Enterprise Solutions Provider ‘Software AG’ Hit by Clop Ransomware
Software AG operates across more than 70 countries around the world and it has over 5,000 employees. It claims that its solutions are used by more than 10,000 of the world’s biggest brands. The company disclosed the incident on October 5, when it reported being hit by a malware attack on October 3. Software AG…
Elusive hacker-for-hire group Bahamut linked to historical attack campaigns
Attack attribution is one of the most difficult aspects of malware research and it’s not uncommon for different security companies to attribute attack campaigns to different threat actors only to later discover that they were the work of the same group. However, a new paper by researchers at Blackberry stands out by exposing an elusive…
37% of remote employees have no security restrictions on corporate devices
ManageEngine unveiled findings from a report that analyzes behaviors related to personal and professional online usage patterns. Security restrictions on corporate devices The report combines a series of surveys conducted among nearly 1,500 employees amid the pandemic as many people were accelerating online usage due to remote work and stay-at-home orders. The findings evaluate users’…
DoD, DHS Warn of Attacks Involving SLOTHFULMEDIA Malware
SLOTHFULMEDIA is described as a dropper that deploys two files when executed, including a RAT designed to allow hackers to control compromised devices, and a component that removes the dropper once the RAT achieves persistence on the targeted computer. The RAT is capable of running arbitrary commands, terminating processes, taking screenshots, modifying the registry, and…
Russian Pleads Not Guilty in Foiled Tesla Ransomware Plot
“I’m not guilty,” Egor Igorevich Kriuchkov said in response to a charge of conspiracy to intentionally cause damage to a protected computer. He said earlier in the hearing that he wanted “to go through the whole process as fast as possible.” Kriuchkov, 26, also told U.S. Magistrate Judge Carla Baldwin that he knew the Russian…
Government Software Provider Tyler Technologies Confirms Ransomware Attack
Tyler this week shut down its website and started informing customers via email that its internal phone and IT systems were accessed without authorization by an unknown third party. The company said the attack disrupted access to some internal systems, and it decided to shut down points of access to external systems while investigating the…
Preventing insider threats: What to watch (and watch out) for
September is officially National Insider Threat Awareness Month (NIATM) and the theme of this year’s NIATM is resilience. Of all the digital threats facing organizations, the insider threat can be the most vexing to tackle given how uncomfortable it can feel to suspect one’s own colleagues of wrongdoing. It’s challenging to set up systems and…
High volumes of attacks keep targeting video game companies and players
High volumes of attacks were used to target video game companies and players between 2018 and 2020, an Akamai report reveals. It also notes an uptick in attack traffic that correlates with COVID-19-related lockdowns. In addition, the report examines motivations driving the attacks and steps gamers can take to help protect their personal information, accounts,…
Bit-and-piece DDoS attacks increased 570% in Q2 2020
Attackers shifted tactics in Q2 2020, with a 570% increase in bit-and-piece DDoS attacks compared to the same period last year, according to Nexusguard. Perpetrators used bit-and-piece attacks to launch various amplification and elaborate UDP-based attacks to flood target networks with traffic. Analysts witnessed attacks using much smaller sizes—more than 51% of bit-and-piece attacks were…
Ransom from Home – How to close the cyber front door to remote working ransomware attacks
Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting the corporate network. Why? Because…