Cybersecurity News


The Threat of Ransomware Attacks

 

Ransomware attacks continue to present a serious threat to businesses. On the blog, we cover basic questions with Christopher D. Roberti, Senior Vice President for Cyber, Intelligence, and Supply Chain Security Policy at the U.S. Chamber of Commerce and PCI SSC Executive Director Lance Johnson about this threat to businesses across the U.S. and around the world and how to better guard against this attack.

14 April 2022

Feds: APTs Have Tools That Can Take Over Critical Infrastructure

Feds: APTs Have Tools That Can Take Over Critical Infrastructure Threat actors have developed custom modules to compromise various ICS devices as well as Windows workstations that pose an imminent threat, particularly to energy providers.
14 April 2022

Week in security with Tony Anscombe

Ukrainian energy provider targeted by Industroyer2 – ESET helps disrupt Zloader botnets – Where do new ideas come from and how are they spread?

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

14 April 2022

Meet ZingoStealer: the Haskers Gang's new, free malware

ZingoStealer is able to spread cryptocurrency mining malware.
14 April 2022

US federal alert warns of the discovery of malicious cyber tools

US federal alert warns of the discovery of malicious cyber tools

Cybersecurity officials said the evidence suggests Russia is behind the tools – configured to target North American energy concerns

Multiple US government agencies issued a joint alert Wednesday warning of the discovery of malicious cyber tools created by unnamed advanced threat actors that they said were capable of gaining “full system access” to multiple industrial control systems.

The public alert from the Energy and Homeland Security departments, the FBI and National Security Agency did not name the actors or offer details on the find. But their private sector cybersecurity partners said the evidence suggests Russia is behind the tools – and that they were configured to initially target North American energy concerns.

Continue reading...
13 April 2022

At a Glance: PCI DSS v4.0

 

PCI Data Security Standard (PCI DSS) is a global standard that provides a baseline of technical and operational requirements designed to protect account data. The next evolution of the standard- PCI DSS v4.0- is now available.

13 April 2022

Home Office’s visa service apologises for email address data breach

Home Office’s visa service apologises for email address data breach

Private contractor running service sent email to applicants containing more than 170 email addresses

The Home Office’s visa service has apologised for a data breach in which the email addresses of more than 170 people were mistakenly copied into an email circulated last week.

More than 170 email addresses were accidentally copied into a message on 7 April 2022 about the change of location for a visa appointment with the UK Visa and Citizenship Application Service. The UKVCAS is run on behalf of the Home Office by the private contractor Sopra Steria. Some of the email addresses appeared to be private Gmail accounts, while others belonged to lawyers from a variety of firms.

Continue reading...
13 April 2022

ESET takes part in global operation to disrupt Zloader botnets

ESET researchers provided technical analysis, statistical information, and known command and control server domain names and IP addresses

The post ESET takes part in global operation to disrupt Zloader botnets appeared first on WeLiveSecurity

13 April 2022

Feds Shut Down RaidForums Hacking Marketplace

Feds Shut Down RaidForums Hacking Marketplace The DoJ is charging its founder, 21-year-old Portuguese citizen Diogo Santos Coelho, on six criminal counts, including conspiracy, access device fraud and aggravated identity theft.
13 April 2022

Microsoft Patch Tuesday, April 2022 Edition

Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National Security Agency (NSA).
13 April 2022

Critical vulnerabilities uncovered in hospital robots

The robots zip around hospitals delivering medicine and other supplies.
13 April 2022

Innovation and the Roots of Progress

If you look back at the long arc of history, it’s clear that one of the most crucial drivers of real progress in society is innovation

The post Innovation and the Roots of Progress appeared first on WeLiveSecurity

13 April 2022

Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene

The botnet borrows a few tricks from Mirai.
13 April 2022

Barracuda Networks changes hands with purchase by global investment firm KKR

KKR is taking over from Thoma Bravo.
13 April 2022

Microsoft Zero-Days, Wormable Bugs Spark Concern

Microsoft Zero-Days, Wormable Bugs Spark Concern For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits.
12 April 2022

RaidForums Gets Raided, Alleged Admin Arrested

The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world's largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums -- 21-year-old Diogo Santos Coelho, of Portugal -- with six criminal counts, including conspiracy, access device fraud and aggravated identity theft.
12 April 2022

Menswear Brand Zegna Reveals Ransomware Attack

Menswear Brand Zegna Reveals Ransomware Attack Accounting materials from the Italy-based luxury fashion house were leaked online by RansomExx because the company refused to pay.
12 April 2022

These hackers pretend to poach, recruit rival bank staff in new cyberattacks

Employees looking for new career opportunities are the targets.
12 April 2022

Only half of organizations reviewed security policies due to the pandemic: study

Investment is expected to increase but existing cybersecurity strategies are lacking.
12 April 2022

Industroyer2: Industroyer reloaded

This ICS-capable malware targets a Ukrainian energy company

The post Industroyer2: Industroyer reloaded appeared first on WeLiveSecurity

12 April 2022