Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “ Ryuk.” On April 13, Microsoft said it executed a legal sneak atta

Ransomware 317

Ransomware Cybersecurity Healthcare Security 317

Dark Reading

APRIL 18, 2022

IT departments must account for the business impact and security risks such applications introduce.

Security 133

Security Risk IT 133

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. The botnet targets multiple architectures, including arm, bsd, x64, and x86. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

CMS 145

CMS IoT Passwords IT 145

Data Breach Today

APRIL 19, 2022

Cybercriminals Taking Advantage of Windows 11 Upgrade A multistage information stealer malware is targeting Windows users and stealing their data from browsers and crypto wallets by using fake domains masquerading as a Windows 11 upgrade. The CloudSEK researchers who discovered the malware have not attributed it to any particular group.

IT 336

IT 336

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Last Watchdog

APRIL 21, 2022

Today, all organizations are required or encouraged to meet certain standards and regulations to protect their data against cybersecurity threats. The regulations vary across countries and industries, but they are designed to protect customers from the threat of posed data breaches. . Related: The value of sharing third-party risk assessments. With estimates suggesting there are currently over 15 billion user credentials scattered across the dark web, the importance of compliance is clear to se

Compliance 235

Compliance Risk Security Cybersecurity 235

Schneier on Security

APRIL 19, 2022

New paper: “ Planting Undetectable Backdoors in Machine Learning Models : Abstract : Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with

Paper 145

Paper Access IT 145

Data Breach Today

APRIL 22, 2022

Also: FBI's Warning to Healthcare Entities; Ransomware Trends Four editors at ISMG discuss the percentage of banks hit by ransomware - and paying the ransom, the FBI's warning to healthcare entities as they continue to be targeted by the Hive ransomware group and reports that the U.K. government has been infected with NSO Group spyware.

Ransomware 334

Ransomware Government 334

The Last Watchdog

APRIL 19, 2022

While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security clearances. Related: Russia takes steps to radicalize U.S. youth. Individuals who possess security clearances are not prohibited from traveling to foreign countries; however, there are certain acts and behaviors that may raise foreign influence and/or for

Security 235

Security Risk Military Government 235

AIIM

APRIL 21, 2022

There are two things you should know about me. The first is that I love to eat. I have an appetite that was once described as “alarming.” In my teenage years, I would kick back and devour an entire large pizza in one sitting. As I grew older, I refined my pallet and developed a desire for quality ingredients and a craving for a variety of flavors. The second thing you should know is that I hate to cook.

Customer Experience 151

Customer Experience Digital transformation Insurance Government 151

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Security Affairs

APRIL 18, 2022

US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added a VMware privilege escalation flaw (CVE-2022-22960) and a Google Chrome type confusion issue (CVE-2022-1364) to its Known Exploited Vulnerabilities Catalog.

IT 145

IT Cybersecurity Risk Security 145

Data Breach Today

APRIL 22, 2022

SOC.OS Ingests Data From Third-Party Platforms to Detect Abnormalities Earlier Sophos bought early-stage vendor SOC.OS to help customers detect abnormalities in their IT environment earlier by ingesting data from third-party platforms. SOC.OS will allow customers to extract information sooner from non-Sophos firewalls, network proxies and endpoint security technology.

Security 331

Security IT 331

Dark Reading

APRIL 19, 2022

Three flaws present in consumer laptops can give attackers a way to drop highly persistent malware capable of evading methods to remove it, security vendor says.

Security 145

Security IT 145

Schneier on Security

APRIL 20, 2022

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a “flash loan” feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved a $182 million transfer to his own wallet.

Government 145

Government IT 145

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

Security Affairs

APRIL 21, 2022

CVE-2022-20685 flaw in the Modbus preprocessor of the Snort detection engine could trigger a DoS condition and make it ineffective against malicious traffic. Snort is a free open source network intrusion detection system (IDS) and intrusion prevention system (IPS) which is currently developed by Cisco. The software performs real-time traffic analysis and packet logging on Internet Protocol (IP) networks, protocol analysis, content searching and matching.

IT 144

IT Security Cybersecurity Information Security 144

Data Breach Today

APRIL 20, 2022

Containers Could Exploit the AWS Hot Patch to Take Over Its Underlying Host AWS has fixed "severe security issues" in hot patches it released in December to address the Log4Shell vulnerability in Java applications and containers. Palo Alto Networks' Unit 42 researchers said containers in server or cluster environments can exploit the patch to take over its underlying host.

Security 328

Security IT 328

eSecurity Planet

APRIL 18, 2022

Information gathering is often the starting point of a cyberattack. For many hackers, before attempting anything they want to know who they’re dealing with, what vulnerabilities they might exploit, and whether they can operate stealthily or not. During such reconnaissance operations, attackers collect relevant data about their victims, but it’s not without risks for them.

IT 141

IT Risk Paper Security 141

Dark Reading

APRIL 21, 2022

Ransomware and other financially motivated threat actors joined nation-state-backed groups in leveraging unpatched flaws in attack campaigns, new data shows.

Ransomware 140

Ransomware 140

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Security Affairs

APRIL 21, 2022

A critical RCE flaw in Android devices running on Qualcomm and MediaTek chipsets could allow access to users’ media files. Security researchers at Check Point Research have discovered a critical remote code execution that affects the implementation of the Apple Lossless Audio Codec (ALAC) in Android devices running on Qualcomm and MediaTek chipsets.

Access 144

Access Cybersecurity Security IT 144

Data Breach Today

APRIL 19, 2022

Tenants Accessed and Apps Such as Slack and Jira Viewed for Only 2 Okta Clients During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers. The threat actor actively controlled a single workstation used by a Sitel support engineer for 25 consecutive minutes on Jan. 21, according to a forensic report.

Access 305

Access IT 305

KnowBe4

APRIL 21, 2022

Social media companies, particularly LinkedIn, are now the most impersonated brands in phishing campaigns, researchers at Check Point have found.

Phishing 128

Phishing 128

Dark Reading

APRIL 20, 2022

New research shows threat actors increasingly leveraging social networks for attacks, with LinkedIn being used in 52% of global phishing attacks.

Phishing 129

Phishing 129

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Security Affairs

APRIL 20, 2022

The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations. Anonymous and groups linked to the famous collective continues to target Russian organizations, the hacktivist are breaching their systems and leak stolen data online. Below the organizations breached in the last three days, since my previous update: Tendertech is a firm specializing in processing financial and banking documents on behalf of businesses and entrepreneurs.

Archiving 142

Archiving Access Government IT 142

Data Breach Today

APRIL 21, 2022

Security and Ethical Concerns Persist as AI-Driven Lethal Weapon Systems Evolve Fresh warnings are being sounded about the threat posed by semi-autonomous killing machines both on and above the battlefield, especially because lethal weapons keep evolving toward full autonomy but cannot be made hack-proof.

Security 286

Security 286

Schneier on Security

APRIL 21, 2022

Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists.

123

123

Daymark

APRIL 19, 2022

If your organization has been working towards NIST 800-171 and is now on the journey to achieve CMMC 2.0 (the Cybersecurity Maturity Model Certification) it can be difficult to understand what you’ve already achieved and what’s left to do. Both standards are intended to reduce threats and strengthen cybersecurity for sensitive government data. Here’s some details on how they relate to each other and what’s involved to take the next steps toward CMMC compliance.

Compliance 120

Compliance Cybersecurity Government IT 120

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Security Affairs

APRIL 20, 2022

Russia-linked threat actor Gamaredon targets Ukraine with new variants of the custom Pterodo backdoor. Russia-linked Gamaredon APT group (a.k.a. Armageddon , Primitive Bear, and ACTINIUM) continues to target Ukraine and it is using new variants of the custom Pterodo backdoor (aka Pteranodon ). The cyberespionage group is behind a recent series of spear-phishing attacks targeting Ukrainian entities and organizations related to Ukrainian affairs, since October 2021, Microsoft said.

Archiving 141

Archiving Phishing Communications Security 141

Data Breach Today

APRIL 22, 2022

Group Also Claims to Have Targeted the US, Poland, Germany and UK Pro-Russia threat group Killnet claims to have hit several victims with DDoS attacks in recent days. It targets victims that it believes are adversaries of Russia, and several critical infrastructure entities in the Czech Republic are known to have been successfully targeted.

IT 264

IT 264

KnowBe4

APRIL 18, 2022

Attackers are spamming multifactor authentication (MFA) prompts in an attempt to irritate users into approving the login, Ars Technica reports. Both criminal and nation-state actors are using this technique. Researchers at Mandiant observed the Russian state-sponsored actor Cozy Bear launching repeated MFA prompts until the user accepted the request.

Authentication 119

Authentication 119