Why is Cybersecurity Failing Against Ransomware?
Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo. [...]
Showing only posts tagged malware. Show all posts.
Ransomware Sinks Teeth into Candy-Corn Maker Ahead of Halloween
Chicago-based Ferrara acknowledged an Oct. 9 attack that encrypted some systems and disrupted production. [...]
Google Crushes YouTube Cookie-Stealing Channel Hijackers
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels. [...]
Geriatric Microsoft Bug Exploited by APT Using Commodity RATs
Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that's as potent as it is ancient. [...]
Fresh APT Harvester Reaps Telco, Government Data
The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics. [...]
Lyceum APT Returns, This Time Targeting Tunisian Firms
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It's kept up attacks through 2021 and is working on retooling its arsenal yet again. [...]
Feds Warn BlackMatter Ransomware Gang is Poised to Strike
An advisory by the CISA, FBI and NSA reveals hallmark tactics of and shares defense tips against the cybercriminal group that’s picked up where its predecessor DarkSide left off. [...]
TA505 Gang Is Back With Newly Polished FlawedGrace RAT
TA505 – cybercrime trailblazers with ever-evolving TTPs – have returned to mass-volume email attacks, flashing retooled malware and exotic scripting languages. [...]
Time to Build Accountability Back into Cybersecurity
Chris Hass, director of information security and research at Automox, discusses how to assign security responsibility, punishment for poor cyber-hygiene and IDing 'security champions' to help small businesses. [...]
Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?
Companies are worried that the highly privileged password app could let attackers deep inside an enterprise’s footprint, says Redscan’s George Glass. [...]
Sinclair Confirms Ransomware Attack That Disrupted TV Stations
A major cyberattack resulted in data being stolen, too, but Sinclair's not sure which information is now in the hands of the crooks. [...]
Twitter Suspends Accounts Used to Snare Security Researchers
The accounts were used to catfish security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea. [...]
TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates
The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever. [...]
Podcast: 67% of Orgs Have Been Hit by Ransomware at Least Once
Fortinet’s Derek Manky discusses a recent global survey showing that two-thirds of organizations suffered at least one ransomware attack, while half were hit multiple times. [...]
FreakOut Botnet Turns DVRs Into Monero Cryptominers
The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems. [...]
Microsoft Kills Bug Being Exploited in MysterySnail Espionage Campaign
Microsoft's October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is a zero-day being used to deliver the MysterySnail RAT to Windows servers. [...]
Microsoft Oct. Patch Tuesday Squashes 4 Zero-Day Bugs
Microsoft's October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is an actively exploited zero-day. [...]
Windows Zero-Day Actively Exploited in Widespread Espionage Campaign
The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers. [...]
NSO Pegasus spyware can no longer target UK phone numbers
Israeli maker of surveillance software blocked +44 code after detecting hack against Princess Haya, source says The powerful spyware used to hack into mobile phones belonging to Princess Haya and her divorce lawyer Fiona Shackleton is no longer effective against UK numbers, sources familiar with the software’s developer …
VMware ESXi Servers Encrypted by Lightning-Fast Python Script
The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption. [...]
ESPecter Bootkit Malware Haunts Victims with Persistent Espionage
The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. [...]
Dubai ruler hacked ex-wife using NSO Pegasus spyware, high court judge finds
Sheikh Mohammed used spyware on Princess Haya and five associates in unlawful abuse of power, judge rules ‘The walls are closing in on me’: the hacking of Princess Haya Ruling in Princess Haya case raises fresh questions for Cherie Blair The ruler of Dubai hacked the phone of his …
‘The walls are closing in on me’: the hacking of Princess Haya
Court judgments reveal how Sheikh Mohammed’s use of Pegasus spyware against his ex-wife was uncovered Dubai ruler hacked ex-wife using NSO Pegasus spyware, high court judge finds Eleven court judgments, covering 181 pages, plus hundreds of other pages of legal documents have revealed an extraordinary spying scandal: state-sponsored …
How to Build an Incident-Response Plan, Before Security Disaster Strikes
Joseph Carson, Chief Security Scientist at ThycoticCentrify, offers a 7-step practical IR checklist for ensuring a swift recovery from a cyberattack. [...]
Encrypted & Fileless Malware Sees Big Growth
An analysis of second-quarter malware trends shows that threats are becoming stealthier. [...]
« newer articles | page 19 | older articles »