CyberSecurity Insiders

JANUARY 28, 2022

Nowadays you need a scorecard to keep track of the monthly acquisitions and mergers in the cybersecurity industry. Even through the Covid19 pandemic, trends in acquisition and consolidation of information security oriented companies remained quite strong. Top cybersecurity M&A deals for 2021 | CSO Online.

Cybersecurity 89

Cybersecurity Digital transformation CSO Risk 89

Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware 122

Ransomware Encryption Malware Hacking 122

Approachable Cyber Threats

DECEMBER 6, 2023

The 2023 update to our research on the perception of cybersecurity incident and data breach causes that’s helped organizations re-evaluate how they are at risk of a cybersecurity incident or data breach instead of what feels right. Source: Verizon DBIR [1] Patterns over time in cybersecurity data breaches. Keep reading below!

Cybersecurity 106

Cybersecurity Social Engineering Data breaches Engineering 106

CyberSecurity Insiders

JANUARY 14, 2022

“Information security analyst” tops the U.S. News & World Report 2022 Best Jobs list. Having a cybersecurity position at the top of the list is exciting for a young industry that has struggled with perception problems. Recognition for the cybersecurity space is always welcome. Tough Contenders.

Cybersecurity 142

Cybersecurity Healthcare Information Security CISO 142

Security Affairs

JUNE 22, 2022

I’m proud to announce that SecurityAffairs was awarded as the Best European Personal Cybersecurity Blog 2022 at European Cybersecurity Blogger Awards 2022. The winners of the annual European Cybersecurity Blogger Awards have been announced. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybersecurity 67

Cybersecurity Hacking Information Security Malware 67

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware 91

Malware Education Accountability Media 91

Security Boulevard

OCTOBER 5, 2022

The post BSidesLV 2022 Lucky13 GroundFloor – Uriel Kosayev’s ‘Malware Analysis – Red Team Edition’ appeared first on Security Boulevard. Our sincere thanks to BSidesLV for publishing their outstanding conference videos on the organization's YouTube channel.

Malware 52

Malware Education Information Security Cybersecurity 52

Security Affairs

FEBRUARY 24, 2022

Cybersecurity experts discovered a new data wiper malware that was used in attacks against hundreds of machines in Ukraine. Researchers from cybersecurity firms ESET and Broadcom’s Symantec discovered a new data wiper malware that was employed in a recent wave of attacks that hit hundreds of machines in Ukraine.

Malware 112

Malware DDOS Banking Government 112

Approachable Cyber Threats

DECEMBER 13, 2022

The 2022 update to our research on the perception of data breach causes that’s helped organizations re-evaluate how they are at risk for a data breach instead of what feels right. In their 2022 report, System Intrusion took the lead, accounting for 40% of all breach events. What influences our perception of cybersecurity breach causes?

Data breaches 106

Data breaches Social Engineering Engineering Phishing 106

eSecurity Planet

MAY 30, 2024

Table of Contents Toggle Recent Healthcare Attacks & Breaches 5 Key Cybersecurity Management Lessons to Learn Bottom Line: Learn Healthcare’s Lessons Before Suffering Pain Recent Healthcare Attacks & Breaches Large breaches affected over 88 million individuals in the USA in 2023, a 60% increase from 2022.

Healthcare 73

Healthcare Cybersecurity Backups Ransomware 73

Security Affairs

MARCH 17, 2024

Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer. RisePro is a C++ info-stealer that has been active since at least 2022, it allows to gathering sensitive data from the infected system. “The malware collects a variety of valuable information.

Malware 100

Malware Passwords Software Hacking 100

Security Affairs

MARCH 22, 2023

The European Union Agency for Cybersecurity (ENISA) published its first cyber threat landscape report for the transport sector. A new report published by the European Union Agency for Cybersecurity (ENISA) analyzes threats and incidents in the transport sector.

Ransomware 79

Ransomware DDOS Cyber threats Phishing 79

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. The new variant of the bot includes exploits for the following security issues: CVE-2022-22954 : Critical RCE flaw in VMware Workspace ONE Access and VMware Identity Manager. CVE-2022-22947 : RCE flaw in Spring. LFI CVE-2018-16763 Fuel CMS 1.4.1

Malware 138

Malware DDOS IoT Cybercrime 138

Security Affairs

FEBRUARY 14, 2022

Adobe addressed a critical vulnerability ( CVE-2022-24086 ) impacting Magento Open Source products that is being actively exploited in the wild. “Adobe is aware that CVE-2022-24086 has been exploited in the wild in very limited attacks targeting Adobe Commerce merchants.” The CVE-2022-24086 has received a CVSS score of 9.8

eCommerce 84

eCommerce Malware Authentication Hacking 84

Security Affairs

JANUARY 12, 2023

Fortinet researchers reported how threat actors exploited the recently patched FortiOS SSL-VPN vulnerability ( CVE-2022-42475 ) in attacks against government organizations and government-related targets. The CVE-2022-42475 flaw is a heap-based buffer overflow issue that resides in FortiOS sslvpnd. “A Versions range from 6.0.5

VPN 84

VPN Malware Engineering Government 84

Security Affairs

JUNE 9, 2022

Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Joint research conducted by security firms Intezer and BlackBerry uncovered a new Linux threat dubbed Symbiote. “Symbiote is a malware that is highly evasive. ” concludes the report.

Malware 142

Malware DNS Antivirus Passwords 142

Security Boulevard

JULY 20, 2022

Our sincere thanks to Security BSides San Francisco for publishing their outstanding conference videos on the organization's YouTube channel. The post BSidesSF 2022 – Amol Sarwate’s ‘Threat Hunting: Using MITRE ATT&CK Against Carbanak Malware’ appeared first on Security Boulevard.

Malware 52

Malware Education Information Security Cybersecurity 52

Security Affairs

MAY 31, 2023

Recently disclosed zero-day flaw in Barracusa Email Security Gateway (ESG) appliances had been actively exploited by attackers since October 2022. As per the vendor’s statement, the flaw has been exploited in real-world scenarios, with incidents dating back to October 2022 at the very least.

Malware 87

Malware Hacking Network Security Cybersecurity 87

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The GCHQ’s National Cyber Security Centre (NCSC) and agencies in the United States, Australia, Canada, and New Zealand have published an analysis of the Android malware.

Malware 102

Malware Authentication Threat Detection Government 102

Security Affairs

JANUARY 2, 2023

In 2022, ransomware attacks targeted 105 state or municipal governments or agencies in the US, reads a report published by Emsisoft. “When it comes to cybersecurity incidents, it has always been hard to get accurate statistical information.” SecurityAffairs – hacking, malware). 44 universities and colleges.

Government 84

Government Ransomware Healthcare Education 84

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative. ” reads the CSA.

Ransomware 106

Ransomware Hacking Healthcare Retail 106

Security Affairs

MAY 5, 2023

Fleckpe is a new Android subscription Trojan that was discovered in the Google Play Store, totaling more than 620,000 downloads since 2022. Fleckpe is a new Android subscription Trojan that spreads via Google Play, the malware discovered by Kaspersky is hidden in photo editing apps, smartphone wallpaper packs, and other general-purpose apps.

Malware 74

Malware Mobile Antivirus Hacking 74

Security Boulevard

JANUARY 29, 2022

Additionally, the Security BSides Dublin organization has slated their eponymous Security BSides Dublin 2022 confab at the The Convention Centre Dublin ( CCD ) on 2022/03/19. Just a month and a half away.

Malware 131

Malware Education InfoSec Information Security 131

Security Affairs

JUNE 15, 2023

According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. Lockbit was responsible for 18% of the total reported Australian ransomware incidents from April 1, 2022, to March 31, 2023. organizations since 2020.

Ransomware 82

Ransomware Cybersecurity Education Government 82

Security Affairs

JULY 29, 2022

Microsoft linked the recently discovered Raspberry Robin Windows malware to the notorious Evil Corp operation. On July 26, 2022, Microsoft researchers discovered that the FakeUpdates malware was being distributed via Raspberry Robin malware. The malware uses TOR exit nodes as a backup C2 infrastructure.

Malware 103

Malware Backups Manufacturing Accountability 103

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware 83

Malware Cybercrime Banking Software 83

Security Affairs

OCTOBER 6, 2022

Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a recently discovered sample of a new malware called LilithBot to the Eternity group (aka EternityTeam; Eternity Project). ” reads the report published by Zscaler.

Malware 87

Malware DDOS Ransomware Cryptocurrency 87

Security Affairs

MAY 22, 2022

Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon. Researchers from threat intelligence firm Cyble uncovered a malware campaign targeting the infoSec community. The malware, disguised as a fake PoC code, was available on GitHub.

InfoSec 137

InfoSec Malware Cybercrime Information Security 137

Security Affairs

APRIL 25, 2023

North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The trojan can run on both ARM and x86 architectures.

Malware 78

Malware Social Engineering Architecture Education 78

Security Affairs

MAY 26, 2023

Experts detailed a new piece of malware, named CosmicEnergy, that is linked to Russia and targets industrial control systems (ICS). Researchers from Mandiant discovered a new malware, named CosmicEnergy, designed to target operational technology (OT) / industrial control system (ICS) systems. ” concludes the report.

Malware 79

Malware Hacking Technology Cybersecurity 79

Security Affairs

MAY 4, 2023

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta. NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook.

Malware 89

Malware Accountability Advertising Education 89

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 99

Cybercrime Malware Backups Manufacturing 99

Security Affairs

APRIL 20, 2023

North Korea-linked APT group Lazarus employed new Linux malware in attacks that are part of Operation Dream Job. North Korea-linked APT group Lazarus is behind a new campaign tracked as Operation DreamJob (aka DeathNote or NukeSped ) that employed Linux malware. ” concludes the report.

Malware 92

Malware Social Engineering Education Media 92

Security Affairs

JANUARY 11, 2023

US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Follow me on Twitter: @securityaffairs and Facebook and Mastodon.

Ransomware 87

Ransomware Hacking Government Risk 87

Security Affairs

DECEMBER 19, 2022

Cybersecurity researchers at ReversingLabs have discovered a new malicious package, named ‘SentinelOne,’ on the Python Package Index (PyPI) repository that impersonates a legitimate software development kit (SDK) for SentinelOne. The packages were published between December 8th and 11th, 2022. Pierluigi Paganini.

Malware 101

Malware Data collection Software Hacking 101

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft 90

Identity Theft Accountability DDOS Cybercrime 90

Approachable Cyber Threats

DECEMBER 7, 2023

The 2023 update to our research on the perception of cybersecurity incident and data breach causes that’s helped organizations re-evaluate how they are at risk of a cybersecurity incident or data breach instead of what feels right. Source: Verizon DBIR [1] Patterns over time in cybersecurity data breaches. Keep reading below!

Cybersecurity 52

Cybersecurity Social Engineering Data breaches Engineering 52