Over 30 Countries Pledge to Fight Ransomware Attacks in US-led Global Meeting

Representatives from the U.S., the European Union, and 30 other countries pledged to mitigate the risk of ransomware and harden the financial system from exploitation with the goal of disrupting the ecosystem, calling it an "escalating global security threat with serious economic and security consequences."  "From malign operations against local health providers that endanger patient care, toSource...

Continuar lendo

Is Your Data Safe? Check Out Some Cybersecurity Master Classes

Since cybersecurity is definitely an issue that’s here to stay, I’ve just checked out the recently released first episodes of Cato Networks Cybersecurity Master Class Series.  According to Cato, the series aims to teach and demonstrate cybersecurity tools and best practices; provide research and real-world case studies on cybersecurity; and bring the voices and opinions of top cybersecuritySource...

Continuar lendo

REvil Ransomware Gang Goes Underground After Tor Sites Were Compromised

REvil, the notorious ransomware gang behind a string of cyberattacks in recent years, appears to have gone off the radar once again, a little over a month after the cybercrime group staged a surprise return following a two-month-long hiatus. The development, first spotted by Recorded Future's Dmitry Smilyanets, comes after a member affiliated with the REvil operation posted on the XSS hackingSource...

Continuar lendo

Windows 10, Linux, iOS, Chrome and Many Others at Hacked Tianfu Cup 2021

Windows 10, iOS 15, Google Chrome, Apple Safari, Microsoft Exchange Server, and Ubuntu 20 were successfully broken into using original, never-before-seen exploits at the Tianfu Cup 2021, the fourth edition of the international cybersecurity contest held in the city of Chengdu, China. Targets this year included Google Chrome running on Windows 10 21H1, Apple Safari running on Macbook Pro, AdobeSource...

Continuar lendo

Attackers Behind Trickbot Expanding Malware Distribution Channels

The operators behind the pernicious TrickBot malware have resurfaced with new tricks that aim to increase its foothold by expanding its distribution channels, ultimately leading to the deployment of ransomware such as Conti. The threat actor, tracked under the monikers ITG23 and Wizard Spider, has been found to partner with other cybercrime gangs known Hive0105, Hive0106 (aka TA551 or Shathak),Source...

Continuar lendo

Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages

A new deceptive ad injection campaign has been found leveraging an ad blocker extension for Google Chrome and Opera web browsers to sneakily insert ads and affiliate codes on websites, according to new research from cybersecurity firm Imperva. The findings come following the discovery of rogue domains distributing an ad injection script in late August 2021 that the researchers connected to anSource...

Continuar lendo

CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems

The U.S. Cybersecurity Infrastructure and Security Agency (CISA) on Thursday warned of continued ransomware attacks aimed at disrupting water and wastewater facilities (WWS), highlighting five incidents that occurred between March 2019 and August 2021. "This activity—which includes attempts to compromise system integrity via unauthorized access—threatens the ability of WWS facilities to provideSource...

Continuar lendo

The Ultimate SaaS Security Posture Management (SSPM) Checklist

Cloud security is the umbrella that holds within it: IaaS, PaaS and SaaS. Gartner created the SaaS Security Posture Management (SSPM) category for solutions that continuously assess security risk and manage the SaaS applications’ security posture. With enterprises having 1,000 or more employees relying on dozens to hundreds of apps, the need for deep visibility and remediation for SaaS securitySource...

Continuar lendo

Google: We’re Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

Google's Threat Analysis Group (TAG) on Thursday said it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. The warnings mark a 33% increase from 2020, the internet giant said, with the spike largely stemming from "blocking anSource...

Continuar lendo

Critical Remote Hacking Flaws Disclosed in Linphone and MicroSIP Softphones

Multiple security vulnerabilities have been disclosed in softphone software from Linphone and MicroSIP that could be exploited by an unauthenticated remote adversary to crash the client and even extract sensitive information like password hashes by simply making a malicious call. The vulnerabilities, which were discovered by Moritz Abrell of German pen-testing firm SySS GmbH, have since beenSource...

Continuar lendo