2022 and Security Intelligence - Cyber Security Informer

Phishing remained the top identity abuser in 2022: IDSA report

CSO Magazine

MAY 31, 2023

Phishing was the most common type of identity-related incident in 2022, according to a study by Identity Defined Security Alliance (IDSA), a non-profit, identity and security intelligence firm.

Phishing

Phishing Security Intelligence

LockBit Ransomware: The Hidden Threat in Resume Word Files

Penetration Testing

JANUARY 18, 2024

The AhnLab Security Intelligence Center has uncovered that the LockBit ransomware is being spread through malicious Word files disguised as resumes.

Penetration Testing

Penetration Testing Ransomware Security Intelligence Malware

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Notable cybersecurity exits for the company include E8 Security, IronPort, and Shape Security; and AllegisCyber’s other successful investments include Bracket Computing, Moki, Platfora, and Solera Networks. Also read : Cybersecurity Outlook 2022: Third-Party, Ransomware, and AI Attacks Will Get Worse. Norwest Investments.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Webroot

JANUARY 7, 2022

In 2022, the widespread growth of mobile access will increase the prevalence of mobile malware, given all of the behavior tracking capabilities,” says Grayson Milbourne, security intelligence director, Carbonite + Webroot, OpenText companies. What to expect in 2022? Consumers also remain at risk.

Cybercrime

Cybercrime Phishing Ransomware Cryptocurrency

Best Identity and Access Management (IAM) Solutions for 2022

eSecurity Planet

JANUARY 27, 2022

See also: Best Privileged Access Management (PAM) Software for 2022 and Top Network Access Control (NAC) Solutions for 2022. Provides visibility and control of privileged user activities to deliver actionable security intelligence to address evolving threats. 10 Top IAM Solutions In-depth.

Authentication

Authentication Artificial Intelligence Technology Marketing

Best Cybersecurity Software & Tools for 2022

eSecurity Planet

APRIL 29, 2022

As a whole, the Cisco suite is a powerful zero trust security solution. Firepower NGFWs provide advanced malware protection, security intelligence, sandboxing, DDoS mitigation, and a next-generation intrusion prevention system. Read next: Best Managed Security Service Providers (MSSPs).

Software

Software Cybersecurity Firewall Antivirus

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Security Affairs

MAY 18, 2022

pic.twitter.com/Tro0NfMD0j — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022. pic.twitter.com/stXJMDMevc — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022. pic.twitter.com/stXJMDMevc — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022.

Security Intelligence

Security Intelligence Hacking Accountability Malware

Infineon Showcases Intelligent, Secured IoT Solutions and Dependable Electronics for Automotive at CES 2022

CyberSecurity Insiders

DECEMBER 21, 2021

MUNICH & LAS VEGAS–( BUSINESS WIRE )–Infineon Technologies AG (FSE: IFX / OTCQX: IFNNY) today announced that at CES 2022 it will “Reimagine Innovation”, showcasing the company’s wide portfolio of IoT, power, security and automotive solutions. Infineon is also participating in digital CES 2022.

IoT

IoT Authentication Technology Mobile

Russian Cyberespionage Will Highly Increase this Winter, Warns Finnish Intelligence

Heimadal Security

OCTOBER 4, 2022

The Finnish Security Intelligence Service (SUPO) warns of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Security Intelligence

Security Intelligence Cybersecurity

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Security Affairs

JULY 1, 2022

Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. — Microsoft Security Intelligence (@MsftSecIntel) June 29, 2022. Pierluigi Paganini.

Security Intelligence

Security Intelligence Malware Hacking Information Security

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Cisco Security

MAY 27, 2022

In part one of our Black Hat Asia 2022 NOC blog , we discussed building the network with Meraki: . NetWitness PCAP file carving and submission to Cisco Secure Malware Analytics (formerly Threat Grid) for analysis. New Integrations Created at Black Hat Asia 2022. Meraki MR, MS, MX and Systems Manager by Paul Fidler .

Malware

Malware Accountability DNS Technology

Researchers 'Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network

The Hacker News

DECEMBER 1, 2022

KmsdBot, as christened by the Akamai Security Intelligence Response Team (SIRT), came to light mid-November 2022 for its ability to brute-force systems with weak SSH credentials. An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down.

Cryptocurrency

Cryptocurrency Security Intelligence

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022. ” reads a Tweet published by Microsoft.

Security Intelligence

Security Intelligence Malware Architecture Backups

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. and earlier.

Firmware

Firmware Wireless DDOS IoT

Finnish intelligence warns of Russia’s cyberespionage activities

Security Affairs

OCTOBER 3, 2022

The Finnish Security Intelligence Service ( SUPO ) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service ( Suojelupoliisi or SUPO ) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Security Intelligence

Security Intelligence Manufacturing Cyber threats Accountability

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

JANUARY 11, 2022

link] — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022. — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022. According to Microsoft the ransomware operators compromised the exposed systems to deploy the NightSky ransomware. trendmrcio[.]com, rogerscorp[.]org,

Ransomware

Ransomware Hacking Internet Internet

Microsoft warns of phishy OAuth apps

Malwarebytes

JANUARY 26, 2022

According to Microsoft Security Intelligence, the campaign has “targeted hundreds of organisations”. — Microsoft Security Intelligence (@MsftSecIntel) January 21, 2022. Read and write access to mailboxes? Signing in? At what point do you naturally enough become suspicious?

Phishing

Phishing Security Intelligence Scams Passwords

The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

Security Affairs

AUGUST 7, 2023

In October 2022, the Finnish Security Intelligence Service ( Suojelupoliisi or SUPO ) warned of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter. reads the unclassified National Security Overview 2022 published last week by the Finnish agency.

Ransomware

Ransomware Government Cyber threats Security Intelligence

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port.

DDOS

DDOS Wireless Security Intelligence Authentication

Microsoft blocked Polonium attacks against Israeli organizations

Security Affairs

JUNE 3, 2022

Threat actors were observed abusing OneDrive, for this reason, the IT giant has suspended more than 20 malicious OneDrive applications created by POLONIUM actors, notified affected organizations, and deployed a series of security intelligence updates that will quarantine malicious tools developed by the attackers.

Security Intelligence

Security Intelligence Antivirus Hacking Authentication

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Security Affairs

MAY 20, 2023

Researchers at Microsoft Security Intelligence team published a series of tweets to warn of a new wave of attacks aimed at distributing the Clop ransomware and linked it to the financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7 ). ” reads one of the tweets published by the experts. We are in the final!

Cybercrime

Cybercrime Ransomware Security Intelligence Hacking

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

Malwarebytes

JUNE 14, 2022

A fix is now available for CVE-2022-26134. Here’s the latest observations from Microsoft: Multiple adversaries and nation-state actors, including DEV-0401 and DEV-0234, are taking advantage of the Atlassian Confluence RCE vulnerability CVE-2022-26134. It is essential users of Confluence address the patching issue immediately.

Ransomware

Ransomware Scams Security Intelligence Encryption

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. From August 2022, Recorded Future researchers observed a rise in command and control (C2) infrastructure used by Sandworm (tracked by Ukraine’s CERT-UA as UAC-0113).

Ransomware

Ransomware Telecommunications DNS Hacking

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

Throughout 2022, both groups targeted sectors included academia, defence, governmental organisations, NGOs, think-tanks, as well as politicians, journalists and activists. SEABORGIUM’s campaigns begin with a reconnaissance activity of target individuals, with a focus on identifying their contacts on social networks or the sphere of influence.

Phishing

Phishing Media Hacking Education

Webroot managed detection and response (MDR) purpose-built for MSPs

Webroot

JUNE 2, 2022

According to the latest 2022 BrightCloud® Threat Report , small to medium-sized businesses (SMBs) are particularly vulnerable to becoming a victim of a ransomware attack. Without human security experts and solutions at their disposable, these businesses remain susceptible to attacks.

Threat Detection

Threat Detection Cyber Insurance Small Business Insurance

IT giants warn of ongoing Chromeloader malware campaigns

Security Affairs

SEPTEMBER 20, 2022

pic.twitter.com/v6sexKgDSg — Microsoft Security Intelligence (@MsftSecIntel) September 16, 2022. Microsoft researchers are tracking an ongoing wide-ranging click fraud campaign where attackers monetize clicks generated by a browser node-webkit or malicious browser extension secretly installed on devices.

Malware

Malware Adware Ransomware Security Intelligence

Thales Partners with Google Cloud to Build New, Generative-AI Powered Security Features

Thales Cloud Protection & Licensing

JUNE 11, 2023

Thales Partners with Google Cloud to Build New, Generative-AI Powered Security Features madhav Mon, 06/12/2023 - 05:05 The past year has seen a stratospheric improvement in artificial intelligence (AI) technology. In just a few months, the chatbot gained 100 million users, countless headlines, and even its first security breach.

Artificial Intelligence

Artificial Intelligence Data privacy Encryption Security Intelligence

SolarWinds Serv-U bug exploited for Log4j attacks

Security Affairs

JANUARY 19, 2022

We reported our discovery to SolarWinds, and security updates have been released. More info: [link] — Microsoft Security Intelligence (@MsftSecIntel) January 19, 2022. In the past, other threat actors exploited Serv-U vulnerabilities to carry out malicious activities.

Authentication

Authentication Hacking Ransomware Security Intelligence

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Security Affairs

JANUARY 26, 2022

link] — Kevin Beaumont (@GossiTheDog) January 20, 2022. link] — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022. to add a shell.

Internet

Internet Internet Ransomware Hacking

Spotlight on Cybersecurity Leaders: Dan Elliott

SecureWorld News

MARCH 27, 2024

He has more than 15 years of experience in national security and risk management and brings a unique perspective to cyber risk, having spent six years as an Intelligence Officer with the Canadian Security Intelligence Service (CSIS).

Cybersecurity

Cybersecurity Insurance Cyber Risk Risk

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

The Last Watchdog

MAY 20, 2022

Managed security services (MSS) refer to a service model that enable the monitoring and managing of security technologies, systems, or even software-as-a-service (SaaS) products. Here’s more on the various types and benefits of MSS, as well as the state of the MSS(P) market in 2022! MSSPs in 2022. billion in 2020.”.

Marketing

Marketing Digital transformation Technology Cybersecurity

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Researchers from threat intelligence firm RiskIQ, using passive DNS data related to Knotweed attacks, linked the C2 infrastructure used by the malware since February 2020 to DSIRF. One of the zero-day exploits used in Knotweed attacks was triggering the recently patched CVE-2022-22047 issue. or later to detect the related indicators.

Surveillance

Surveillance Malware Authentication DNS

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

More details + TTPs in this MSTIC blog: [link] — Microsoft Security Intelligence (@MsftSecIntel) August 15, 2022. Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage.

Phishing

Phishing Accountability Hacking Surveillance

Sysrv botnet is out to mine Monero on your Windows and Linux servers

Malwarebytes

MAY 18, 2022

In a Twitter thread , the Microsoft Security Intelligence team have revealed new information about the latest versions of the Sysrv botnet. Another vulnerability the botnet uses is CVE-2022-22947. Background.

Cryptocurrency

Cryptocurrency IoT Malware DDOS

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

Security Affairs

OCTOBER 16, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. Several notable features differentiate this ransomware from other campaigns and payloads tracked by MSTIC.

Ransomware

Ransomware Encryption Backups Security Intelligence

Netography Expands Executive Team to Meet Strong Demand for Security for the Atomized Network

CyberSecurity Insiders

JANUARY 24, 2022

Joel and Jennifer are two of the top minds in their respective fields and will bring their skills and passion to help us deliver a new vision for network security,” said Martin Roesch, Chief Executive Officer, Netography.

Marketing

Marketing Network Security DDOS Security Intelligence

NEW TECH: Exabeam retools SIEMs; applies credit card fraud detection tactics to network logs

The Last Watchdog

MARCH 19, 2019

Led by the likes of Splunk, LogRhythm, IBM and Exabeam, the global SIEM market is expected to grow to over $5 billion annually in 2022. Related: Autonomous vehicles are driving IoT security innovation. Fundamentally, SIEMs collect event log data from internet traffic, as well as corporate hardware and software assets.

Big data

Big data Internet Internet Digital transformation

Is an outsourced SOC worth it? Looking at the ROI of MDR

Malwarebytes

DECEMBER 15, 2022

Provide ongoing security training, certifications, and red team exercises to expand staff expertise. Purchase and manage third-party security intelligence feeds. In 2022 the average cost of a data breach was $4.35 Project manage the facility operations and day-to-day functions.

Cyber Insurance

Cyber Insurance Data breaches Insurance Cyber threats

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Jane Frankland

AUGUST 18, 2020

billion by 2022. Whilst this is concerning, when talking to executives outside of security, like I did on a recent masterclass with Nowcomm , it’s vital they understand of the following: 1. Security intelligence comes with a high pay off. Furthermore, from 2019–2023E, approximately USD 5.2 million.

Cyber Risk

Cyber Risk Risk Cybersecurity Technology

API-based CASB Spinbackup Announces 2017 Results

Spinone

FEBRUARY 16, 2018

According to Gartner analysts, SaaS market is projected to grow to 75 billion dollars by 2022 at a 19.2% Customer Base Growth Spinbackup supports the cloud security and cost management efforts of organizations in education, manufacturing, retail, and other industries by delivering ultimate cloud security intelligence solutions.

Backups

Backups Ransomware Education Cyber threats

Phishing remained the top identity abuser in 2022: IDSA report

LockBit Ransomware: The Hidden Threat in Resume Word Files

Webinars

Trending Sources

Top VC Firms in Cybersecurity of 2022

Webinars

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Best Identity and Access Management (IAM) Solutions for 2022

Best Cybersecurity Software & Tools for 2022

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Infineon Showcases Intelligent, Secured IoT Solutions and Dependable Electronics for Automotive at CES 2022

Russian Cyberespionage Will Highly Increase this Winter, Warns Finnish Intelligence

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Researchers 'Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Finnish intelligence warns of Russia’s cyberespionage activities

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Microsoft warns of phishy OAuth apps

The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

New InfectedSlurs Mirai-based botnet exploits two zero-days

Microsoft blocked Polonium attacks against Israeli organizations

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

Updated Kmsdx botnet targets IoT devices

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Webroot managed detection and response (MDR) purpose-built for MSPs

IT giants warn of ongoing Chromeloader malware campaigns

Thales Partners with Google Cloud to Build New, Generative-AI Powered Security Features

SolarWinds Serv-U bug exploited for Log4j attacks

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Spotlight on Cybersecurity Leaders: Dan Elliott

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

European firm DSIRF behind the attacks with Subzero surveillance malware

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Sysrv botnet is out to mine Monero on your Windows and Linux servers

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

Netography Expands Executive Team to Meet Strong Demand for Security for the Atomized Network

NEW TECH: Exabeam retools SIEMs; applies credit card fraud detection tactics to network logs

Is an outsourced SOC worth it? Looking at the ROI of MDR

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

API-based CASB Spinbackup Announces 2017 Results

Stay Connected