eSecurity Planet

SEPTEMBER 5, 2023

Major cybersecurity events in the last week make clear that hackers just keep getting savvier — and security teams need to be vigilant to keep up. Ransomware groups continue to exploit unpatched vulnerabilities. Now ransomware attackers, possibly affiliated with FIN8, are exploiting unpatched Citrix products to launch attacks.

VPN 104

VPN Authentication Ransomware Antivirus 104

eSecurity Planet

FEBRUARY 26, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) identified CVE-2024-21410 as a “Known Exploited Vulnerability” and set a March 7, 2024 deadline for implementing patches or mitigations. Read our guide on privilege escalation attacks next to learn about the detection and prevention strategies for your privileged accounts and data.

Risk 113

Risk Authentication System Administration Ransomware 113

eSecurity Planet

AUGUST 28, 2023

An attacker creates a new admin user and logs into an OpenFire account. August 24, 2023 Akira ransomware targeting Cisco, but MFA helps Akira ransomware groups have been exploiting Cisco’s virtual private network ( VPN ) tools. The security bulletin was last updated August 25.

VPN 98

VPN Authentication Mobile Firewall 98

eSecurity Planet

NOVEMBER 6, 2023

Other major flaws appeared in the NGINX Ingress Controller for Kubernetes, Atlassian Confluence Data Center and Server, and Apache ActiveMQ — and the latter two have already been targeted in ransomware attacks. The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6

Software 112

Software Education Ransomware Firmware 112

eSecurity Planet

AUGUST 28, 2023

An attacker creates a new admin user and logs into an OpenFire account. August 24, 2023 Akira ransomware targeting Cisco, but MFA helps Akira ransomware groups have been exploiting Cisco’s virtual private network ( VPN ) tools. The security bulletin was last updated August 25.

VPN 95

VPN Authentication Mobile Firewall 95

eSecurity Planet

JANUARY 29, 2024

Unpatched ActiveMQ instances still vulnerable to CVE-2023-46604 (which enabled ransomware attacks last November ) will compile and execute the unknown binary and enable attackers to execute many different types of attacks. The fix: Deploy the Apache security upgrades available since November 2023.

Software 113

Software Authentication CSO Accountability 113

eSecurity Planet

OCTOBER 9, 2023

A surge of critical vulnerabilities and zero-day exploits has made for a very busy week in IT security, affecting a range of tech giants like Atlassian, Cisco, Apple, Arm, Qualcomm and Microsoft. Attackers might get full access to Confluence instances by creating illegal administrator accounts.

Architecture 104

Architecture Ransomware Software Accountability 104

eSecurity Planet

MARCH 19, 2024

Frequent Ransomware Target QNAP Discloses 3 Vulnerabilities Type of vulnerability: Improper authentication, injection vulnerability, SQL injection (SQLi). Ransomware gangs, notably Deadbolt, Checkmate, and Qlocker, actively targeted QNAP vulnerabilities in the past. The critical vulnerability, CVE-2024-21899 with a CVSS score of 9.8,

Authentication 119

Authentication VPN Software DDOS 119

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes. The GandCrab identity on Exploit[.]in

Ransomware 258

Ransomware Accountability Cybercrime Passwords 258

SiteLock

AUGUST 27, 2021

Cybercriminals know this, which is why phishing attacks account for more than 80% of reported security incidents and why 54% of companies say their data breaches were caused by “negligent employees. ”. The reason many employees use the same passwords across all work accounts is simple – they can keep track of them all.

Security Awareness 98

Security Awareness Passwords Phishing Scams 98

Cisco Security

AUGUST 17, 2021

Email Attachments: One of two main methods to penetrate security defenses with malicious content by email. Internal Email Scanning: Account Take Over (ATO) is a new threat to organizations. You should prioritize and consult with your email security vendor to confirm coverage and available support.

Phishing 119

Phishing Technology Malware Authentication 119

eSecurity Planet

JANUARY 18, 2024

CSP’s Professional Security Expertise CSPs’ professional security expertise substantially contributes to the security capabilities and improvement of the general resilience of cloud storage. The increased scalability of cloud storage can assist effective data recovery solutions.

Risk 125

Risk Backups Encryption DDOS 125

eSecurity Planet

FEBRUARY 16, 2024

Analysts and security software frequently struggle to spot malicious activity disguised as normal ones, complicating intrusion detection and mitigation efforts. It’s also used by ransomware actors that want to propagate malware using remote monitoring and management tools. Want to strengthen your organization’s digital defenses?

Internet 113

Internet Internet Cybersecurity Network Security 113

SecureList

SEPTEMBER 11, 2023

Cuba ransomware gang Cuba data leak site The group’s offensives first got on our radar in late 2020. The Cuba group, like many others of its kind, is a ransomware-as-a-service (RaaS) outfit, letting its partners use the ransomware and associated infrastructure in exchange for a share of any ransom they collect.

Ransomware 140

Ransomware Encryption Malware DDOS 140

eSecurity Planet

OCTOBER 16, 2023

Account Hijacking Account hijacking happens when an attacker gets unauthorized access to a user’s cloud account by stealing or guessing login credentials. Here’s how to avoid it: Make MFA mandatory to give an extra degree of protection to user accounts, and complex unique passwords should also be used.

Encryption 109

Encryption DDOS Authentication Firewall 109

eSecurity Planet

AUGUST 30, 2023

The impersonated emails might contain annoying SPAM, but more often the phishing email will deliver more dangerous payloads that lead to stolen credentials, business email compromise (BEC) attacks, or ransomware attacks. Meanwhile, the company being impersonated has no financial incentive to change their behavior.

Authentication 100

Authentication Phishing Encryption Marketing 100

eSecurity Planet

MAY 30, 2024

Ransomware attacks and data breaches make headlines when they shut down huge connected healthcare providers such as Ascension Healthcare or Change Healthcare. 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia.

Healthcare 122

Healthcare Cybersecurity Backups Ransomware 122

eSecurity Planet

OCTOBER 26, 2023

These steps will work in most cases, but if you’ve been hit by ransomware, see our guides to ransomware decryption , removal and recovery. And activate your router’s security features too. And use your devices in non-administrator accounts whenever possible to remove some of the biggest opportunities for malware.

Malware 108

Malware Antivirus Adware Software 108

eSecurity Planet

AUGUST 25, 2021

” Zero trust is a critical tool in the security defense arsenal, especially as more companies shift to a fully remote or hybrid work environment. Related: How Zero Trust Security Can Protect Against Ransomware. By limiting movement, you mitigate the risk of malicious actors accessing key segments.”

Social Engineering 113

Social Engineering Architecture Engineering Cybersecurity 113

eSecurity Planet

AUGUST 4, 2023

Cloud Security Posture Management services (CSPM) began to appear in 2014 to manage cloud service configurations as cloud service providers like AWS, Microsoft Azure, and Google Cloud grew more prevalent. With these, each workload is shielded from evolving threats like malware, ransomware, and data breaches.

Architecture 98

Architecture Risk Data breaches Threat Detection 98

Security Boulevard

JULY 29, 2021

Breaking the Isolation: Cross-Account AWS Vulnerabilities. Multiple AWS services were found to be vulnerable to a new cross-account vulnerability class. James Coote | Senior Consultant, F-Secure Consulting. Alfie Champion | Senior Consultant, F-Secure Consulting. Tracks : Network Security, Defense.

CISO 40

CISO Risk VPN Backups 40

eSecurity Planet

APRIL 29, 2024

For example, the Health Insurance Portability and Accountability Act (HIPAA) regulates personal health information and imposes fines for data breach or data inaccessibility. IRM accounts for HIPAA data by tracking associated repositories, transmissions, and systems, as well as increasing risks with HIPAA fine estimates.

Risk 67

Risk Technology Government Penetration Testing 67

eSecurity Planet

SEPTEMBER 1, 2023

While cloud service providers (CSPs) offer their own native security, CWPP offers an additional layer of customized protection and management to fit the demands of workloads. Shared accountability is followed by CSPs; service providers safeguard infrastructure, while customers secure data and apps.

Encryption 94

Encryption Malware Data breaches DDOS 94

eSecurity Planet

NOVEMBER 10, 2023

Additionally, some attackers will use DNS disruptions to conceal more dangerous cyberattacks such as data theft, ransomware preparations, or inserting backdoors into other resources. To prevent a DNS attack , organizations need to secure their DNS processes for both local and remote users.

DNS 109

DNS DDOS Encryption Authentication 109

eSecurity Planet

AUGUST 21, 2023

Only those who absolutely need it to do their job should have an admin account. Read more about best practices for securing remote access in your organization. Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

VPN 98

VPN Passwords Software Small Business 98

SC Magazine

JUNE 29, 2021

But the Government Accountability Office found areas where HHS could better coordinate its efforts to support department information sharing and overall health IT security. Emsisoft data shows that 32 health care providers have been disrupted by ransomware alone in 2021, so far.

Healthcare 68

Healthcare Cybersecurity CISO Cyber threats 68

Centraleyes

DECEMBER 6, 2023

According to Purplesec, ransomware attacks have increased by 350% since 2018, zero-day attacks were up by 55% in 2021, and out of the 30 million SMBs in the USA, over 66% have had at least 1 cyber incident between 2018-2020. Endpoint security defenses are an important part of this. Cybercrime is on the rise at a startling rate.

Risk 52

Risk Cyber Risk Software Information Security 52

Spinone

DECEMBER 17, 2019

Ransomware is a sly, silent, and vicious criminal. It quietly makes its way past your security defenses into the heart of your data and keeps it hostage until you pay a ransom. But how do you get ransomware in the first place? How Do You Get Ransomware: Key Points So, where do you get ransomware from?

Ransomware 83

Ransomware Passwords Encryption Phishing 83

eSecurity Planet

AUGUST 22, 2023

An important data protection concept for all organizations is zero trust : by limiting access and privileged accounts and walling off your most critical assets with tools like microsegmentation , a network incursion doesn’t have to become a headline-making data breach.

Data breaches 98

Data breaches Big data Penetration Testing Cyber Attacks 98

eSecurity Planet

OCTOBER 24, 2023

Automate Updates: Automate updates where possible to receive crucial security patches without manual intervention. Create Strong, Unique Passwords Creating strong, one-of-a-kind passwords acts as a strong defense to keep your accounts safe. Regularly Monitor Accounts Account monitoring is a critical practice.

Malware 122

Malware Antivirus Software Passwords 122

eSecurity Planet

DECEMBER 19, 2023

2023 cybersecurity issues will continue: Weak IT fundamentals, poor cybersecurity awareness, and ransomware will still cause problems and make headlines. Andy Grolnick, CEO of Graylog, cautions that “In 2023, ransomware is still the dominant threat in the minds of security teams. Bottom line: Prepare now based on risk.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

eSecurity Planet

SEPTEMBER 11, 2023

W3LL Phishing Tool Steals Thousands of Microsoft 365 Accounts Type of attack: W3LL, a threat actor, created a phishing kit that can defeat multi-factor authentication (MFA) , which allowed it to infiltrate over 8,000 corporate Microsoft 365 accounts. Also see the Google support page Check & update your Android version.

VPN 113

VPN Firmware Authentication Phishing 113

eSecurity Planet

AUGUST 10, 2023

With so many free and low-cost threat intelligence feeds available today, it’s a smart move to integrate one or multiple feeds into your cybersecurity workflow and tools for additional security knowledge and detection capabilities. Additionally, users can only submit their own malicious URL discoveries if they have an abuse.ch

Internet 96

Internet Internet Cybersecurity Malware 96

eSecurity Planet

OCTOBER 2, 2023

Considering the active ransomware activity with vulnerabilities in Progress Software’s other file transfer software, MOVEit, WS_FTP server maintenance teams should patch ASAP. Read next: Network Protection: How to Secure a Network Weekly Vulnerability Recap – Sept. This vulnerability receives the maximum 10.0 rating under CVSS v3.1

DDOS 109

DDOS Encryption Software Ransomware 109

McAfee

SEPTEMBER 22, 2021

Today, enterprises tend to use multiple layers of security defenses, ranging from perimeter defense on network entry points to host based security solutions deployed at the end user’s machines to counter the ever-increasing threats. Decoy Account – DTE0010. Account Discovery, Reconnaissance.

Authentication 104

Authentication Accountability Encryption Passwords 104

SecureWorld News

NOVEMBER 8, 2023

These attacks have proliferated to such a degree that there were 493 million ransomware attacks in 2022 alone, and 19% of all data breaches were the result of stolen or compromised login credentials. In turn, this has left organizations and individuals far behind in the race to secure defenses appropriately.

Social Engineering 93

Social Engineering Engineering Cyber Attacks Artificial Intelligence 93

eSecurity Planet

OCTOBER 6, 2023

Improves email security using user authentication techniques , lowering the danger of unauthorized email account access. Provides phishing simulation exercises to train employees and raise awareness about email security best practices. Verifies user identities to lessen the possibility of illegal access to email accounts.

Software 131

Software Phishing Mobile Threat Detection 131