Florida City Pays $600,000 Ransom to Save Computer Records
The Riviera Beach City Council voted unanimously this week to pay the hackers’ demands, believing the Palm Beach suburb had no choice if it wanted to retrieve its records, which the hackers encrypted. The council already voted to spend almost $1 million on new computers and hardware after hackers captured the city’s system three weeks…
Why phishing education has never been more critical to your business
Our cyber defenses are becoming stronger and stronger every year. Even the smallest companies can now deploy advanced anti-malware and intrusion detections tools that were, until recently, only within the reach of larger enterprises. Today, sandboxed behavior detection and machine-learning/artificial intelligence powered security services make it easy for organizations of any size to crack down…
Cyberattack Hits Aircraft Parts Manufacturer
A cyberattack has shut down international production at Asco, a company in Zaventem, Belgium, that is a significant supplier of parts to airline manufacturers around the world. According to the company, it has shut down all manufacturing operations in Belgium, Germany, Canada, and the US, sending more than 1,000 of their 1,400 global workers home….
Phishing attacks that bypass 2-factor authentication are now easier to execute
Penetration testers and attackers have a new tool in their arsenal that can be used to automate phishing attacks in a way that defeats two-factor authentication (2FA) and is not easy to detect and block. The tool makes such attacks much easier to deploy, so organizations should adapt their anti-phishing training accordingly. The new toolkit…
How a Rapid Response Helped Thwart an Active Ransomware Attack
Early this year, when an executive at a hospital called our Incident Response (IR) team, he had yet to realize that his organization was confronting an active ransomware attack. Symantec Endpoint Protection (SEP) and his internal team had flagged as suspicious some data that was marked with a four-letter file name, he explained, and multiple…
Cybercriminals targeting social media: Facebook and Instagram are becoming phishers’ favorites
Social media phishing, primarily Facebook and Instagram, saw the highest quarter- over-quarter growth of any industry with a 74.7 percent increase, according to the Vade Secure Phishers’ Favorites report for Q1 2019. While Facebook has been in the top 10 since report’s inception, Instagram cracked the top 25 for the first time, taking the #24…
Huge DDoS Attacks Shift Tactics in 2019
On Jan. 10, a distributed denial-of-service (DDoS) attack peaked at 500 million packets per second. Depending on precisely how you measure such things, this was likely one of the largest DDoS attacks ever — until April 30, when it was surpassed by an attack that hit 580 packets per second. According to Imperva, the company…
Most adults are concerned about malware and phishing on social media
More than eighty percent of adults believe that they’re at risk when it comes to security on social media. Most American adults are using at least one social media platform daily, and three-quarters are interested in protecting themselves and their privacy, according to the 2019 Study on Social Media Privacy and Security Concerns released by…
Researchers develop new technique to identify malware in embedded systems
A technique for detecting types of malware that use a system’s architecture to thwart traditional security measures has been developed by researchers from North Carolina State University and the University of Texas at Austin. The new detection approach works by tracking power fluctuations in embedded systems. “Embedded systems are basically any computer that doesn’t have…
Cyberattackers Focus on More Subtle Techniques
The time it takes to detect the average cyberattack has shortened, but cyberattackers are now using more subtle techniques to avoid better defenses, a new study of real incident response engagements shows. Victim organizations detected attacks in 14 days on average last year, down from 26 days in 2017. Yet, attackers seem to be adapting…