Blog - Cyber Security Informer

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware

Ransomware Encryption Malware Hacking

Google announced its Mobile VRP (vulnerability rewards program)

Security Affairs

MAY 23, 2023

Google introduced Mobile VRP (vulnerability rewards program), a new bug bounty program for reporting vulnerabilities in its mobile applications. Google’s Mobile VRP is a bug bounty program for reporting vulnerabilities in first-party Android applications developed or maintained by Google. ” states the announcement.

Mobile

Mobile Hacking Accountability Cybersecurity

Imperva is an Overall Leader in the 2023 KuppingerCole Leadership Compass Data Security Platforms Report

Security Boulevard

APRIL 17, 2023

Imperva is a leader in every category – Market, Innovation, and Product Imperva, Inc., (@Imperva) the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, is an Overall Leader in the 2023 KuppingerCole Leadership Compass for Data Security Platforms.

Marketing

Marketing Cybersecurity

FISMA Compliance: A Complete Guide to Navigating Low, Moderate, and High Levels

Centraleyes

APRIL 22, 2024

The categorization of impact levels within this framework, as elucidated by FIPS-199, emerges as a linchpin. It is a structured approach to evaluating and quantifying the potential consequences of security incidents, laying the groundwork for robust security controls tailored to federal entities’ unique needs and challenges.

Risk

Risk Information Security Encryption Cybersecurity

The strange link between Industrial Spy and the Cuba ransomware operation

Security Affairs

MAY 28, 2022

The recently launched Industrial Spy data extortion marketplace has now started its ransomware operation. In April, Malware HunterTeam and Bleeping Computer reported the launch of a new dark web marketplace called Industrial Spy that sells stolen data and offers free stolen data to its members.

Ransomware

Ransomware Malware Hacking Accountability

A Report Template for Incident Response

Lenny Zeltser

SEPTEMBER 13, 2023

Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. Preparation also includes creating a template that the team can use as the basis for the incident report, which is critical to ensuring that the incident is handled well.

Data privacy

Data privacy Cybersecurity Information Security

Note to Self: Create Non-Exhaustive List of Competitors

Krebs on Security

APRIL 20, 2021

NYSE:IT ] — a $4 billion technology goliath whose analyst reports can move markets and shape the IT industry. ” They also break companies out into categories such as “challengers,” “leaders,” “visionaries” and “niche players.”

Marketing

Marketing Technology Software Cybercrime

Do You Trust Your SIEM?

Anton on Security

OCTOBER 21, 2021

In parallel, you trust that the storage of raw and structured data is sound , and that indexing does not miss any data you collected. My admittedly epic (but dated) post “Security Correlation Then and Now: A Sad Truth About SIEM” mentioned the issue of TRUST as it applies to SIEM. They do not?—?en en masse?—?trust

Passwords

Passwords Threat Detection Cybersecurity

On Surveillance in the Workplace

Schneier on Security

MARCH 12, 2019

Touted as useful management tools, they can augment biased and discriminatory practices in workplace evaluations and segment workforces into risk categories based on patterns of behavior. Gamification and algorithmic management of work activities through continuous data collection.

Surveillance

Surveillance Data collection Technology Risk

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

The Last Watchdog

AUGUST 29, 2022

This is according to Verizon’s latest 2022 Data Breach Investigations Report ( DBIR ). In the report’s findings, stolen credentials and exploited vulnerabilities are the top reasons for web breaches. Poor password practices are responsible for most incidents involving web applications and data breaches since 2009.

Hacking

Hacking Passwords Password Management Data breaches

Threat Trends: DNS Security, Part 1

Cisco Security

MARCH 11, 2021

Part 1: Top threat categories. Our Threat Trends blog series takes a look at the activity that we see in the threat landscape and reports on those trends. This data comes from Cisco Umbrella , our cloud-native security service. Instead, we’ll look at individual categories, with an eye on how they rise and fall over time.

DNS

DNS Phishing Ransomware Internet

Building a Custom SecureX Orchestration Workflow for Umbrella

Cisco Security

SEPTEMBER 16, 2021

While we were in the Black Hat USA NOC (check out this blog about Cisco Secure in the NOC), we were constantly keeping our eyes on the Umbrella security activity report, in order to recognize, investigate and work with other teams to respond to the threats. In comes SecureX to help make our lives simpler. The Investigate API.

DNS

DNS Authentication Technology Malware

Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques

Security Affairs

JUNE 10, 2022

Its operators have a data leak site, where they post exfiltrated data from their victims who refused to pay the ransom. A flash alert published by the FBI in December 2021 reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. ” concludes the report.

Ransomware

Ransomware Malware Encryption Hacking

Experts warn of ransomware attacks against government organizations of small states

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. The experts also reported other ransomware attacks that hit government organizations in Latin America, including Brazilian and Peruvian government organizations. ” concludes the report.

Government

Government Ransomware Cybercrime Banking

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Security Affairs

JUNE 3, 2022

Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. “Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence Data Center and Server. .

Internet

Internet Internet Authentication Hacking

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

Dragos reported that Hexane was focused on organizations in the oil and gas industry and telecommunication providers. The attack chain observed by the researchers starts with spear-phishing messages using weaponized Word document disguised as a news report related to military affairs in Iran. . ” continues the report.

DNS

DNS Telecommunications Malware Phishing

Evil Corp gang starts using LockBit Ransomware to evade sanctions

Security Affairs

JUNE 7, 2022

The data reported in ProDaft’s report confirms that the analyzed malware administration panel was used to manage FAKEUPDATES infections and to distribute secondary payloads, including BEACON. ” concludes the report. Previously, the UNC2165 actors also deployed the HADES ransomware. Pierluigi Paganini.

Ransomware

Ransomware Cybercrime Malware Hacking

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

The Last Watchdog

JUNE 13, 2022

The top drivers of the continued growth of cybersecurity are: the growing need to protect the API supply chain, the inadequacy of existing identity management systems, and the unfulfilled promise of data-driven AI-powered cybersecurity systems. The Log4j vulnerability reported at the end 2021 heightened concern even more.

Cybersecurity

Cybersecurity Artificial Intelligence Software Marketing

Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign

Security Affairs

JUNE 10, 2022

Last week, Atlassian warned of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versions, tracked as CVE-2022-26134, that is being actively exploited in attacks in the wild. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Cryptocurrency

Cryptocurrency Malware Hacking Cybersecurity

Symbiote, a nearly-impossible-to-detect Linux malware?

Security Affairs

JUNE 9, 2022

Once the malware has infected all the running processes, it provides the threat actor with rootkit capability and supports data-stealing capabilities. ” reads the report published by Blackberry. ” continues the report. “Since it is extremely evasive, a Symbiote infection is likely to “fly under the radar.”

Malware

Malware DNS Antivirus Passwords

Russia-linked Fronton botnet could run disinformation campaigns

Security Affairs

MAY 23, 2022

Nisos analyzed the data and determined that Fronton is a system developed for coordinated inauthentic behavior on a massive scale.” “Two example lists of posting source dictionaries were included in the data. ” continues the report. ” reads the analysis published by the security firm NISOS. ru to 0day[.]llc.

DDOS

DDOS Media Hacking Engineering

The Best 10 Vendor Risk Management Tools

Centraleyes

MARCH 25, 2024

The platform goes beyond data collection by automatically generating actionable remediation tasks with intelligent prioritization and efficient management. In our interconnected world, our security is only as strong as our weakest link, and the third-party vendors we choose are essential links in our business chains.

Risk

Risk Data collection Architecture Government

Malicious apps continue to spread through the Google Play Store

Security Affairs

JUNE 16, 2022

However, the experts warn that info-stealing Trojans are the most dangerous threats for Android users, they could be used to steal sensitive data such as login credentials and authorization for multiple services online. The principal trends emerged from the Dr.Web report is the decreased activity of the Android.Spy.4498

Adware

Adware Antivirus Malware Software

Unmasking the Cracks of Today’s Cyber Defence

Jane Frankland

OCTOBER 31, 2023

C-suites across all industries, from traditional finance to the latest “unicorns” emerging in the fintech industry, are facing a formidable challenge: how to protect their business and customer data against growing cyber threats. You witnessed this during the 2008 recession when the FBI reported a 22.3%

CISO

CISO Threat Detection Cyber threats Cybercrime

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

Security Affairs

JUNE 5, 2022

Proof-of-concept exploits for the critical CVE-2022-26134 vulnerability in Atlassian Confluence and Data Center servers are available online. Proof-of-concept exploits for the critical CVE-2022-26134 flaw, affecting Atlassian Confluence and Data Center servers, have been released. 23 unique IPs so far.

VPN

VPN IoT Cybersecurity Engineering

Mozilla Releases Annual Privacy Guide to Holiday Shopping

Adam Levin

DECEMBER 5, 2018

It seems both consumers and companies are starting to see the value in connected products that are safe, secure, and private,” said Mozilla on their blog. Each product also has an individualized report, answering such questions as “Can it spy on me?” What does it know about me?” “Can Can I control it?” Read the guide here.

Internet

Internet Internet Education Mobile

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

Security Affairs

JUNE 17, 2022

It was reported via the Sophos bug bounty program by an external security researcher. ” reads the report published by Volexity. This blog post serves to share what highly targeted organizations are up against and ways to defend against attacks of this nature.” The CVE-2022-1040 flaw received a CVSS score of 9.8

Firewall

Firewall DNS Authentication Malware

Digital Risk Types Demystified: A Strategic Insight into Online Threats

Centraleyes

APRIL 23, 2024

According to a recent Deloitte report , more than half (52%) of consumers feel more at risk in the digital environment. Never underestimate the power of technology in shaping your business’s success. The digital landscape is advancing, and the risks of shirking cutting-edge technology are substantial.

Risk

Risk Technology Artificial Intelligence Data privacy

Black Basta ransomware operators leverage QBot for lateral movements

Security Affairs

JUNE 7, 2022

QBot, aka Qakbot and Pinkslipbot , has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials and other financial information from the victims. Experts reported that the threat actor used two main techniques to evade anti-virus detection by disabling Windows Defender.

Ransomware

Ransomware Backups Malware Firewall

Let’s give a look at the Dark Web Price Index 2022

Security Affairs

JUNE 15, 2022

The document updates the information provided in the Dark Web Index 2022 report. The report also includes prices for forged documents and scans, the scan of a Russian passport goes $100, while a selfie of an American citizen with holding ID costs $120, an increase of $20 compared with 2021. To nominate, please visit:?.

Identity Theft

Identity Theft Accountability DDOS Cybercrime

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

Security Affairs

JUNE 5, 2022

Atlassian has addressed on Friday an actively exploited critical remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence Data Center and Server.

Internet

Internet Internet IoT Software

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Last Watchdog

JULY 30, 2018

Over the past decade, cyber security solutions have evolved into specific categories of solutions. Grouping similar items into categories serve a particular purpose. For example, sports cars represent an entirely different category of vehicles than luxury vehicles. Categories of vehicles are somewhat easy to define.

CISO

CISO Cyber Attacks Data collection Cybersecurity

China-linked TA413 group actively exploits Microsoft Follina zero-day flaw

Security Affairs

JUNE 1, 2022

Researchers from Proofpoint reported that TA413 is conducting a spear-phishing campaign that uses ZIP archives containing weaponized Word Documents. Proofpoint has previously reported on Sepulcher malware and its links to the Lucky Cat and Exile Rat malware campaigns that targeted Tibetan organizations. app for the attacks.

Malware

Malware Phishing Hacking Cybersecurity

Experts warn of a new malvertising campaign spreading the ChromeLoader

Security Affairs

MAY 26, 2022

If applied to a higher-impact threat—such as a credential harvester or spyware—this PowerShell behavior could help malware gain an initial foothold and go undetected before performing more overtly malicious activity, like exfiltrating data from a user’s browser sessions.” ” reads the analysis published by the experts.

Malware

Malware Spyware Threat Detection Engineering

Nation-state malware could become a commodity on dark web soon, Interpol warns

Security Affairs

MAY 24, 2022

“On the one hand, we are aware of what’s going on — on the other hand, we need the data, which are in the private sector,” Stock said. “We need your [cyber breach] reports. “We need your [cyber breach] reports. Without your reports, we are blind.”

Malware

Malware Cybercrime Government Engineering

Understanding the Different Types of Audit Evidence

Centraleyes

APRIL 18, 2024

Audit evidence lies at the heart of cybersecurity audits and assessments, providing tangible proof of an organization’s adherence to cybersecurity measures. Being secure is not merely about having a secure infrastructure; it’s about ensuring that every aspect of that security is verifiable and transparent.

Risk

Risk Penetration Testing Encryption Cybersecurity

10 Reasons to Celebrate 2020

McAfee

DECEMBER 10, 2020

The recognition is based on customer feedback and ratings for McAfee MVISION Cloud, which we believe provides a cloud-native and frictionless way for organizations to consistently protect their data and defend from threats across the spectrum of Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS).

Policy Compliance

Policy Compliance Technology Information Security Media

MiraclePtr: protecting users from use-after-free vulnerabilities on more platforms

Google Security

JANUARY 11, 2024

If you need a refresher, you can read our previous blog post detailing MiraclePtr and its objectives. Our analysis is based on two primary information sources: incoming vulnerability reports and crash reports from user devices. What does the data tell us? In June 2023, we enabled MiraclePtr for ChromeOS, macOS, and Linux.

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

The Last Watchdog

JUNE 20, 2022

Data collections released after ransomware attacks. Ransomware attacks hit indiscriminately across business categories, from private corporations to government agencies, including schools and universities, hospitals and healthcare providers, financial institutions, and everything in between. Related: ‘IABs’ spread ransomware.

Ransomware

Ransomware Marketing Data collection VPN

Insights about the first five years of Right to be Forgotten requests at Google

Elie

DECEMBER 12, 2019

Google RTBF transparency report: a brief history To be as transparent as possible about this removal process, and to help the public understand how RTBF requests affect Search results while preserving requesters’ privacy, Google has documented its removal process since 2014 as part of its. transparency report. transparency report.

Media

Media Government Internet Internet

Exploring the Cost of a Data Breach and Its Implications

Centraleyes

APRIL 9, 2024

According to IBM’s recently released “Cost of a Data Breach” statistics report, the average financial toll of a data breach has surged to an unprecedented $4.45 Regional Disparities in Data Breach Costs The United States emerges with a significantly higher average cost of $9.4 million globally.

Data breaches

Data breaches Cyber Insurance Insurance Ransomware

Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT

Security Affairs

MAY 24, 2022

SentinelOne experts reported that Moshen Dragon focused on the hijacking of programs belonging to security vendors, including Symantec, TrendMicro, BitDefender, McAfee and Kaspersky. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. ” reads the advisory published by Trend Micro.

Malware

Malware Telecommunications Internet Internet

Cybersecurity and Data Protection lessons from a look back at 2021

BH Consulting

JANUARY 11, 2022

In that spirit, we’ve rounded up five of our most popular blogs from the past year. From ransomware and scams to security frameworks and employee privacy, our 2021 ‘greatest hits’ show how broad the areas of cybersecurity and data protection can be. Under the GDPR, fingerprints fall under the category of biometric data.

Cybersecurity

Cybersecurity Insurance Scams Cyber Risk

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

OCTOBER 19, 2020

Consider that PCI-DSS alone has over 250 complex requirements that include things like endpoint protection, password management, anti-virus, border security, data recovery and awareness training. There is no shortage of innovative cybersecurity tools and services that can help companies do a much better job of defending their networks.

eCommerce

eCommerce Cybersecurity B2B Marketing

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Google announced its Mobile VRP (vulnerability rewards program)

Trending Sources

Imperva is an Overall Leader in the 2023 KuppingerCole Leadership Compass Data Security Platforms Report

FISMA Compliance: A Complete Guide to Navigating Low, Moderate, and High Levels

The strange link between Industrial Spy and the Cuba ransomware operation

A Report Template for Incident Response

Note to Self: Create Non-Exhaustive List of Competitors

Do You Trust Your SIEM?

On Surveillance in the Workplace

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

Threat Trends: DNS Security, Part 1

Building a Custom SecureX Orchestration Workflow for Umbrella

Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques

Experts warn of ransomware attacks against government organizations of small states

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Evil Corp gang starts using LockBit Ransomware to evade sanctions

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign

Symbiote, a nearly-impossible-to-detect Linux malware?

Russia-linked Fronton botnet could run disinformation campaigns

The Best 10 Vendor Risk Management Tools

Malicious apps continue to spread through the Google Play Store

Unmasking the Cracks of Today’s Cyber Defence

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

Mozilla Releases Annual Privacy Guide to Holiday Shopping

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

Digital Risk Types Demystified: A Strategic Insight into Online Threats

Black Basta ransomware operators leverage QBot for lateral movements

Let’s give a look at the Dark Web Price Index 2022

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

China-linked TA413 group actively exploits Microsoft Follina zero-day flaw

Experts warn of a new malvertising campaign spreading the ChromeLoader

Nation-state malware could become a commodity on dark web soon, Interpol warns

Understanding the Different Types of Audit Evidence

10 Reasons to Celebrate 2020

MiraclePtr: protecting users from use-after-free vulnerabilities on more platforms

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

Insights about the first five years of Right to be Forgotten requests at Google

Exploring the Cost of a Data Breach and Its Implications

Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT

Cybersecurity and Data Protection lessons from a look back at 2021

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

Stay Connected