Anton on Security

AUGUST 30, 2023

new blog “Revisiting Traditional Security Advice for Modern Threats” , here are the key ideas from it. You can do this, using ̶p̶o̶w̶e̶r̶f̶u̶l̶ ̶A̶I̶ ̶v̶o̶o̶d̶o̶o̶ ̶m̶a̶g̶i̶c̶ many of the approaches and practices ( our blog again has the details ) that you should have started doing years ago, but most never did.

Firewall 130

Firewall Software Threat Detection Cybersecurity 130

Heimadal Security

FEBRUARY 21, 2024

International law enforcement operation disrupts LockBit ransomware gang and offers victims free decryption tool. ’s National Crime Agency (NCA), the Europol, the FBI, and a coalition of international police agencies. Police Arrests Staff Members and Gives Victims Free Decryptor appeared first on Heimdal Security Blog.

Ransomware 88

Ransomware Cybersecurity 88

Anton on Security

OCTOBER 21, 2020

From Google Cloud Blog: “Improving security, compliance, and governance with cloud-based DLP data discovery” So, I’ve been doing some blogging at Google Cloud blog with most posts connected to products, launches, etc. However, I am also doing a fun blog series on DLP in the cloud. Blog 1 is here , and blog 2 is here? —?you

Government 100

Government Cloud Migration Data breaches Risk 100

Anton on Security

SEPTEMBER 21, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. ahem … suffer (this wins the Understatement of the Year award) Technical bias, starting from available data rather than threats  — this is sadly very common at less-mature SOCs.

Engineering 221

Engineering Threat Detection Marketing Internet 221

Anton on Security

APRIL 13, 2023

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our sixth Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 and #5 ).

Cybersecurity 221

Cybersecurity Passwords Accountability Ransomware 221

Heimadal Security

FEBRUARY 1, 2024

Without them, you can’t hope to protect yourself against a complex and ever-changing landscape of internal and external threats. But knowing where to […] The post Top 11 Privileged Access Management Solutions (2024) appeared first on Heimdal Security Blog.

Cybersecurity 92

Cybersecurity 92

Security Affairs

FEBRUARY 2, 2024

Cloudflare revealed that a nation-state actor breached its internal Atlassian server, gaining access to the internal wiki and its bug database (Atlassian Jira). “From November 14 to 17, a threat actor did reconnaissance and then accessed our internal wiki (which uses Atlassian Confluence) and our bug database (Atlassian Jira).

Authentication 108

Authentication Hacking Accountability Information Security 108

Heimadal Security

NOVEMBER 3, 2023

Managing privileged access to internal resources is a challenge for organizations worldwide. For this article, I chose the term “privilege overreach” to describe […] The post Privilege Overreach, the Lurking PAM Security Threat appeared first on Heimdal Security Blog.

Data breaches 91

Data breaches Accountability 91

ZoneAlarm

AUGUST 30, 2023

In an ambitious international operation, law enforcement agencies, spearheaded by the FBI, have neutralized the Qakbot malware infrastructure. This significant move not only marks a large-scale effort to actively combat malware but also underscores the intensified global threat posed by cyber-extortion campaigns, primarily ransomware.

Malware 98

Malware Banking Ransomware Cybersecurity 98

Graham Cluley

MAY 12, 2023

es, you should be worried about the threat posed by external hackers. But also consider the internal threat posed by insiders and rogue employees - the people you have entrusted to act responsibly with the data of your company and your customers. Read more in my article on the Hot for Security blog.

Data breaches 75

Data breaches 75

Heimadal Security

DECEMBER 22, 2023

government agencies, international allies, and the Defense Industrial Base, underlining the collective effort in facing sophisticated cybersecurity threats. Key initiatives and […] The post NSA Releases 2023 Cybersecurity Year in Review Report appeared first on Heimdal Security Blog.

Cybersecurity 80

Cybersecurity Government 80

SecureWorld News

MAY 6, 2024

This commitment to making security job #1 comes on the heels of a string of incidents, including a major breach disclosed just two months ago, where Russian state-sponsored hackers tracked as Midnight Blizzard or Nobelium gained disturbing levels of access to Microsoft's internal systems and source code repositories.

CISO 79

CISO Engineering Cybersecurity Authentication 79

Heimadal Security

SEPTEMBER 12, 2023

First, it had to keep up with the latest internal and external threats. appeared first on Heimdal Security Blog. Researchers designed MXDR with two major vectors in mind. Second, to protect the more complex business networks.

93

93

Heimadal Security

APRIL 26, 2023

According to ARCC, a third party gained unauthorized access to the internal network system. Further on, threat actors accessed and exfiltrated sensitive data of vendors, current and former employees, and their dependents.

Data breaches 101

Data breaches Cybersecurity 101

Heimadal Security

JANUARY 19, 2023

MailChimp announced it has been victim to a social engineering attack that threat actors successfully performed on the company`s employees and contractors. Hackers managed to obtain employee credentials and gain access to an internal customer support and account administration tool. The attack affected the data of 133 customers.

Social Engineering 109

Social Engineering Data breaches Engineering Accountability 109

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware 87

Ransomware Firmware Hacking Manufacturing 87

Heimadal Security

JANUARY 3, 2023

based Chinese international students, a wealthy victim group, with scam calls. The campaign is ongoing for more than a year and shows that threat actors have meticulously selected and researched their victims. Are Victims of RedZei Scam Calls appeared first on Heimdal Security Blog. The post Chinese Students in the U.K.

Scams 108

Scams Cybersecurity 108

Heimadal Security

JUNE 20, 2023

Back in February, the social news aggregation platform Reddit experienced a security breach in which threat actors gained unauthorized access to internal documents, code, and some business systems.

Ransomware 89

Ransomware Cybersecurity 89

Duo's Security Blog

FEBRUARY 21, 2024

However, internally at Duo, we realized that by disbanding the Labs team and discontinuing writing for the Labs site, we lost something special about Duo itself. It’s one thing to have the company blog (look, I’m writing here right now!). This type of work doesn’t necessarily coincide with the scope of Duo’s mainline blog.

Authentication 108

Authentication Engineering Mobile Internet 108

Heimadal Security

FEBRUARY 24, 2023

The threat actors gained access to the company’s internal systems by tricking an employee with an SMS phishing text. BleepingComputer reached […] The post Activision Breached: Here Is What Happened appeared first on Heimdal Security Blog. Game developer Activision confirms that it suffered a data breach in December 2022.

Data breaches 87

Data breaches Phishing Cybersecurity 87

The Last Watchdog

SEPTEMBER 25, 2023

Training team members regularly with real-life scenarios will help them spot potential threats and protect them from exposing your business. For example, your accounting technology should have features that work to protect your data, like internal controls, multi-factor authentication, or an audit trail that documents change to your data.

Small Business 222

Small Business Cybersecurity Technology Accountability 222

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. Image: Cloudflare.com. According to an Aug.

Mobile 291

Mobile Phishing Authentication Accountability 291

The Last Watchdog

SEPTEMBER 11, 2023

Related: Neutralizing insider threats This pervasive problem extends beyond traditional notions of fraud, encompassing both insider threats and external risks arising from partnerships, competitors, and poor IP management. Yet, the rise of internal fraud presents a unique challenge.

Risk 203

Risk Technology Surveillance Cyber threats 203

Heimadal Security

APRIL 7, 2023

A recent data breach affecting Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as ‘Money Message’. The threat actors claim to have stolen source code from the company’s network.

Ransomware 79

Ransomware Data breaches Marketing Cybersecurity 79

Security Affairs

APRIL 13, 2023

Knowing that insider threats are a risk is one thing. However, over one-third of businesses are impacted by insider threats every year, and US businesses face about 2.500 internal security breaches in the aggregate per day. The question isn’t why to build out an insider threat prevention program: it’s how.

Data privacy 92

Data privacy Risk Media Software 92

Heimadal Security

JULY 6, 2022

As explained by BleepingComputer the threat actors refer to their operation as “N13V” internally, and developed The Linux encryptor specifically for the purpose of targeting VMware ESXi servers. The post New Strain of Ransomware Discovered appeared first on Heimdal Security Blog.

Ransomware 99

Ransomware Encryption Cybersecurity 99

The Last Watchdog

MARCH 4, 2024

Charities and nonprofits are particularly vulnerable to cybersecurity threats, primarily because they maintain personal and financial data, which are highly valuable to criminals. Many nonprofits are exposed to potential daily threats and don’t even know it. Assess risks. Strengthen authentication.

Social Engineering 213

Social Engineering Risk Cybersecurity Authentication 213

Schneier on Security

FEBRUARY 3, 2021

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot , was deployed in September 2019, at the time hackers breached SolarWinds’ internal network.

Computers and Electronics 347

Computers and Electronics Malware Software Government 347

Heimadal Security

NOVEMBER 21, 2022

State-backed Chinese hackers started a spear phishing attempt to spread personalized malware stored in Google Drive to international governmental, academic, and scientific institutions. The majority of the organizations the threat group […].

Phishing 87

Phishing Malware Cybersecurity 87

Heimadal Security

MARCH 11, 2022

Threat actors are employing a new technique and leveraging website contact forms instead of common phishing emails to deliver BazarBackdoor. BazarBackdoor is malware that lets hackers achieve remote access to an internal device. This helps them bypass security software detection. What Is BazarBackdoor?

Malware 99

Malware Phishing Software Cybersecurity 99

Heimadal Security

APRIL 5, 2022

Threat actors managed to get access to internal customer support and account management systems at MailChimp, the email marketing company reported on Sunday. The post Crypto Customers Targeted in MailChimp Data Breach appeared first on Heimdal Security Blog.

Data breaches 95

Data breaches Cryptocurrency Phishing Marketing 95

Jane Frankland

JANUARY 23, 2024

In last week’s blog (part 2), I continued to explore the pros and cons of using an MDR provider and whether it’s better choosing a boutique provider over that of a traditional big brand. Having begun by discussing the first core feature, technology, I then focused on the second core feature, contract terms. Core Feature #3.

Threat Detection 162

Threat Detection Risk Social Engineering Cybersecurity 162

Heimadal Security

JUNE 27, 2023

According to the New York City Department of Education (NYC DOE), threat actors broke into the NYC DOE’s MOVEit Transfer server and stole documents containing the personal information of up to 45,000 students.

Education 70

Education Software Cybersecurity 70

Security Boulevard

JUNE 8, 2023

In today’s hyper-connected world, risk management has evolved beyond mere protection against external threats. Now, organisations must also navigate the terrain of internal threats – a task that requires setting up an Insider Risk Programme (IRP).

Risk 52

Risk 52

The Last Watchdog

APRIL 5, 2022

The recent Western reporting on the Uyghur internment camps in Xinjiang triggered further sensitivity around how the international community views the Chinese Communist Party’s domestic policies. But this leaves security teams powerless to stop novel threats and zero-days. We have entered a new era of cyber threats.

Hacking 243

Hacking Passwords Firewall Internet 243

The Last Watchdog

NOVEMBER 29, 2021

The vulnerabilities and challenges associated with declining worker mental health is causing cybersecurity risks to increase, especially from insider threats. When an employee is struggling, they may reach a tipping point and become an insider threat. Mental health cyber risks.

Cybersecurity 223

Cybersecurity Social Engineering Risk Cyber Risk 223

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN 108

VPN Malware Authentication Hacking 108