4 Ransomware Defense Best Practices
Ransomware has never been more prevalent — or profitable — than it is right now. What started as the exclusive domain of highly skilled and opportunistic bad actors has evolved into an underground industry in which virtually anyone can get their hands on pre-built tool kits and plans to launch ransomware attacks at an alarming pace. Many…
Germany Protests to Russia Over Pre-Election Cyberattacks
Foreign Ministry spokeswoman Andrea Sasse said that a hacker outfit called Ghostwriter has been “combining conventional cyberattacks with disinformation and influence operations,” and that activities targeting Germany have been observed “for some time.” She said that, ahead of Germany’s parliamentary election on Sept. 26, there have been attempts – using phishing emails, among other things…
The most dangerous (and interesting) Microsoft 365 attacks
Government-sponsored hackers, who carry out cyberespionage campaigns, invest more resources than ever to find new ways of attacking the cloud. One of their preferred targets is Microsoft 365, previously called Office 365, a platform used by an increasing number of organizations of all sizes. From an intelligence collector’s perspective, it makes sense to target it….
How Low-level Hackers Access High-end Malware
An example of hacked malware was discovered when researchers detected a user downloading a cracked copy of the credential stuffing tool Sentry MBA from a Turkish-language cracking forum. Sentry MBA includes features to bypass website security controls, such as CAPTCHA challenges and web application firewalls. “Threat actors,” say researchers in the HP Wolf Security Threat…
CISA Releases Analysis of 2020 Risk and Vulnerability Assessments
Designed to assess the effectiveness of Federal Civilian Executive Branch (FCEB), Critical Infrastructure (CI), and State, Local, Tribal, and Territorial (SLTT) stakeholders in identifying and resolving network vulnerabilities, the RVAs revealed that phishing links were the most successful technique for initial access. CISA conducted a total of 37 RVAs, leveraging the MITRE ATT&CK framework to…
Attacks Against Container Infrastructures Increasing, Including Supply Chain Attacks
Attacks against the container infrastructure are continuing to increase in both frequency and sophistication. It takes just a few hours to detect a new vulnerable container using internet scanning tools like Masscan. The attacks are becoming more evasive, while the supply chain is now targeted. Aqua Security’s Team Nautilus has analyzed 17,358 attacks against its…
Ransomware Gangs Get Paid Off as Officials Struggle for Fix
“It is the position of the U.S. government that we strongly discourage the payment of ransoms,” Eric Goldstein, a top cybersecurity official in the Department of Homeland Security, told a congressional hearing last week. But paying carries no penalties and refusing would be almost suicidal for many companies, especially the small and medium-sized. Too many…
Biden Sets Red Line for Putin Over Ransomware Attacks
Speaking after the two leaders’ first summit in Geneva, Biden said he laid down the line on Moscow not taking action against hackers who have extorted hundreds of millions of dollars from western governments, companies, and organisations from the safety of Russian soil. “I pointed out to him we have significant cyber capability and he…
Russian Hackers Use New ‘SkinnyBoy’ Malware in Attacks on Military, Government Orgs
Active since at least 2007 and also tracked as Fancy Bear, Pawn Storm, Sednit, Strontium, and Tsar Team, APT28 is well known for its cyber-espionage operations targeting the 2016 Presidential elections in the United States, but is also associated with attacks on NATO countries and with activities against organizations in the energy and transportation sectors….
Emerges From Stealth to Help Companies Pursue, Disrupt Adversaries
[redacted] was founded in 2015 by Max Kelly, who serves as the company’s CEO, and John Hering. Kelly previously worked at the NSA, the US Cyber Command and at Facebook as CSO. Hering founded cybersecurity firm Lookout and served as its CEO. The San Francisco, California-based company says it has developed a platform that can help…
