A growing number of US small businesses are taking preventative security measures, despite the share suffering a data or security breach surging to 81% last year, according to the Identity Theft Resource Center (ITRC). The non-profit collated publicly reported breaches and information from victims who got in touch to compile its annual Consumer & Business
Month: October 2024
How To Have you ever googled yourself? Were you happy with what came up? If not, consider requesting the removal of your personal information from search results. Márk Szabó 30 Oct 2024 • , 4 min. read In today’s digital age, maintaining control over your personal information is more crucial than ever. Whether you’re concerned
Oct 30, 2024Ravie LakshmananRansomware / Threat Intelligence Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces, which is also known as
Microsoft has warned of an ongoing infostealing campaign from notorious Russian APT group Midnight Blizzard (aka APT29, CozyBear) in which thousands of targets were sent spear phishing emails. Over 100 organizations in government, academia, defense, non-governmental organizations (NGOs) and other sectors have been impacted so far by this state-backed intelligence-gathering exercise, Redmond claimed in a blog
We Live Science As methane emissions come under heightened global scrutiny, learn how a state-of-the-art satellite can pinpoint their sources and deliver the insights needed for targeted mitigation efforts 28 Oct 2024 While carbon dioxide typically takes center stage in discussions about climate change, methane emissions have historically flown somewhat under the radar. So what’s
Oct 29, 2024Ravie LakshmananAI Security / Vulnerability A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part
The UK, US, Canada, New Zealand and Australian governments have launched a new program designed to help their tech startups improve baseline cybersecurity measures, in the face of escalating state-backed threats. Secure Innovation was originally a UK initiative run by GCHQ’s National Cyber Security Centre (NCSC) and MI5’s National Protective Security Authority (NPSA). However, it
Oct 28, 2024Ravie LakshmananCloud Security / Cyber Attack A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. “The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen
Business email compromise (BEC) threats are on the rise and now account for over half of all phishing attempts, with manufacturers particularly badly hit, according to Vipre Security Group. The security vendor used proprietary intelligence to compile its Email Threat Trends Report: Q3 2024, published this morning. It revealed that around 12% of the 1.8
Oct 26, 2024Ravie LakshmananCybercrime / Malware Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St. Petersburg
Ukrainian authorities have warned of a mass phishing attack aimed at stealing sensitive personal data of citizens. The attackers, tracked under the identifier UAC-0218, send phishing links purporting to be bills or payment details but actually leads to the download of data stealing malware. Once downloaded, this script searches the victim’s device for documents in
Oct 26, 2024Ravie LakshmananCloud Security / Cryptocurrency The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. “The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised
The Change Healthcare ransomware attack has impacted the personal information of 100 million US citizens, updated figures from the US Department of Health and Human Services (HHS) have revealed. The figure means the attack, which began in February 2024, is the largest known data breach of US healthcare records ever recorded. The HHS Office for
ESET Research Learn how a rather clumsy cybercrime group wielding buggy malicious tools managed to compromise a number of SMBs in various parts of the world ESET Research 24 Oct 2024 • , 1 min. read Some cybercriminal groups are sophisticated, create advanced schemes, cooperate with other attackers and do everything to stay under the
Oct 25, 2024Ravie LakshmananVulnerability / Wi-Fi Security A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) said the vulnerability, tracked as CVE-2024-41992, said the susceptible code from the Wi-Fi Alliance has been found deployed on Arcadyan FMIMG51AX000J routers. “This
A new workforce study by ISACA has found that while pay inequity remains a challenge for women in the digital trust space, some progress is being made around career satisfaction and progression. The study revealed that 42% of women working in digital trust said that there is pay inequity in the sector. However, just 15%
ESET researchers have discovered new Rust-based tooling leading to the deployment of Embargo ransomware. Embargo is a relatively new player in the ransomware scene, first observed by ESET in June 2024. The new toolkit consists of a loader and an EDR killer, named MDeployer and MS4Killer respectively by ESET. MS4Killer is particularly noteworthy as it
Oct 24, 2024Ravie LakshmananRansomware / Cybercrime Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. “Notably, Qilin.B now supports AES-256-CTR encryption for systems with AESNI capabilities, while still retaining Chacha20 for
Cybersecurity teams are being left out of the development of policies governing the use of AI in their enterprises, new research published by ISACA during its 2024 Europe Conference has found. Just 35% of 1800 cybersecurity professionals surveyed said they are involved in development of such policies. Meanwhile, 45% reported no involvement in the development, onboarding
New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. “Only part of this gang was arrested: the remaining operators behind Grandoreiro
The US energy sector is at particularly high risk of supply chain attacks, with 45% of security breaches hitting this industry in the past year third-party related, according to new research by Security Scorecard and KPMG. This compares to a global average of 29% for supply chain breaches across all other industries. Additionally, the study
Scams Watch out for schemes where fraudsters trick people into sharing verification codes so they can gain access to their phone numbers Phil Muncaster 21 Oct 2024 • , 5 min. read In our hyper-connected world, technology has transformed the way we communicate, enabling us to connect with anyone, anywhere, at the touch of a
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT. “The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim’s intervention to trigger the
Nation-states’ “permissive” behaviors have contributed to the proliferation and abuse of offensive cyber tools and services, according to two British think tanks. The Royal United Services Institute for Defence and Security Studies (RUSI) and the Royal Institute of International Affairs (aka Chatham House) have both published research that analyzed the use and misuse of spyware,
The prolific Chinese nation-state actor known as APT41 (aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti) has been attributed to a sophisticated cyber attack targeting the gambling and gaming industry. “Over a period of at least six months, the attackers stealthily gathered valuable information from the targeted company including, but not limited to, network
Nearly half (46%) of organizations have unmanaged users with long-lived credentials in cloud services, putting them at high risk of data breaches, according to Datadog’s State of Cloud Security 2024 report. Long-lived credentials are authentication tokens or keys in the cloud that remain valid for a long time or do not. They are a major
Oct 20, 2024Ravie LakshmananVulnerability / Email Security Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials. Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an unspecified
Microsoft has uncovered a macOS vulnerability that can enable attackers to gain access to users’ protected data, and warned active exploitation may be taking place. The flaw, dubbed “HM Surf,” allows attackers to bypass the operating system’s Transparency, Consent, and Control (TCC) technology to access sensitive user data, including browsed pages and the device’s camera,
Video The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year 18 Oct 2024 As many as 97 out of the 138 vulnerabilities disclosed as actively exploited in the wild in 2023 were zero-days, according
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most