attacks Archives - Page 7 of 11 - Cyber Security Minute

NSA and CISA Alert Highlights Urgency for OT Security

Issued by: Security Week

In the last few years, we’ve seen ample evidence of how cyberattacks on critical infrastructure can be leveraged by nation-states and other powerful adversaries as weapons in geopolitical conflicts. The attacks on the Ukraine power grid and several other incidents demonstrated a show of power and how a country’s infrastructure can be disrupted. The indiscriminate…

Software Security

FBI, NSA Share Details on New ‘Drovorub’ Linux Malware Used by Russia

Issued by: Security Week

Drovorub, a joint advisory from the NSA and the FBI reveals, is being employed by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165, which is better known as the cyber-espionage group APT 28 (Fancy Bear, Pawn Storm, Strontium, Sednit, Tsar Team). APT 28 is believed to…

Mobile Security

Vulnerabilities in Qualcomm Chips Expose Billions of Devices to Attacks

Issued by: Security Week

During a presentation at DEF CON last week, Check Point security researcher Slava Makkaveev revealed how vulnerabilities in the compute digital-signal processor (DSP) – a subsystem that enables the processing of data with low power consumption – could open the door for Android applications to perform malicious attacks. The proprietary subsystem is licensed for programming…

Malware & Threats

RDP hijacking attacks explained, and how to mitigate them

Issued by: CSO

RDP hijacking definition One means of compromising systems cherished by malware authors is Remote Desktop Protocol (RDP). It provides a convenient way for system administrators to manage Windows systems and help users with troubleshooting an issue. RDP hijacking attacks often exploit legitimate features of the RDP service rather than purely relying on a vulnerability or…

Vulnerabilities

Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift

Issued by: Dark Reading

The discovery of the Ripple20 vulnerabilities, affecting hundreds of millions of Internet of Things (IoT) devices, is the latest reminder of the dangers that third-party bugs pose to connected devices. Although the estimated 31 billion IoT devices in the world perform a vast array of crucial functions — powering lifesaving medical tools, facilitating efficient transportation,…

Malware & Threats

4 tips for protecting users from COVID-19-targeted attacks

Issued by: CSO

Attackers are using this time of crisis to go after victims with targeted campaigns. The biggest threats are phishing attacks related to COVID-19. Attackers are also setting up COVID-19-related domain names and enticing people to click on them. Anomali recently released a report that identified at least 15 distinct COVID-19-related campaigns associated with 11 threat…

Network Security

Healthcare Targeted By More Attacks But Less Sophistication

Issued by: Dark Reading

Many IT specialists are supporting fully remote teams for the first time ever, so it’s important for everyone to operate with the same caution (if not more) than they would if everybody was in an office. With an increased risk of employees falling prey to cyber attacks, business leaders must leverage new policies and technologies…

Vulnerabilities

Microsoft Teams Vulnerability Exposed Organizations to Attacks

Issued by: Security Week

Sending the malicious link or image was simple, but preparing the attack involved multiple steps that would be difficult to achieve for unsophisticated attackers. “We addressed the issue discussed in this blog and worked with the researcher under Coordinated Vulnerability Disclosure. While we have not seen any use of this technique in the wild, we…

Malware & Threats

Apple Is Top Pick for Brand Phishing Attempts

Issued by: Dark Reading

Apple was the brand most commonly used in spoofing attacks during the first quarter of 2020, when 10% of all brand phishing attempts related to the tech giant, researchers report. Check Point’s “Brand Phishing Report” for the first quarter of 2020 highlights the brands that cybercriminals most frequently imitate to steal personal and financial data….

Malware & Threats

Phishers Try ‘Text Direction Deception’ Technique to Bypass Email Filters

Issued by: Dark Reading

Scammers can be pretty innovative when it comes to finding new ways to sneak phishing messages past secure email gateways and other filtering mechanisms. One example is “text direction deception,” a tactic where an attacker forces an HTML rendering engine to correctly display text that has been deliberately entered backward in the code — for…