Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees.

Ransomware 258

Ransomware Healthcare Cybercrime Government 258

Schneier on Security

MARCH 1, 2022

Nice piece of research : Abstract: Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and demands a ransom in exchange for decryption. As data recovery is impossible if the encryption key is not obtained, some companies suffer from considerable damage, such as the payment of huge amounts of money or the loss of important data.

Ransomware 257

Ransomware Encryption 257

Tech Republic Security

MARCH 1, 2022

The vulnerability lies in how Samsung implemented a portion of the Android Trusted Execution Environment, leading to devices as new as the S21 being vulnerable to initialization vector reuse attacks. The post 100 million Samsung phones affected by encryption weakness appeared first on TechRepublic.

Encryption 212

Encryption Mobile 212

Bleeping Computer

MARCH 1, 2022

A Ukrainian researcher continues to deal devastating blows to the Conti ransomware operation, leaking further internal conversations, as well as the source for their ransomware, administrative panels, and more. [.].

Ransomware 138

Ransomware 138

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

MARCH 1, 2022

A new type of malware attack is hitting Ukraine, and it renders the victim's machine useless. The post Destructive “HermeticWiper” malware strikes Ukraine appeared first on TechRepublic.

Malware 203

Malware 203

Security Boulevard

MARCH 1, 2022

In one of the most impactful European conflicts since World War II, Russian troops have invaded neighboring Ukraine, a sovereign nation. While the effects of this war on world peace and stability remain to be seen and while a larger conflict involving other nations including the U.S. could soon become a reality, the uncomfortable truth. The post Ignoring US Cybersecurity Vulnerabilities No Longer an Option appeared first on Security Boulevard.

Cybersecurity 136

Cybersecurity Small Business Security Awareness Risk 136

Bleeping Computer

MARCH 1, 2022

Microsoft has started rolling out its new endpoint security solution for small and medium-sized businesses (SMBs) known as Microsoft Defender for Business to Microsoft 365 Business Premium customers worldwide starting today, March 1st. [.].

135

135

InfoWorld on Security

MARCH 1, 2022

Want to know who has the most stressful job in the enterprise these days? It’s the CISO, or chief information security officer. This is typically a senior-level executive responsible for developing and implementing information security programs and the person first on the hook if a breach occurs. Many of these brave men and women took on the role prior to the pandemic when vulnerable applications and data could be placed within a secure domain—typically, a well-defined firewall. [ Also on InfoWo

CISO 133

CISO Firewall Information Security 133

CSO Magazine

MARCH 1, 2022

Corporate boards are asking their CISOs to inform them more often about cybersecurity risks. This gives security leaders an opportunity to help senior business stakeholders better understand security’s value and makes them more likely to support and strengthen security strategies. However, talking to the board about cybersecurity in a way that is productive can be a significant challenge, and failing to do so effectively can result in confusion, disillusionment, and a lack of cohesion among dire

CISO 130

CISO Risk Cybersecurity 130

SecureList

MARCH 1, 2022

Executive summary. On February 24, 2022, Avast Threat Research published a tweet announcing the discovery of new Golang ransomware, which they called HermeticRansom. This malware was found around the same time the HermeticWiper was found, and based on publicly available information from security community it was used in recent cyberattacks in Ukraine.

Encryption 126

Encryption Malware Ransomware Cyber Attacks 126

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

MARCH 1, 2022

Chipmaker giant Nvidia confirms that its network was breached in a cyberattack last week, giving intruders access to proprietary information data and employee login data. [.].

121

121

CSO Magazine

MARCH 1, 2022

Cyberattacks that shut factories and disable e-commerce. Contracting firms that have access to crypto currency and know how to negotiate with ransomware attackers. Warfare that takes place simultaneously online as well as on the ground. We’re living in a different world in which no business or government is isolated from these threats. That’s why CSO’s Future of InfoSec Summit is a must-attend event.

InfoSec 119

InfoSec Risk Government Ransomware 119

Malwarebytes

MARCH 1, 2022

We’ve received an interesting spam email which (deliberately or not) could get people thinking about the current international crisis. Being on your guard will pay dividends over the coming days and weeks, as more of the below is sure to follow. Unusual sign-in activity detected? The email’s subject line, “Microsoft account unusual sign-in activity”, is always guaranteed to attract some attention.

Accountability 115

Accountability Phishing Social Engineering Banking 115

CSO Magazine

MARCH 1, 2022

In keeping with the hybrid nature of Russia’s invasion of Ukraine, several hacktivist groups and hackers have joined the fight in the embattled nation, including some hacktivists encouraged by the government of Ukraine itself. Although the hacktivists have been waging their version of cyber warfare mostly against Russian organizations, hacktivists sympathetic to Russia are also turning their weapons against Ukraine.

DDOS 115

DDOS Media Hacking CSO 115

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Dark Reading

MARCH 1, 2022

Hybridizing signatures with artificial intelligence is making a significant difference in our ability to detect cyberattacks, including ransomware.

Artificial Intelligence 126

Artificial Intelligence Cybersecurity Ransomware 126

Threatpost

MARCH 1, 2022

The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that's found in a massive number of VoIP implementations.

112

112

Heimadal Security

MARCH 1, 2022

According to Microsoft, several hours before Russia invaded Ukraine on February 24th, the Eastern European country networks were targeted with newly discovered malware. The Microsoft Threat Intelligence Center (MSTIC) discovered a new malware strain called FoxBlade that was used in destructive attacks against Ukraine. Microsoft President and Vice-Chair Brad Smith declared: Several hours before the […].

Malware 110

Malware Cybersecurity 110

Security Boulevard

MARCH 1, 2022

Accounts, access, permissions, and privileges have become a popular target for cyberattacks. This reality has forced organizations in the cloud […]. The post All About Identity: DevOps Security Best Practices appeared first on Sonrai Security. The post All About Identity: DevOps Security Best Practices appeared first on Security Boulevard.

Accountability 108

Accountability 108

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Heimadal Security

MARCH 1, 2022

When a host system or network is compromised, indicators of compromise (IoCs) are used to gather forensic evidence of the intrusion. What Are Indicators of Compromise? Informatics security (InfoSec) experts and system administrators may use these traces to identify infiltration attempts and other possible harmful activities. IoCs are used by security researchers to better understand the […].

Cybersecurity 107

Cybersecurity InfoSec System Administration 107

The Hacker News

MARCH 1, 2022

An Android banking trojan designed to steal credentials and SMS messages has been observed once again sneaking past Google Play Store protections to target users of more than 400 banking and financial apps, including those from Russia, China, and the U.S.

Banking 104

Banking Malware 104

Heimadal Security

MARCH 1, 2022

Japan’s Toyota Motor Corporation is a worldwide automobile manufacturer with its headquarters in Toyota City, Aichi Prefecture. Kiichiro Toyoda formed the company, which was officially established on August 28, 1937. Toyota is one of the world’s major automotive manufacturers, with a production capacity of around 10 million automobiles each year.

Manufacturing 105

Manufacturing Cybersecurity 105

Bleeping Computer

MARCH 1, 2022

The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices. [.].

Banking 114

Banking Malware 114

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Heimadal Security

MARCH 1, 2022

In the context where CISOs along with their European and global teams are or might be experiencing cybersecurity effects of the war in Ukraine, Forrester recommended some cybersecurity steps that should be followed. The National Cybersecurity Authority’s Advice Should Be Followed You should follow the advice of your national cybersecurity authority, but if you do […].

Cybersecurity 104

Cybersecurity CISO 104

Acunetix

MARCH 1, 2022

A new Acunetix Premium update has been released for Windows, Linux, and macOS: 14.7.220228146 This Acunetix release introduces multiple IAST updates that will help detect several high severity vulnerabilities, provide full coverage for the newly supported web frameworks, and improve the detection of server-side misconfigurations. Read more. The post Acunetix introduces IAST updates improving vulnerability and misconfiguration detection as well as scan coverage appeared first on Acunetix.

102

102

Bleeping Computer

MARCH 1, 2022

Researchers have identified an alarming new trend in DDoS attacks that target middlebox devices to attain enormous 6,533% amplification levels. With such an amplification level, threat actors can launch catastrophic attacks with limited bandwidth/equipment. [.].

DDOS 99

DDOS 99

Dark Reading

MARCH 1, 2022

Email-borne attacks out of Russia have already targeted at least a few US and European organizations.

133

133

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Cisco Security

MARCH 1, 2022

At Cisco, we empower our customers to control their data. Protecting the privacy, integrity, and confidentiality of data in our possession is of utmost importance. In a world of advancing cyberthreats, expanding extraterritorial legislation, and growing concerns for data localization, we understand technology companies have an outsized responsibility to ensure customers have the power to make important decisions about their data.

Government 99

Government Surveillance Technology Software 99

Security Boulevard

MARCH 1, 2022

Enterprises that realized their cybersecurity defenses will never be 100% effective against malware attacks have increasingly turned to threat hunting and malware analysis as part of their defense-in-depth strategy. According to a just-released survey by TK OPSWAT, 48% of organizations said they have a dedicated malware analysis capability, while 58% of those surveyed claimed they.

Malware 98

Malware Cybersecurity Software 98

Bleeping Computer

MARCH 1, 2022

Scammers are now targeting unsuspecting users via phishing webpages, forum posts, and email links enticing users to "help Ukraine" by donating cryptocurrency. The development follows Ukraine's successful effort of raising over $37 million in crypto donations from all around the world amid the country's ongoing Russian invasion. [.].

Scams 98

Scams Cryptocurrency Phishing 98

Security Boulevard

MARCH 1, 2022

TrickBot appears to have become a casualty of the ongoing war in the Ukraine. Yesterday, a member of the Conti cybergang decided to go against the rest of the group by leaking all of the group’s IoCs (Indicator of Compromise), source codes, and chats. . The post TrickBot backend source code leaked appeared first on Security Boulevard.

Hacking 98

Hacking 98

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.