Cyber Security Informer

Product Review: NISOS Executive Shield

CyberSecurity Insiders

AUGUST 27, 2022

Nisos provides the people, processes, and technologies necessary to deliver actionable intelligence as a managed service. Executive Shield tracks threat actors targeting an organization’s people, identifies latent vulnerabilities, and reduces digital footprint exposure. Nisos also documents any remaining PII that couldn’t be removed.

Risk

Risk Media Data collection Security Intelligence

LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

CyberSecurity Insiders

APRIL 7, 2023

government takes down another dark web forum, Western Digital suffers a cyberattack and the fastest acting ransomware to date. Federal Bureau of Investigation (FBI) has taken down yet another illicit invitation-only marketplace popular among cybercriminals. The investigation is still in its early stages.

Encryption

Encryption Ransomware Marketing Cybercrime

How to Develop an Incident Response Plan

eSecurity Planet

DECEMBER 9, 2021

Developing and executing an incident response plan is a complicated undertaking, so we’ve broken up the process into a number of steps: Incident Response Defined. At a minimum, our incident response preparation process should: Define incident response responsibilities. Yet, it can get worse. Creating an Incident Response Plan.

Insurance

Insurance Backups Data breaches Ransomware

Introducing DevOpt: A Multifunctional Backdoor Arsenal

Security Boulevard

APRIL 18, 2023

During a recent investigation, we discovered a backdoor that uses Free Pascal and is capable of stealing data from infected systems. This discovery underscores the lengths to which cybercriminals will go to lure users into downloading malicious payloads, using tactics such as offering financial incentives.

Malware

Malware Data collection Cyber threats Encryption

PACS vulnerabilities, data breach spur lawsuit against radiology specialists

SC Magazine

JULY 12, 2021

The lawsuit follows a recent alert from the Department of Health and Human Services and SC Media reporting that showed more than 130 health systems are actively exposing millions of medical images via PACS and the communication and medical imaging management system known as DICOM, or Digital Imaging and Communications in Medicine.

Data breaches

Data breaches Identity Theft Healthcare Insurance

Fantastic or Frightening: FBI Accesses [Your?] Exchange Servers to Stop Attacks

SecureWorld News

APRIL 14, 2021

Unsealed court documents, reviewed by SecureWorld and shared below, explain a multi-day FBI operation. Cybersecurity and Infrastructure Security Agency (CISA) announced discovery of Zero-Day exploits being used to attack Microsoft Exchange email servers. Partially unsealed court documents reveal how the FBI made its case.

Government

Government Passwords Cybersecurity Data breaches

APT trends report Q3 2022

SecureList

NOVEMBER 1, 2022

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. They are designed to highlight the significant events and findings that we feel people should be aware of. DTrack is a backdoor used by subsets of the Lazarus group.

Malware

Malware Ransomware Spyware Encryption

Old foe or new enemy? Here’s how researchers handle APT attribution

SC Magazine

FEBRUARY 25, 2021

With cybercriminals commonly sharing tactics and techniques on underground forums, and with digital adversaries frequently leveraging many of the same commodity malwares and commercially available tools, it can be difficult to assign attribution to a cyber campaign. Scazon / CC BY 2.0 ).

Media

Media InfoSec Phishing Malware

IT threat evolution Q3 2023

SecureList

DECEMBER 1, 2023

Evidence that these vulnerabilities were being exploited by an unknown attacker was made public via samples submitted to VirusTotal. Common TTPs in attacks on industrial organizations In 2022, we investigated a series of attacks against industrial organizations in Eastern Europe.

Malware

Malware Ransomware Encryption Energy and Utilities

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

OCTOBER 3, 2023

Researchers have identified the exfiltration infrastructure of a LockBit affiliate while investigating a LockBit extortion incident that occurred in Q3 2023. Executive Summary We investigated a recent LockBit extortion incident that occurred in Q3 2023, which involved an unusual FTP server located in Moscow.

Scams

Scams Ransomware System Administration Malware

Top Data Loss Prevention (DLP) Solutions

eSecurity Planet

APRIL 13, 2022

In an age of strong data privacy laws like GDPR and CCPA , data loss prevention (DLP) technology is becoming a critically important IT security tool. Every organization has data, and some of that data is more sensitive than others. Sensitive data can include personally identifiable information (PII) that can impact user privacy. Key DLP Trends.

Backups

Backups Encryption Risk Data privacy

Kroger reaches $5M settlement with breach victims, as Supreme Court defines ‘actual harm’

SC Magazine

JULY 8, 2021

But compliance is often seen as a checklist and one in need of improvement as the rule was enacted in 2009 – long before the age of digital health and an increasingly sophisticated threat landscape. And even with the best security processes and tech, sometimes threat actors are still successful in their exploits.

Data breaches

Data breaches Insurance Risk Ransomware

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

The evidence suggests that the threat actor behind the attack, DarkHalo (aka Nobelium), had spent six months inside OrionIT’s networks to perfect their attack. For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity.

Malware

Malware Government Surveillance Spyware

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Since the pandemic began, cybersecurity has been named a top priority for national security and we’ve witnessed some of the largest, and most destructive cyber breaches in history. Dateline Cybercrime .

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Microsoft says Russian hackers continue targeting 2018 midterm elections

Security Affairs

AUGUST 21, 2018

“To be clear, we currently have no evidence these domains were used in any successful attacks before the DCU transferred control of them, nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains.” The remaining websites were designed to mimic two U.S.

Advertising

Advertising Hacking Accountability Education

Cyber Security Informer

Product Review: NISOS Executive Shield

LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

Trending Sources

How to Develop an Incident Response Plan

Introducing DevOpt: A Multifunctional Backdoor Arsenal

PACS vulnerabilities, data breach spur lawsuit against radiology specialists

Fantastic or Frightening: FBI Accesses [Your?] Exchange Servers to Stop Attacks

APT trends report Q3 2022

Old foe or new enemy? Here’s how researchers handle APT attribution

IT threat evolution Q3 2023

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Top Data Loss Prevention (DLP) Solutions

Kroger reaches $5M settlement with breach victims, as Supreme Court defines ‘actual harm’

APT trends report Q3 2021

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Microsoft says Russian hackers continue targeting 2018 midterm elections

Stay Connected