Remove Access Remove Government Remove Information Security Remove Systems administration
article thumbnail

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

This joint CSA updates the advisory published by the US Government on March 17, 2022. AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks. Scripts to execute legitimate native Windows tools [T1047], such as PsExec and Nltest.

article thumbnail

The Insider Threat: Strategies to Safeguard Against Malicious Insiders

IT Governance

Without access to confidential information and essential systems, staff can’t perform their roles. After all, their account is supposed to have access to sensitive data! Our head of security testing , James Pickard, explains. Whereas, say, a disgruntled receptionist has access to far more limited information.

Risk 91
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides. Russia-linked APT28 group is targeting Ukrainian government bodies with fake ‘Windows Update’ guides, Computer Emergency Response Team of Ukraine (CERT-UA) warns.

article thumbnail

15 Top Cybersecurity Certifications for 2022

eSecurity Planet

Thycotic chief security scientist Joseph Carson told eSecurity Planet that choosing a certification should ultimately be about deciding which skillset or professional direction you want to focus on. AsTech’s Kent said of Security+, “This crosses several domains and is a basic introduction to security.

article thumbnail

Hackers are targeting Soliton FileZen file-sharing servers

Security Affairs

Threat actors are exploiting two flaws in the popular file-sharing server FileZen to steal sensitive data from businesses and government organizations. The attacks are part of a large-scale campaign that also resulted in unauthorized access to a Soliton file shared storage used by the Japanese Prime Minister’s Cabinet Office staff.

article thumbnail

How Microsoft Training Boosts an ISO 27001 Qualification

IT Governance

If you’re serious about information security, you should consider gaining a Microsoft qualification. ISO 27001 is often considered the go-to qualification for information security professionals. The most comprehensive advice comes via ISO 27017, the international security standard for Cloud services.

Cloud 97
article thumbnail

Hacker breaches key Russian ministry in blink of an eye

Security Affairs

In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network. Spielerkid89, who wished to remain anonymous, did not intend to harm the organization and left its systems intact. Original post at [link].