Sat.Apr 16, 2022 - Fri.Apr 22, 2022

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers.

Why So Many Security Experts Are Concerned About Low-Code/No-Code Apps

Dark Reading

IT departments must account for the business impact and security risks such applications introduce

Risk 112
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities.

CMS 111

Sophos Buys Startup SOC.OS to Spot Attacker Activity Sooner

Data Breach Today

Ingests Data From Third-Party Platforms to Detect Abnormalities Earlier Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms.

Cyber Security, Change Management and Enterprise Risk Management: Scaling Operations for Growth

Speaker: William Hord, Vice President of Risk Management and Compliance

Join us as we discuss the various tangents of data and the change management process that will help you make better risk-based business decisions to save time and money for your organization.

GUEST ESSAY: The wisdom of taking a risk-based approach to security compliance

The Last Watchdog

Today, all organizations are required or encouraged to meet certain standards and regulations to protect their data against cybersecurity threats. The regulations vary across countries and industries, but they are designed to protect customers from the threat of posed data breaches. . Related: The value of sharing third-party risk assessments.

More Trending

Undetectable Backdoors in Machine-Learning Models

Schneier on Security

New paper: “ Planting Undetectable Backdoors in Machine Learning Models : Abstract : Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider.

Fake Windows Upgrade Site Delivering Info-Stealer Malware

Data Breach Today

Cybercriminals Taking Advantage of Windows 11 Upgrade A multistage information stealer malware is targeting Windows users and stealing their data from browsers and crypto wallets by using fake domains masquerading as a Windows 11 upgrade.

SHARED INTEL: How Russia’s war mongering compromises those holding security clearances

The Last Watchdog

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. Related: Russia takes steps to radicalize U.S. youth.

Millions of Lenovo Laptops Contain Firmware-Level Vulnerabilities

Dark Reading

Three flaws present in consumer laptops can give attackers a way to drop highly persistent malware capable of evading methods to remove it, security vendor says

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Clever Cryptocurrency Theft

Schneier on Security

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own.

ISMG Editors: The Complications of Regulating Spyware

Data Breach Today

Also: FBI's Warning to Healthcare Entities; Ransomware Trends Four editors at ISMG discuss the percentage of banks hit by ransomware - and paying the ransom, the FBI's warning to healthcare entities as they continue to be targeted by the Hive ransomware group and reports that the U.K.

CISA adds VMware, Chrome flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities Catalog.

IT 112

LinkedIn Brand Now the Most Abused in Phishing Attempts

Dark Reading

New research shows threat actors increasingly leveraging social networks for attacks, with LinkedIn being used in 52% of global phishing attacks

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

LinkedIn is the Most Impersonated Brand in Phishing Attacks

KnowBe4

Social media companies, particularly LinkedIn, are now the most impersonated brands in phishing campaigns, researchers at Check Point have found. Social Engineering Phishing

AWS Log4Shell Patch Has 'Severe Security Issues:' Unit 42

Data Breach Today

Containers Could Exploit the AWS Hot Patch to Take Over Its Underlying Host AWS has fixed "severe security issues" in hot patches it released in December to address the Log4Shell vulnerability in Java applications and containers.

CVE-2022-20685 flaw in the Modbus preprocessor of the Snort makes it unusable

Security Affairs

CVE-2022-20685 flaw in the Modbus preprocessor of the Snort detection engine could trigger a DoS condition and make it ineffective against malicious traffic.

IT 107

CISA, Australia, Canada, New Zealand, & UK Issue Joint Advisory on Russian Cyber Threats

Dark Reading

The Russian government is ratcheting up malicious cyberattacks against critical infrastructure in countries supporting Ukraine

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

How Hackers Use Reconnaissance – and How to Protect Against It

eSecurity Planet

Information gathering is often the starting point of a cyberattack. For many hackers, before attempting anything they want to know who they’re dealing with, what vulnerabilities they might exploit, and whether they can operate stealthily or not.

IT 100

Okta: Hackers Accessed Just 2 Customer Tenants in Breach

Data Breach Today

Tenants Accessed and Apps Such as Slack and Jira Viewed for Only 2 Okta Clients During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers.

Access 240

Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack

Security Affairs

A critical RCE flaw in Android devices running on Qualcomm and MediaTek chipsets could allow access to users’ media files.

3 Ways We Can Improve Cybersecurity

Dark Reading

To better manage risks, companies can concentrate on resilience, sharing information to protect from cyber threats, and making the cybersecurity tent bigger by looking at workers with nontraditional skill sets

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

“Being Annoying” as a Social Engineering Approach

KnowBe4

Attackers are spamming multifactor authentication (MFA) prompts in an attempt to irritate users into approving the login, Ars Technica reports. Both criminal and nation-state actors are using this technique.

Killer Robots in the Air: Slouching Toward Full Autonomy

Data Breach Today

Security and Ethical Concerns Persist as AI-Driven Lethal Weapon Systems Evolve Fresh warnings are being sounded about the threat posed by semi-autonomous killing machines both on and above the battlefield, especially because lethal weapons keep evolving toward full autonomy but cannot be made hack-proof.

Anonymous hacked other Russian organizations, some of the breaches could be severe

Security Affairs

The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations. Anonymous and groups linked to the famous collective continues to target Russian organizations, the hacktivist are breaching their systems and leak stolen data online.

Okta Wraps Up Lapsus$ Investigation, Pledges More Third-Party Controls

Dark Reading

Companies must enforce more security on their own third-party providers and retain the ability to conduct independent investigations, experts say

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

Long Article on NSO Group

Schneier on Security

Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists

Pro-Russian Killnet Group in DDoS Attacks on Czech Entities

Data Breach Today

Group Also Claims to Have Targeted the US, Poland, Germany and UK Pro-Russia threat group Killnet claims to have hit several victims with DDoS attacks in recent days.

Russian Gamaredon APT continues to target Ukraine

Security Affairs

Russia-linked threat actor Gamaredon targets Ukraine with new variants of the custom Pterodo backdoor. Russia-linked Gamaredon APT group (a.k.a. Armageddon , Primitive Bear, and ACTINIUM) continues to target Ukraine and it is using new variants of the custom Pterodo backdoor (aka Pteranodon ).