Monthly Archives: December 2021
‘Spider-Man: No Way Home’ used to spread a cryptominer
Threat actors attempted to take advantage of the interest in the new ‘ Spider-Man: No Way Home’ movie to spread a Monero Cryptominer. Threat actors are attempting to capitalize the […]
New Rook Ransomware borrows code from Babuk
Recently launched ransomware operation, named Rook, made headlines for its announcement claiming a desperate need a lot of money. A new ransomware operation named Rook appeared in the threat landscape, […]
Enterprises Cannot Achieve Zero Trust Security Without Machine Identity Management
Thanks to the rise of machines and shift towards zero-trust security, organizations’ security will require a new type of identity management By Murali Palanisamy, chief solutions officer, AppViewX The […]
PYSA ransomware gang is the most active group in November
PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in […]
Conti ransomware gang exploits Log4Shell bug in its operations
The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise […]
It’s About Time: The Unappreciated Fundamental Metric for Security
By Winn Schwartau During the Cold War, the US defended us poor, soon-to-be-nuked citizenry, with time. If the Soviets got it into their heads to send over a six-pack of […]
StayHackFree – Don’t Be Barry
The Holiday call from a buddy you do not want to get – much less make. By James Gorman, CISO, Authx Friday the week before Thanksgiving, driving home for the […]
FBI’s investigation accidentally revealed the HelloKitty ransomware gang operates out of Ukraine
While investigating a data breach suffered by a healthcare organization, FBI accidentally revealed that it believes that the HelloKitty ransomware gang operates out of Ukraine. The investigation conducted by FBI […]
Shifting Focus of Cloud from Infra Solution to Business Strategy
India Cloud Day; a debrief by Jaison Augustin, Director, NetNex Global Private Limited NetNex Global just drew the curtains on their debut edition of India Cloud Day 2021 to an […]
Crooks injects e-skimmers in random WordPress plugins of e-stores
Threat actors are injecting credit card swipers into random plugins of e-commerce WordPress sites, Sucuri researchers warn. Sucuri researchers are warning of threat actors injecting credit card swipers into random […]
December 2021: Cyber Deception Month Continues…Today’s Cyber Deception Tools Are Straight Out of Science Fiction
Authored by: Carolyn Crandall, Chief Security Advocate, Attivo Networks When it comes to predicting the future, the science fiction genre has taken some big swings over the years. Unfortunately, it’s […]
December 2021: Cyber Deception Month Continues…Halting Holiday Hackers…
Authored by: Gary Miliefsky of Cyber Defense Magazine Deep fake, dropped USB sticks, free offers, vishing, smishing and deep phishing attacks, smart-everything (weak IoT devices), malicious apps, driveby malware, distributed […]
CISA adds Log4Shell Log4j flaw to the Known Exploited Vulnerabilities Catalog
The U.S. CISA added 13 new vulnerabilities to the Known Exploited Vulnerabilities Catalog, including Apache Log4Shell Log4j and Fortinet FortiOS issues. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 13 […]
Cuba ransomware gang hacked 49 US critical infrastructure organizations
The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that […]
Nobelium APT targets French orgs, French ANSSI agency warns
The French cyber-security agency ANSSI said that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021. The French national cybersecurity agency ANSSI (Agence Nationale de la […]
How To Effectively Secure Connected Devices
By Gnanaprakasam Pandian, Chief Product Officer and Co-Founder, Ordr As connected devices, including Internet of Things (IoT), Internet of Medical Things (IoMT) and Operational Technology (OT) continue to explode in […]
December 2021: Cyber Deception Month
How Bad Are The Breaches? Please take the time to visit a visual mapping of the largest breaches… http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Which I shortened for you… https://tinyurl.com/CDMG-DEC-2021 (you can trust me, I’m […]
Analyzing The Security Challenge of Hybrid and Remote Working Models
By Mike East, VP EMEA, Menlo Security The pandemic has shifted the balance in many arenas, not least in relation to cybersecurity. Where COVID-19 has continued to have a drastic […]
FBI training document shows lawful access to multiple encrypted messaging apps
Which are the most secure encrypted messaging apps? An FBI document shows what data can be obtained from them. The Record shared an FBI training document that reveals the surveillance […]