Category Archives: IT Security and Data Protection

Passenger Railroad Service Says Data Breach Might Have Affected PII

A passenger railroad service announced that a data breach might have affected some passengers’ personally identifiable information (PII). In a “Notice of Data Breach” letter sent to the Attorney General’s Office of Vermont, Amtrak revealed that it had discovered the data breach on April 16 2020. Amtrak looked into the matter and discovered that an […]… Read More

The post Passenger Railroad Service Says Data Breach Might Have Affected PII appeared first on The State of Security.

The Cybersecurity Implications of 5G Technology

The coming of widespread 5G technology promises more than just faster everything, enhanced capacity and greater reliability. Leading proponents of the wonders of 5G, such as the theoretical physicist and author Michio Kaku, paint a picture of a true technological “paradigm shift, a game-changer.” The self-described futurist invites us to imagine a lightning-fast global communications […]… Read More

The post The Cybersecurity Implications of 5G Technology appeared first on The State of Security.

Sandworm Team Exploiting Vulnerability in Exim Mail Transfer Agent

The U.S. National Security Agency (NSA) warned that the Sandworm team is exploiting a vulnerability that affects Exim Mail Transfer Agent (MTA) software. In a cybersecurity advisory published on May 28, the NSA revealed that the Sandworm team has been exploiting the Exim MTA security flaw since August 2019. The vulnerability (CVE-2019-10149) first appeared in […]… Read More

The post Sandworm Team Exploiting Vulnerability in Exim Mail Transfer Agent appeared first on The State of Security.

NetWalker Ransomware – What You Need to Know

What is NetWalker? NetWalker (also known as Mailto) is the name given to a sophisticated family of Windows ransomware that has targeted corporate computer networks, encrypting the files it finds, and demanding that a cryptocurrency payment is made for the safe recovery of the encrypted data. Ransomware is nothing new. Why should I particularly care […]… Read More

The post NetWalker Ransomware – What You Need to Know appeared first on The State of Security.

PonyFinal Ransomware Delivered by Extended Human-Operated Attacks

Security researchers witnessed the deployment of PonyFinal ransomware at the end of extended human-operated attack campaigns. In a series of tweets, Microsoft Security Intelligence revealed it had observed human-operated campaigns laying in wait for the right moment to deploy PonyFinal ransomware as their final payload. In their operations, the attackers used brute force attacks against […]… Read More

The post PonyFinal Ransomware Delivered by Extended Human-Operated Attacks appeared first on The State of Security.

Business Continuity Requires Infrastructure Continuity in Times of Remote Working

Over the last few weeks, most organisations have had to transition to enable their employees to work remotely. The key focus has been on business continuity during this trying time. Unfortunately, business continuity isn’t so easy. Keeping the day-to-day operations of the business running has been one of the hardest IT challenges that most organisations […]… Read More

The post Business Continuity Requires Infrastructure Continuity in Times of Remote Working appeared first on The State of Security.

[F]Unicorn Ransomware Masquerading as COVID-19 Contact Tracing App

A new ransomware family called “[F]Unicorn” masqueraded as a COVID-19 contact tracing app in order to target Italian users. On May 25, the the Computer Emergency Response Team (CERT) from the Agency for Digital Italy (AgID) revealed in an advisory that it had received a sample of [F]Unicorn from security researcher JamesWT_MHT. The sample analyzed […]… Read More

The post [F]Unicorn Ransomware Masquerading as COVID-19 Contact Tracing App appeared first on The State of Security.

Protecting Fleet Data from Security Threats

Big data is revolutionizing fleet management — specifically in the form of telematics. From engine diagnostics that track fuel efficiency and mileage to sensors that detect aggressive driving behavior and interior vehicle activity, this information is so valuable that we’re quickly approaching the point where connected technology will come standard in every vehicle. Telematics is […]… Read More

The post Protecting Fleet Data from Security Threats appeared first on The State of Security.

Updated AnarchyGrabber Steals Passwords, Spreads to Discord Friends

Researchers found an updated version of AnarchyGrabber that steals victims’ plaintext passwords for and infects victims’ friends on Discord. Detected as AnarchyGrabber3, the new trojan variant modified the Discord client’s %AppData%\Discord\[version]\modules\discord_desktop_core\index.js file upon successful installation. This process gave the malware the ability to load JavaScript files. The AnarchyGrabber version flexed this new capability when its […]… Read More

The post Updated AnarchyGrabber Steals Passwords, Spreads to Discord Friends appeared first on The State of Security.

How to Protect the Future of IT

Working remotely, either from home or from elsewhere, isn’t something new. It has been used by many companies worldwide over the past decade. That said, it was typically restricted to only a couple days a month or to specific IT-savvy departments. But as we have seen throughout time, adversity and crisis lead to change and […]… Read More

The post How to Protect the Future of IT appeared first on The State of Security.

MilkmanVictory Ransomware Created for Purpose of Attacking Scammers

A hacking group claimed that it developed a new ransomware strain called “MilkanVictory” for the purpose of attacking scammers. Collectively known as “CyberWare,” the group announced their creation on Twitter in mid-May. This is a ransomware i made to send to scammers. MAY I ASK WHY YOU ARE MAKING THINGS ABOUT ANTI-SCAMMER RANSOMWRE — CyberWare […]… Read More

The post MilkmanVictory Ransomware Created for Purpose of Attacking Scammers appeared first on The State of Security.

BlockFi Hacked Following SIM Swap Attack, But Says No Funds Lost

For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi, and gain unauthorised access to users’ names, email addresses, dates of birth, address and activity history. In an incident report published on its website, BlockFi was keen to stress that the hacker’s activity had been logged […]… Read More

The post BlockFi Hacked Following SIM Swap Attack, But Says No Funds Lost appeared first on The State of Security.

Scattered Canary Behind Hundreds of Fraudulent Unemployment Claims

Security researchers discovered that the Scattered Canary group had filed hundreds of fraudulent unemployment claims in the wake of COVID-19. According to Agari Cyber Intelligence Division, at least some of the threat actors who took part in a large-scale fraud campaign targeting dozens of states’ unemployment insurance programs belonged to a Nigerian digital crime group […]… Read More

The post Scattered Canary Behind Hundreds of Fraudulent Unemployment Claims appeared first on The State of Security.

Verizon DBIR 2020: Cloud Apps, Stolen Credentials, and Errors

It’s DBIR season! Put down your pens, stop watching “The Last Dance” and get to reading the key findings of the 13th edition of the annual Verizon Data Breach Investigations Report! If “experience is merely the name men gave to their mistakes,” as Oscar Wilde puts it in The Picture of Dorian Gray, then the […]… Read More

The post Verizon DBIR 2020: Cloud Apps, Stolen Credentials, and Errors appeared first on The State of Security.

Attacks Targeting ICS & OT Assets Grew 2000% Since 2018, Report Reveals

The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19). Slightly fewer percentages of […]… Read More

The post Attacks Targeting ICS & OT Assets Grew 2000% Since 2018, Report Reveals appeared first on The State of Security.

Around 9 Million easyJet Customers’ Details Stolen in Hacking Incident

British low-cost airline group easyJet revealed that an hacking incident had exposed approximately nine million customers’ information. On May 19, easyJet issued a “Notice of cyber security incident” in which it revealed that it had fallen victim to a digital attack from a “highly sophisticated source.” An investigation revealed that those responsible for the security […]… Read More

The post Around 9 Million easyJet Customers’ Details Stolen in Hacking Incident appeared first on The State of Security.

Understanding Single Sign On as a Means of Identity Access Management

I usually spend my mornings doing some reading and enjoying my coffee. On this one particular morning, I noticed that I had received an email from a gaming company I had created an account with around 10 years ago for my kids. They had sent me a code to confirm a login that was being […]… Read More

The post Understanding Single Sign On as a Means of Identity Access Management appeared first on The State of Security.

The top 10 most-targeted security vulnerabilities – despite patches having been available for years

Newly-discovered zero-day vulnerabilities may generate the biggest headlines in the security press, but that doesn’t mean that they’re necessarily the thing that will get your company hacked. This week, US-CERT has published its list of what it describes as the “Top 10 Routinely Exploited Vulnerabilities” for the last three years. The list is designed to […]… Read More

The post The top 10 most-targeted security vulnerabilities – despite patches having been available for years appeared first on The State of Security.

CISSP vs. Master’s Degree – Please Take a Neutral Corner!

The UK’s designated national agency responsible for providing information and expert guidance on qualifications (UK NARIC) recently announced that the Certified Information Systems Security Professional (CISSP) credential offered by (ISC)2 is rated RQF Level 7, thereby placing it equal to a particular level of a Master’s Degree. This declaration is not without precedent. It follows […]… Read More

The post CISSP vs. Master’s Degree – Please Take a Neutral Corner! appeared first on The State of Security.

Survey: Nearly Two-Thirds of Orgs Have Experienced COVID-19 Related Attacks

This new world is putting a strain on organizations’ digital security defenses. First, malicious actors are increasingly leveraging coronavirus 2019 (COVID-19) as a theme to target organizations and to prey upon the fears of their employees. Our weekly COVID-19 scam roundups have made this reality clear. Second, organizations are working to mitigate the risks associated […]… Read More

The post Survey: Nearly Two-Thirds of Orgs Have Experienced COVID-19 Related Attacks appeared first on The State of Security.

I, CyBOK – An Introduction to the Cyber Security Body of Knowledge Project

The Cyber Security Body of Knowledge project or CyBOK is a collaborative initiative mobilised in 2017 with an aspiration to “codify the foundational and generally recognized knowledge on Cyber Security.” Version 1.0 of the published output of this consultative exercise was quietly released last year and then more publicly launched in January 2020. Yet, this […]… Read More

The post I, CyBOK – An Introduction to the Cyber Security Body of Knowledge Project appeared first on The State of Security.

U.S. Marshals Announced Data Breach of Prisoners’ Information

The United States Marshals Service announced a data breach involving the personal information of its former and current prisoners. In a data breach notification letter obtained by ZDNet, the U.S. Marshals Service revealed that it had first learned of the security incident in late 2019. On December 30, 2019, the United States Marshals Service (USMS), […]… Read More

The post U.S. Marshals Announced Data Breach of Prisoners’ Information appeared first on The State of Security.

Spike in Snake Ransomware Activity Attributed to New Campaign

Security researchers attributed a spike in Snake ransomware activity to a new campaign that’s targeted organizations worldwide. Snake ransomware first attracted the attention of malware analysts in January 2020 when they observed the crypto-malware family targeting entire corporate networks. Shortly after this discovery, the threat quieted down. It produced few new detected infections in the […]… Read More

The post Spike in Snake Ransomware Activity Attributed to New Campaign appeared first on The State of Security.

World Password Day: Using a Passphrase to Strengthen Your Security

Human nature has shown that people re-use passwords, at least for non-work accounts that aren’t requiring quarterly changes. How can it affect your current security that you’ve reused an old password or passphrase from 2012? Surprisingly, quite a lot. Hashed passwords and the plain text equivalent from a breached site can be paired with your […]… Read More

The post World Password Day: Using a Passphrase to Strengthen Your Security appeared first on The State of Security.

Getting Zoom Security Right – 8 Tips for Family and Friends

If you’ve read a newspaper or watched the news in the past few weeks, you’ll notice one common topic that all the major news outlets are discussing… COVID-19. Right now, many companies are trying to provide employee guidance during this worldwide pandemic, as governments ask those who can to work from home in an effort […]… Read More

The post Getting Zoom Security Right – 8 Tips for Family and Friends appeared first on The State of Security.

Digital Fraudsters Masquerading as FINRA in Phishing Emails

The Financial Industry Regulatory Authority (FINRA) warned that digital fraudsters are impersonating it in an ongoing phishing email campaign. In a regulatory notice published on its website, FINRA revealed that malicious actors had sent out fraudulent emails in which they had impersonated officers at the regulatory authority including Bill Wollman and Josh Drobnyk. All of […]… Read More

The post Digital Fraudsters Masquerading as FINRA in Phishing Emails appeared first on The State of Security.

Increase in Ransomware Demand Amounts Driven by Ryuk, Sodinokibi

The Ryuk and Sodinokibi ransomware families both contributed to an increase in the ransom amounts demanded by attackers over the past quarter. Coveware found that the average ransom amount demanded by ransomware attacks in Q1 2020 was $111,605. This amount was a third higher than what it had been in the final quarter of the […]… Read More

The post Increase in Ransomware Demand Amounts Driven by Ryuk, Sodinokibi appeared first on The State of Security.

Is Cyber Bullying Just Kids Being Mean On Social Media, Or Is There More To It?

Whilst there are many definitions out there, to me cyberbullying is any form of communication that is aimed at hurting or embarrassing a specific target. From my personal experience, it has been often used in an attempt by the bully to raise themselves above their target and/or discredit the target. Working within the cybersecurity field, […]… Read More

The post Is Cyber Bullying Just Kids Being Mean On Social Media, Or Is There More To It? appeared first on The State of Security.

Phishers Increasingly Incorporating reCaptcha API into Campaigns

Security researchers observed that digital attackers are increasingly incorporating the reCaptcha API into their phishing campaigns. Barracuda Networks explained that malicious actors are starting to outfit their phishing attempts with reCaptcha walls so that they can shield their landing pages from automated URL analysis tools as well as add a sense of legitimacy to their […]… Read More

The post Phishers Increasingly Incorporating reCaptcha API into Campaigns appeared first on The State of Security.