Fri.Jan 14, 2022

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

Krebs on Security

The Russian government said today it arrested 14 people accused of working for “ REvil ,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations.

The Cybersecurity Measures CTOs Are Actually Implementing

Dark Reading

Companies look to multifactor authentication and identity and access management to block attacks, but hedge their bets with disaster recovery

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Threat actors can bypass malware detection due to Microsoft Defender weakness

Security Affairs

A weakness in the Microsoft Defender antivirus can allow attackers to retrieve information to use to avoid detection. Threat actors can leverage a weakness in Microsoft Defender antivirus to determine in which folders plant malware to avoid the AV scanning.

Access 113

White House Meets With Software Firms and Open Source Orgs on Security

Dark Reading

The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Lorenz ransomware gang stolen files from defense contractor Hensoldt

Security Affairs

German multinational defense contractor Hensoldt confirmed to that some of its systems were infected by Lorenz ransomware. Hensoldt, a multinational defense contractor, confirmed that some of its UK subsidiary’s systems were infected with Lorenz ransomware.

More Trending

Ukrainian police arrested Ransomware gang behind attacks on 50 companies

Security Affairs

Ukrainian police arrested members of a ransomware gang that targeted at least 50 companies in the U.S. and Europe. Ukrainian police arrested members of a ransomware affiliate group that is responsible for attacking at least 50 companies in the U.S. and Europe.

Russia Takes Down REvil Ransomware Operation, Arrests Key Members

Dark Reading

Timing of the move has evoked at least some skepticism from security experts about the country's true motives

Russian government claims to have dismantled REvil ransomware gang

Security Affairs

Russia’s FSB announced to have dismantled the REvil ransomware gang, the infamous group behind Kaseya and JBS USA.

What's Next for Patch Management: Automation

Dark Reading

The next five years will bring the widespread use of hyperautomation in patch management. Part 3 of 3

106
106

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

Threat actors defaced Ukrainian government websites

Security Affairs

Threat actors defaced multiple Ukrainian government websites after talks between Ukrainian, US, and Russian officials hit a dead this week. Threat actors have defaced multiple websites of the Ukrainian government on the night between January 13 and January 14.

Using EM Waves to Detect Malware

Schneier on Security

I don’t even know what I think about this. Researchers have developed a malware detection system that uses EM waves: “ Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification.”

IoT 94

North Korea-linked APT BlueNoroff focuses on crypto theft

Security Affairs

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions.

Russia Takes Down REvil Hackers—as Ukraine Tensions Mount

WIRED Threat Level

Over a dozen alleged members of the notorious ransomware group have been arrested, but the Kremlin's critics are wary of the underlying motivation. Security Security / Security News

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m giving an online-only talk on “Securing a World of Physically Capable Computers” as part of Teleport’s Security Visionaries 2022 series, on January 18, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022.

Retirement of Archivist David S. Ferriero

National Archives Records Express

Archivist of the United States David Ferriero has announced that he will be retiring in mid-April 2022. The Office of the Chief Records Officer would like to thank David for his leadership and wish him the very best in his retirement. For more, please read his post over on the AOTUS blog.

5 Trends in Patch Management for 2022

eSecurity Planet

The profile of patch management has risen considerably in the last year due to the number of major breaches that have taken place where basic patches had been overlooked.

Russian Security Takes Down REvil Ransomware Gang

Threatpost

The country's FSB said that it raided gang hideouts; seized currency, cars and personnel; and neutralized REvil's infrastructure. Government Malware

12 Plays to Kickstart Your Recruitment Process

To stay ahead in this race, every recruiter needs a good playbook. In this eBook, we lay out 12 recruiting plays that can automate key steps in your recruitment process, helping you reduce both the cost and the time it takes to hire the best candidates.

Best Distributed Denial of Service (DDoS) Protection Tools

eSecurity Planet

Distributed denial of service (DDoS) attacks can cripple an organization, a network, or even an entire country, and they show no sign of slowing down. DDoS attacks may only make up a small percentage of security threats, but their consequences can be devastating.

Cloud 76

Three Plugins with Same Bug Put 84K WordPress Sites at Risk

Threatpost

Researchers discovered vulnerabilities that can allow for full site takeover in login and e-commerce add-ons for the popular website-building platform. Vulnerabilities Web Security

Risk 103

How AI transformed Rembrandt’s ‘The Night Watch’ — down to the ‘pin-sharp particles of pigment’ via The Hill

IG Guru

Check out the article here. The post How AI transformed Rembrandt’s ‘The Night Watch’ — down to the ‘pin-sharp particles of pigment’ via The Hill appeared first on IG GURU. AI Artificial Intellitenc Rembrandt's masterpiece The Night Watch The HIll

70

Real Big Phish: Mobile Phishing & Managing User Fallibility

Threatpost

Phishing is more successful than ever. Daniel Spicer, CSO of Ivanti, discusses emerging trends in phishing, and using zero-trust security to patch the human vulnerabilities underpinning the spike. InfoSec Insider News Vulnerabilities Web Security

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

Configurator for iPhone: Point at Mac, move to Jamf, there is no step 3!

Jamf

It's easy for IT admins to setup and deploy Apple devices with the new Apple Configurator app for iPhone paired with Jamf MDM and Apple School Manager or Apple Business Manager

MDM 81

Critical Cisco Contact Center Bug Threatens Customer-Service Havoc

Threatpost

Attackers could access and modify agent resources, telephone queues and other customer-service systems – and access personal information on companies’ customers. Vulnerabilities Web Security

Access 100

Log4j is everywhere. You can fix it, but first you have to find it

DXC

It’s easy to see just how important — and dangerous — the Log4j vulnerability is. What’s harder is devising an effective response. As you may know, Log4j is an open-source, Java-based logging utility and library.

‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Gov’t Sites

Threatpost

As Moscow moves troops and threatens military action, about 70 Ukrainian government sites were hit. “Be Be afraid” was scrawled on the Foreign Ministry site. Government Hacks Web Security

12 Tips for Selling to the C-Suite

The question for sales pros is this: Are you ready for the challenge, and opportunity, of selling to the C-suite? The following 12 tips can help ensure that you and your team are.

Spotlight: ShardSecure on Protecting Data At Rest Without Encryption

The Security Ledger

Host Paul Roberts speaks with Marc Blackmer of ShardSecure about that company’s new approach to protecting data at rest, which relies on fragmenting and scattering data to make it impossible to steal.

Top Illicit Carding Marketplace UniCC Abruptly Shuts Down  

Threatpost

UniCC controlled 30 percent of the stolen payment-card data market; leaving analysts eyeing what’s next. Privacy Web Security

The transformative potential of digital signage using Apple TV

Jamf

Apple TV is easy to set up and scale for digital signage that can transform organizations, especially when paired with Jamf and Carousel Digital Signage.