Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The U.S. Department of Justice this week announced official charges against Wyatt A. Travnichek, a Kansas man accused of accessing and tampering with a public water system. [Read More]
Citrix warns that the bugs could result in privileged code in a guest virtual machine to crash the host or render it unresponsive. [Read More]
North Korean government-backed APT group caught using a fake pen-testing company sock puppet Twitter and LinkedIn accounts in an escalation of a hacking campaign targeting security research professionals. [Read More]
CompuCom shares information on the cost of recovering from a cybersecurity incident, including loss of revenue and major service disruptions. [Read More]
The Black Kingdom/Pydomer ransomware operators join other threat actors targeting unpatched Microsoft Exchange servers. [Read More]
Hades ransomware operators adopt a double-extortion tactic, but they are often slow to respond to requests for payment instructions. [Read More]
Apple ships an urgent security update to fix a major security flaw affecting iPhone, iPad and Apple Watch devices and warned that the vulnerability is being actively exploited in the wild. [Read More]
Reuters is reporting that a draft executive order would set new rules on data breach disclosure and use of multi-factor authentication and encryption in federal agencies. [Read More]
Kaspersky says ransomware attacks on ICS devices decreased globally in the second half of 2020, but increased in developed countries. [Read More]
Researchers flag a critical security hole in the official Facebook for WordPress plugin and warn it could be abused for remote code execution attacks. [Read More]
FEATURES, INSIGHTS // Malware
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.
There are several mitigation measures and best practices that you can adopt to improve your organization’s security posture and reduce the risk of supply chain infections.
In the cat-and-mouse game between security providers and malware authors, cybercriminals keep innovating and experimenting – a dynamic seen in the recent resurgence of the Locky ransomware.
While devastating to the victims, the recent rash of ransomware has been helpful in putting an objective and quantifiable face on modern threats associated in cybersecurity.
Get the Daily Briefing
- Microsoft Open-Sources 'CyberBattleSim' Enterprise Environment Simulator
- CISA Releases Tool to Detect Microsoft 365 Compromise
- Security Automation Firm Tines Raises $26 Million at $300 Million Valuation
- LG Promises Three Years of OS Updates for Premium Android Smartphones
- Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits
- Collaboration Platforms Increasingly Abused for Malware Distribution, Data Exfiltration
- Cisco Patches Critical Flaw in SD-WAN vManage
- Cost of Sandboxing Prompts Shift to Memory-Safe Languages. A Little Too Late?
- Library Dependencies and the Open Source Supply Chain Nightmare
- Belden Says Health-Related Information Exposed in Data Breach
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy