a Reminder to Avoid Repeating History

CyberSecurity Insiders

SEPTEMBER 2, 2021

Backup everything, test everything – Before shutting down devices for the weekend, security teams should backup all data and supporting IT infrastructure. Once completed, teams should test the backups to ensure they can handle an attack. More information on ransomware defense and mitigation is available here.

Backups

Backups Ransomware Phishing Security Awareness

NIST’s ransomware guidelines look a lot like cyber resilience

Webroot

AUGUST 27, 2021

Already in 2020, according to the report: 2,4000 governmental agencies, healthcare facilities and schools had been hit with ransomware $350 million had been paid out ransomware actors, a 311% increase over 2019 It was taking 287 days on average for a business to fully recover from a ransomware attack.

Ransomware

Ransomware Backups Antivirus Security Awareness

Sysrv Botnet Variant Targets Windows, Linux, Infects Crypto Miners, says Microsoft

Security Boulevard

MAY 23, 2022

“We highly recommend organizations to secure internet-facing systems, including timely application of security updates and building credential hygiene,” Microsoft added. At its core, Sysrv is a worm and a cryptocurrency miner, Cujo AI, a cyberseucrity company, said in a September 2021 blog. Sysrv was first discovered in December 2020.

Cryptocurrency

Cryptocurrency Backups Malware Passwords

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

Perform regular data backup procedures and maintain up-to-date incident response and recovery procedures. Isolate Internet-facing services in a network Demilitarized Zone (DMZ) to reduce the exposure of the internal network [ D3-NI ]. Disable external management capabilities and set up an out-of-band management network [ D3-NI ].

Telecommunications

Telecommunications Authentication Passwords Accountability

Ransomware, BEC and Phishing Still Top Concerns, per 2021 Threat Report

Webroot

APRIL 21, 2021

Although cybercriminal activity throughout 2020 was as innovative as ever, some of the most noteworthy threat activity we saw came from the old familiar players, namely ransomware, business email compromise (BEC) and phishing. By September 2020, the average ransom payment peaked at $233,817. “In

Threat Reports

Threat Reports Phishing Ransomware Backups

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. implement offline storage and tape-based backup. In 2020 groups were demanding as much as $30 million to unlock a victim’s files and systems. How not to disclosure a Hack.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

sys “) by triggering the CVE-2020-15368 flaw to execute malicious code in the Windows kernel. Maintain known-good offline backups for faster recovery upon a disruptive attack, and conduct hashing and integrity checks on firmware and controller configuration files to ensure validity of those backups. Pierluigi Paganini.

Passwords

Passwords Architecture Backups Cyber Attacks

Post-Quantum Cryptography: Lessons Learned from SHA-1 Deprecation

Security Boulevard

JULY 21, 2022

Since 2020, chosen-prefix attacks against SHA-1 are feasible. The results of our analysis clearly show that, while the most popular websites have done a good job of migrating away from SHA-1 certificates, a significant portion of the Internet continues to rely on them,” said Walter Goulet, a cloud solutions product manager at Venafi, in 2017.

Encryption

Encryption Authentication Architecture Backups

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

In its State of Container and Kubernetes Security Fall 2020 survey, StackRox found that 90% of respondents had suffered a security incident in their Kubernetes deployments in the last year. In order to use etcd, organizations need to have a backup plan for the highly sensitive configuration data that they’d like to protect with this store.

Advertising

Advertising Internet Internet VPN

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

eSecurity Planet

JANUARY 28, 2022

The enterprise software and cloud giant said in a blog post this week that during the last six months of the year, there was a 40 percent increase in the number of DDoS attacks worldwide over the first half of 2021, with an average of 1,955 attacks per day and a maximum of 4,296 on Aug. Gaming Industry a Top DDoS Target.

DDOS

DDOS IoT Engineering DNS

Abusing cloud services to fly under the radar

Fox IT

JANUARY 12, 2021

NCC Group and Fox-IT observed this threat actor during various incident response engagements performed between October 2019 until April 2020. These credentials are used in a credential stuffing or password spraying attack against the victim’s remote services, such as webmail or other internet reachable mail services.

VPN

VPN Accountability Passwords DNS

What a difference a year makes, or does it?

Webroot

OCTOBER 1, 2021

2020 was a year of immense change. We began even more to rely on the internet as a conduit to the world. In our 2020 Webroot Threat Report , our security experts made a series of predictions related to the threat landscape. appeared first on Webroot Blog. The death of distance accelerated. The list goes on.

Ransomware

Ransomware Backups Threat Reports Small Business

Operation ‘Harvest’: A Deep Dive into a Long-term Campaign

McAfee

SEPTEMBER 14, 2021

McAfee customers are protected from the malware/tools described in this blog. A more detailed blog with specific recommendations on using the McAfee portfolio and integrated partner solutions to defend against this attack can be found here. The IP is pushed into the list generated by the malware at runtime. malware: Mozilla/5.0

Malware

Malware DNS Accountability Manufacturing

8 Reasons why you should pick Cisco Viptela SD-WAN

Cisco Security

APRIL 29, 2021

The data center also served as the gateway to the internet. All infrastructure within the enterprise was trusted and everything outside including the internet and DMZ was labeled as untrusted, so firewalls and other proper security devices were deployed at these boundaries mainly at the data center in order to protect the organization.

Internet

Internet Internet Banking Backups

Data Localisation – The Magic Bullet?

McAfee

MAY 20, 2021

Despite detailed guidelines [3] issued in November 2020, in the absence of new definitive guidelines for transferring data across European borders [4] , many are starting to wonder whether data localisation is the magic bullet to protect personal data. development, debugging and maintenance), and backup (e.g. ” [6]. ” [6].

Surveillance

Surveillance VPN Internet Internet

8 Reasons why you should pick Cisco Viptela SDWAN

Cisco Security

APRIL 29, 2021

The data center also served as the gateway to the internet. All infrastructure within the enterprise was trusted and everything outside including the internet and DMZ was labeled as untrusted, so firewalls and other proper security devices were deployed at these boundaries mainly at the data center in order to protect the organization.

Internet

Internet Internet Banking Backups

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

For a brief overview please see our summary blog here. It is estimated that there are over 200 million IV infusions administered globally each year, and 2020 sales of IV pumps in the US were at $13.5 Attacks are now showing potential for patient harm with one example beginning on October 28 th , 2020. Table of Contents.

Computers and Electronics

Computers and Electronics Authentication Software Risk

Java Crypto Catchup

Veracode Security

NOVEMBER 16, 2020

In 2017, we started a blog series talking about how to securely implement a crypto-system in java. It's 2020 and most of our data is going to be online. internet and several other protocols (Bluetooth, Wi-Fi, etc.) would be broken and the worst world won't even have a fully vetted backup plan. algorithms.

Encryption

Encryption Authentication Architecture Engineering

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

Along with the rise of big-game hunting in 2020, we saw the emergence of a number of high-profile groups in the ransomware world. They interact with each other through internet handles, paying for services with cryptocurrency. Part I: Three preconceived ideas about ransomware. Idea #1: Ransomware gangs are gangs. Access sellers.

Ransomware

Ransomware Encryption Malware Cybercrime

How much does access to corporate infrastructure cost?

SecureList

JUNE 15, 2022

2TB of 2020-2021 data: credentials related to banking accounts and the most popular services. For instance, network access data for a company specializing in POS terminals and providing internet acquiring services is valued much higher ($20,000) than other similar offers. Blackmailer blog: auction price of stolen data.

VPN

VPN Accountability Ransomware Encryption

2023 Cyber Threat Predictions

Digital Shadows

NOVEMBER 1, 2022

With many companies improving their incident response and ability to restore services through the use of backups, it is possible that the intentional breach of data is actually the more impactful side of a double extortion attack; according to research from 2022, the average cost of a data breach was USD 4.35

Cyber threats

Cyber threats Ransomware Media Data breaches

Detecting Credential Stealing Attacks Through Active In-Network Defense

McAfee

SEPTEMBER 22, 2021

As per the Verizon DBIR report 2020 , over 80% of data breaches involve credential theft attacks. Over the course of this blog, we will discuss various credential theft techniques used by adversaries during lateral movement. Many of these tools are open source and readily available on the internet. Credential Theft Attacks.

Authentication

Authentication Accountability Encryption Passwords

The Hacker Mind Podcast: Hacking Ransomware

ForAllSecure

MAY 18, 2021

He also talks about his infosec journey hacking cryptocurrencies, joining the Digital Defense Service and CISA, and helping secure the 2020 presidential election… all before the age of 22. Vamosi: Somehow Jack ended up working on security behind the 2020 presidential election. Failure to pay, and your data is encrypted forever.

Hacking

Hacking Ransomware Cryptocurrency Engineering

The Hacker Mind Podcast: Hacking Ransomware

ForAllSecure

MAY 18, 2021

He also talks about his infosec journey hacking cryptocurrencies, joining the Digital Defense Service and CISA, and helping secure the 2020 presidential election… all before the age of 22. Vamosi: Somehow Jack ended up working on security behind the 2020 presidential election. Failure to pay, and your data is encrypted forever.

Hacking

Hacking Ransomware Cryptocurrency Engineering

APT trends report Q2 2022

SecureList

JULY 28, 2022

In March, Proofpoint published a blog post about a new spear-phishing campaign related to the war in Ukraine, tentatively attributed to the Russian-speaking actor UNC1151 (aka TA445 and Ghostwriter). As part of this process, the actor abused a legitimate blog service to host a malicious script with an encoded format.

Malware

Malware Firmware Phishing Cryptocurrency

The Difficulty of Disclosure, Surebet247 and the Streisand Effect

Troy Hunt

JANUARY 8, 2020

This is a blog post about disclosure, specifically the difficulty with doing it in a responsible fashion as the reporter whilst also ensuring the impacted organisation behaves responsibly themselves. He also wrote about the other betting operators implicated in the database backups and how there appeared to be a common thread across them.

Data breaches

Data breaches Backups Firewall Hacking

RM3 – Curiosities of the wildest banking malware

Fox IT

MAY 4, 2021

But if you would like to understand the rather tortured history of this particular malware a little better, the research and blog posts on the subject by Check Point are a good starting point. This golden age came to a sudden end with a sharp decline in 2020. Q3 2019 – Q2 2020, Classic fraud era.

Banking

Banking Malware Encryption Architecture

Cyber Security Informer

Microsoft Patch Tuesday, May 2020 Edition

Microsoft Patch Tuesday, April 2020 Edition

Webinars

Trending Sources

‘Wormable’ Flaw Leads July Microsoft Patches

Webinars

This World Backup Day, Our Customers Do the Talking

A Closer Look at the Snatch Data Ransom Group

Microsoft Patch Tuesday, February 2020 Edition

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Upcoming U.S. Labor Day Weekend is a Reminder to Avoid Repeating History

NIST’s ransomware guidelines look a lot like cyber resilience

Sysrv Botnet Variant Targets Windows, Linux, Infects Crypto Miners, says Microsoft

China-linked threat actors have breached telcos and network service providers

Ransomware, BEC and Phishing Still Top Concerns, per 2021 Threat Report

Cyber Security Roundup for April 2021

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Post-Quantum Cryptography: Lessons Learned from SHA-1 Deprecation

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Microsoft Fights Off Another Record DDoS Attack as Incidents Soar

Abusing cloud services to fly under the radar

What a difference a year makes, or does it?

Operation ‘Harvest’: A Deep Dive into a Long-term Campaign

8 Reasons why you should pick Cisco Viptela SD-WAN

Data Localisation – The Magic Bullet?

8 Reasons why you should pick Cisco Viptela SDWAN

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

Java Crypto Catchup

Ransomware world in 2021: who, how and why

How much does access to corporate infrastructure cost?

2023 Cyber Threat Predictions

Detecting Credential Stealing Attacks Through Active In-Network Defense

The Hacker Mind Podcast: Hacking Ransomware

The Hacker Mind Podcast: Hacking Ransomware

APT trends report Q2 2022

The Difficulty of Disclosure, Surebet247 and the Streisand Effect

RM3 – Curiosities of the wildest banking malware

Stay Connected