Wizard Spider, the cybercrime gang behind the TrickBot botnet, is believed to be the author of a new ransomware family dubbed Diavol, Fortinet researchers report. Researchers from Fortinet reported that a new ransomware family, tracked as Diavol, might have been developed by Wizard Spider, the cybercrime gang behind the TrickBot botnet. The Trickbot botnet was used […]
The post Diavol ransomware appears in the threat landscape. Is it the work of the Wizard Spider gang? appeared first on Security Affairs.
Read More Diavol ransomware appears in the threat landscape. Is it the work of the Wizard Spider gang?
LogPoint launched a content pack for Cortex XSOAR, a security orchestration, automation and response (SOAR) platform from Palo Alto Networks. The new integration, available on the Cortex XSOAR Marketplace, enables cybersecurity analysts to automate inc…
Read More LogPoint launches content pack for Palo Alto Networks Cortex XSOA to accelerate incident response
Innodisk released its DDR5 DRAM modules. The new standard touts a host of crucial performance improvements and power savings over its predecessor, and anticipation has been high since the official announcement of the standard. Boasting a bucketload of …
Read More Innodisk DDR5 DRAM modules offer performance improvements and power savings
ISTARI and Prevalent AI announced that ISTARI has become a significant minority shareholder of PAI. PAI was founded in 2017 by industry veterans Paul Stokes, Sir Iain Lobban, Andrew France OBE, and Arun Raj to enable organizations to rapidly ingest, tr…
Read More ISTARI becomes a significant minority shareholder of Prevalent AI
SYN Ventures formally launched its debut fund and revealed the firm led Sevco Security’s $15 Million Series A round as the first investment in the fund. SYN also led the Seed round in SynSaber and participated in the record-setting Series A round in Tr…
Read More SYN Ventures launches debut fund and reveals three investments
Asurity announces David Roell has joined the company as Vice President, Compliance Products and Analytics at its subsidiary RiskExec. Prior to joining the Asurity organization, David served as Lead Data Scientist, HMDA Operations at the Consumer Financ…
Read More Asurity appoints David Roell as VP, Compliance Products and Analytics at RiskExec
George Lee joins Imperva as Regional Vice President of Asia Pacific and Japan. Based in Singapore, Lee will scale the business in the region, expand into key growth markets, and develop new strategic initiatives. “George brings an extensive track recor…
Read More George Lee joins Imperva as Regional VP of Asia Pacific and Japan
Cyber resilience refers to a business’s ability to mitigate damage to its systems, processes and even its reputation. It’s based on the principle that, in the real (and really connected) world, adverse events occur. This could be in the form of a user enabling a breach by providing sensitive information during a phishing attack, through […]
The post Podcast: How to build a cyber resilient business appeared first on Webroot Blog.
Read More Podcast: How to build a cyber resilient business
From the New York Times: “When an Eel Climbs a Ramp to Eat Squid From a Clamp, That’s a Moray.” The article is about the eel; the squid is just eel food. But still….
Read More Friday Squid Blogging: Best Squid-Related Headline
As usual, you can also use this squid post to talk about the s…
Attention to detail, creativity and perseverance are key traits for a good white hat hacker. These positions are in high demand.
Read More You don’t have to be a tech expert to become a cybersecurity pro
The field is desperate for staff, and pros can succeed even if they’re not technology experts.
Read More Cybersecurity pros come from all backgrounds, expert says
A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack. […]
Read More REvil ransomware hits 1,000+ companies in MSP supply-chain attack
A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack. […]
Read More REvil ransomware hits 200 companies in MSP supply-chain attack
The acquisition will bring Barracuda into the extended detection and response (XDR) market with a tool for managed service providers.
Read More Barracuda Agrees to Acquire Skout Cybersecurity
Accenture Security: Attackers Focus on Those With Over $1 Billion in RevenueAt least seven companies with annual revenue of over $1 billion have been hit so far this year by Hades ransomware, according to an Accenture Security report.
Read More Hades Ransomware Has Targeted 7 Large Companies
House Committee Debates 9 Bills Focused on Securing NetworksA House subcommittee is considering a slate of nine bills designed to improve cybersecurity practices in the telecommunications supply chains that support wireless networks.
Read More Congress Considers Measures to Improve Telecom Security
Agency Warns of Impact on National SecurityFailure to take basic security steps – such as avoiding using end-of-life software and default passwords – can create serious national security risks, CISA stresses. It’s in the early stages of developing a ca…
Read More CISA Emphasizes Urgency of Avoiding ‘Bad’ Security Practices
Windows 11 may soon switch to a Black Screen of Death for operating system crash screens rather than the blue screen that has been used for many years. […]
Read More Windows 11 may switch to a Black Screen of Death crash screen
Celebrity says social media posts reporting her sudden death were work of bad actor
Read More Hacker Blamed for Reality TV Star’s ‘Death’
Affiliate-Driven Approach and Regular Malware Refinements Are Key, Experts SayREvil, aka Sodinokibi, is one of today’s most notorious – and profitable – ransomware operations, driven by highly skilled affiliates who share profits with the operators. An…
Read More REvil’s Ransomware Success Formula: Constant Innovation
Free micropatches addressing the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service are now available through the 0patch platform. […]
Read More Actively exploited PrintNightmare zero-day gets unofficial patch
Microsoft is urging Azure users to update PowerShell to address a remote code execution vulnerability that was fixed earlier this year. Microsoft is recommending its Azure users to update PowerShell versions 7.0 and 7.1 to protect against a high severity remote code execution vulnerability tracked as CVE-2021-26701. The IT giant is inviting the PowerShell task […]
The post Microsoft urges Azure users to update PowerShell to fix RCE flaw appeared first on Security Affairs.
Read More Microsoft urges Azure users to update PowerShell to fix RCE flaw
Suspect held in New York since 2019 over international hacker-for-hire scheme is ready to negotiate
Read More Private Eye Charged in Hacking Scheme Seeks Plea Deal
Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs – but most systems do not have the technology yet.
Read More Secured-Core PCs May Mitigate Firmware Attacks, But Adoption Lags
Company says remote code execution issue in all Windows versions is different from one in Windows Print Spooler that it had patched last month, though both affect same function.
Read More Microsoft Issues New CVE for ‘PrintNightmare’ Flaw
Sensitive financial information must now be unreadable when stored electronically
Read More ACH Data Security Rule Takes Effect
After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game.
Read More TrickBot Spruces Up Its Banking Trojan Module
The ongoing attacks are targeting cloud services such as Office 365 to steal passwords and password-spray a vast range of targets, including in U.S. and European governments and military.
Read More Widespread Brute-Force Attacks Tied to Russia’s APT28
Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry.
Read More Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks
A survey of IT and security pros finds many are confident in their ability to detect security incidents in near-real time or within minutes.
Read More SOC Investment Improves Detection and Response Times, Data Shows
Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can’t or won’t upgrade to the latest operating system.
Read More Another 0-Day Looms for Many Western Digital Users
An unknown threat actor has compromised the servers of Mongolian certificate authority (CA) MonPass and abused the organization’s website for malware distribution, according to security researchers at Avast.
Read More Hackers Compromise Mongolian Certificate Authority to Spread Malware
Somewhere between Santa Cruz and Point Pinos sits Monterey Bay — first discovered by Europeans in 1542, still a home for sea otters, and also Apple’s namesake for the next edition of the Mac operating system, macOS Monterey. The OS (not the bay) is …
Read More A fast, first look at macOS Monterey
Remembering John McAfee, an antivirus software pioneer – Beware these Facebook scams – Data for almost all LinkedIn users scraped and up for sale
Read More Week in security with Tony Anscombe
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Microsoft has told Azure users to update PowerShell — if they are using versions 7.0 or 7.1 — to address a remote code execution vulnerability patched earlier this year.
Read More Microsoft Tells Azure Users to Update PowerShell to Patch Vulnerability
Microsoft now requires a computer to have a TPM 2.0 module to install Windows 11. However, new Registry entries have been discovered that allow you to bypass the TPM requirement and minimum memory and secure boot requirements. […]
Read More How to bypass the Windows 11 TPM 2.0 requirement
You can now secure your account with a physical security key as your sole 2FA method, without any additional 2FA option
Read More Twitter now lets users set security keys as the only 2FA method
The post Twitter now lets users set security keys as the only 2FA method appeared first on WeLiveSecurity
Wizard Spider, the notorious cybercrime gang that operated the TrickBot botnet and the Ryuk and Conti
Read More New Ransomware ‘Diavol’ Linked to Notorious Cybercrime Gang
The way we work and treat each other go a long way in improving our organizations’ security posture.
Read More 5 Mistakes That Impact a Security Team’s Success
Each month, Microsoft pushes out various types of updates, patches, and fixes. For the most part, these are security-related (i.e., fixing known or recently disclosed vulnerabilities), but they can also play on performance or accessibility. Asides from…
Read More Automating Microsoft Optional Quality Updates – Can it Be Done?
Initially, it looked like the breach was a VPN backup database leak, but it’s now clear that the LimeVPN website was attacked and this event was a full-blown website breach. The LimeVPN website was taken down by a hacker, and over 69.400 user records w…
Read More LimeVPN Website Was Taken Down by a Hacker
Cyber Defense Magazine July 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 158 pages of excellent content. In this edition: Colonial Pipeline, JBS Cyber Attacks Shine Spotlight on Operational Technology Vulnerabilities for Wide Range of Business Sectors Getting The Cloud Right – Security and Compliance Flipping the Cyber Script … […]
The post Cyber Defense Magazine – July 2021 has arrived. Enjoy it! appeared first on Security Affairs.
Read More Cyber Defense Magazine – July 2021 has arrived. Enjoy it!
According to Honeywell Cybersecurity Research, USB threats that can severely affect business operations grew notably during a disruptive year when the usage of removable media and network connectivity also increased. The study shows that 37% of threats…
Read More Business Operations Could Be Seriously Affected by USB Threats
Microsoft late Thursday acknowledged a severe security vulnerability in the Print Spooler utility that ships by default on Windows and warned that the bug exposes users to computer takeover attacks.
Read More Microsoft Confirms ‘PrintNightmare’ is New Windows Security Flaw
No sensitive information was compromised in a ransomware attack last month on the state agency that provides ferry service between mainland Massachusetts and the islands of Martha’s Vineyard and Nantucket.
Read More Ferry Agency: No Sensitive Info Compromised in Cyberattack
Mirai Botnet Threat appeared for the first time in 2016 and has continually posed a threat to IoT devices. McAfee has recently released a report that analyses the impact of this network. Mirai Botnet Threat and its various alternatives derived from it …
Read More Watch Out! Mirai Botnet Threat Is Closer Than You Think!
Text Ad Contained Link Directing to Avira’s VPN ProductGoogle says it’s investigating how a text advertisement was injected into SMS messages containing two-step verification security codes. The text advertisement contained a link that redirected to a …
Read More Google Investigates Ad Injected Into 2FA SMS Messages
After a popular hacker advertised data from over 700 million LinkedIn users for sale last month, it was revealed that the vast amount of stolen information is being put together and filtered to identify specific targets. The Threat Post reporter Becky …
Read More Hackers Are Targeting LinkedIn’s 1.2B Data-Scrape Victims
Also: IoT Device Hacks; Windows 11 Security FeaturesIn the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including cybersecurity trends for the second half of the year, IoT device security and the plann…
Read More ISMG Editors’ Panel: FBI Assessment of Cybersecurity Trends
Rob Joyce, the director of cybersecurity at the National Security Agency (NSA), on Thursday announced that his role now has an official Twitter account.
Read More Director of Cybersecurity at NSA Gets Dedicated Twitter Account
Court says that we need to “avoid a construction that makes some language mere surplusage.”
Read More US email hacker gets his “computer trespass” conviction reversed
Microsoft warns of a critical .NET Core remote code execution vulnerability in PowerShell 7 caused by how text encoding is performed in in .NET 5 and .NET Core. […]
Read More Microsoft warns of critical PowerShell 7 code execution vulnerability
A Which? analysis found that that a home filled with smart devices was targeted by over 12,000 unique scans/hacks in a single week
Read More Smart Home Experiences Over 12,000 Cyber-Attacks in a Week
Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called “mirai_ptea” that leverages an undisclosed vulnerability in digital video recorders (DVR) provided by KGUARD to propagate and carry out distributed denial-o…
Read More New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks
Even our favorite superheroes can’t defend us against cyberattacks.
Read More DC and Marvel superheroes top breached password lists
In yet another instance of software supply chain attack, unidentified hackers breached the website of MonPass, one of Mongolia’s major certificate authorities, to backdoor its installer software with Cobalt Strike binaries.
Read More Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software
The trojanized client was av…
Containers are complex virtual entities that provide proven benefits to the business but also require strong security guidelines. Learn how to get the most out of container security best practices.
Read More Container security: How to get the most out of best practices
The researchers at FortiGuard Labs linked a new ransomware strain dubbed Diavol ransomware to Wizard Spider. It looks like Diavol and Conti ransomware payloads got deployed on different systems in a ransomware attack that was blocked back in June. The …
Read More Diavol Ransomware, a New Ransomware in the Cybersecurity Landscape
Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September. […]
Read More US insurance giant AJG reports data breach after ransomware attack
After the Babuk ransomware operators have announced that they decided to close the affiliate program and move to data theft extortion, the group seems to have returned to their previous methods of encrypting corporate systems. At this time, the hackers…
Read More Babuk Ransomware Is Operational Again Focusing on Corporate Networks
CERT urges administrators to disable the Windows Print spooler service in Domain Controllers and systems that don’t print, while Microsoft attempts to clarify RCE flaw with a new CVE assignment.
Read More CISA Offers New Mitigation for PrintNightmare Bug
The United States Department of Homeland Security (DHS) on Thursday announced that it has hired nearly 300 cybersecurity professionals over the course of the last two months.
Read More DHS Hired 300 Cybersecurity Professionals in Last Two Months
The recently leaked Babuk Locker ransomware builder was used by a threat actor in an ongoing campaign targeting victims worldwide. At the end of June, The Record first reported that the builder for the Babuk Locker ransomware was leaked online allowing threat actors to use it to create their own version of the popular ransomware. […]
The post Experts warn of Babuk Locker attacks with recently leaked ransomware builder appeared first on Security Affairs.
Read More Experts warn of Babuk Locker attacks with recently leaked ransomware builder
The team discovered the flaws in NETGEAR DGN-2200v1 series routers while they were conducting an investigation on device fingerprinting. The researchers warned that exploitation of these vulnerabilities could result in identity theft and full system co…
Read More Microsoft Finds New NETGEAR Firmware Vulnerabilities
Two reports this week. The first is from Microsoft, which wrote:
As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers. The actor used this information in some cases to launch highly-targeted attacks as part of their broader campaign.
The second is from the NSA, CISA, FBI, and the UK’s NCSC, which wrote that the GRU is continuing to conduct brute-force password guessing attacks around the world, and is in some cases successful. From the …
Read More More Russian Hacking
Several critical and high-severity vulnerabilities have been identified in programmable logic controller (PLC) and human-machine interface (HMI) products made by WAGO, a German company specializing in electrical connection and automation solutions.
Read More Vulnerabilities in WAGO Devices Expose Industrial Firms to Remote Attacks
NSA recently released a new advisory, in which it states that the Russian GRU’s 85th Main Special Service Center (GTsSS), military unit 26165, has been using a Kubernetes cluster since 2019 in order to perform password spray attacks on US and for…
Read More GRU Russian Hackers Are Using Kubernetes to Run Brute Force Attacks
Twitter announced in March that they will change the way users login into their Twitter account, by simplifying the 2FA Method. Now, an update from this week says that you can authenticate using the security keys as the only 2FA method, as the phone nu…
Read More Two-Factor Authentication Simplified: Security Keys Are Now the Only Twitter 2FA Method
Amid reports that the US is facing its worst labor shortage in 50 years comes this shocker from Microsoft’s 2021 Work Trend Index: 40% of global workers are considering leaving their employer this year. A record 4 million people quit their jobs in A…
Read More You can’t take it with you: Stop data exfiltration now
French prosecutors have charged a French IT company that allegedly helped the regime of Libyan dictator Moamer Kadhafi spy on opposition figures who were later detained and tortured, sources close to the inquiry said Thursday.
Read More French Tech Firm Charged Over Libya Cyber-Spying
On Tuesday, the High Court of Ireland has issued an order asking Chronicle Security Ireland and Chronicle LLC, both owned by Google, to reveal the private details of subscribers who downloaded or uploaded confidential data stolen from Ireland Health Se…
Read More VirusTotal Required to Divulge Details of those Who Downloaded HSE Cyberattack Data
Disclosure: Dell is a Client of the author.Thanks to the pandemic, I’ve been getting an impressive number of cameras to review, most of which are still lousy. My old go-to camera was the Logitech Brio 4K; many of my peers used it, it had great hard…
Read More Dell’s UltraSharp Webcam vs. the Poly Studio P15 — choosing the right webcam
Google has launched an updated version of Scorecards, its automated security tool that produces a “risk score” for open source initiatives, with improved checks and capabilities to make the data generated by the utility accessible for analysis.
Read More New Google Scorecards Tool Scans Open-Source Software for More Security Risks
With Files from Jori Negin-Shecter Apple responds to employee requests for remote work, Sony’s PlayStation 3 Console experiences a major leak, and Facebook’s stock value soars after a court decision. It’s all the biz/tech news that’s popular right now. Welcome to Hashtag Trending! It’s Friday, July 2nd and I’m your host Tom Li. Apple has […]
The post Hashtag Trending, July 2 – Apple’s Remote Work Pushback; Sony’s PS3 Leak; Facebook hits $1 Trillion in Value first appeared on IT World Canada.
Read More Hashtag Trending, July 2 – Apple’s Remote Work Pushback; Sony’s PS3 Leak; Facebook hits $1 Trillion in Value
CISA issued a security alert to warn admins to disable the Windows Print Spooler service on servers not used for printing due to PrintNightmare zero-day. CISA issued an alert to warn admins to disable the Windows Print Spooler on servers not used for printing due to the risk of exploitation of the PrintNightmare zero-day vulnerability. ““while Microsoft […]
The post CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks appeared first on Security Affairs.
Read More CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks
Scammers are increasingly resourceful when coming up with scam techniques. But they often rely on long-standing persuasion techniques for the scam to work. So, you may hear about a new scam that uses a novel narrative, but there is a good chance that t…
Read More Top 5 Scam Techniques: What You Need to Know
This edition of the ISMG Security Report features a discussion about why the head of Britain’s National Cyber Security Center says the No. 1 cyber risk is not nation-state attackers but ransomware-wielding criminals. Also featured: Western Digital IoT…
Read More Analysis: Why Ransomware Is No. 1 Cyberthreat