February 22, 2022
Via: Dark ReadingIf you knew that putting a lock on your front door would lessen the likelihood of your valuables being stolen, would you install a deadbolt? The logical and simple answer would be: yes. The Internet wasn’t built with security in […]
December 9, 2021
Via: Help Net Security“Once a NAS is infected, CPU usage becomes unusually high where a process named ‘[oom_reaper]’ could occupy around 50% of the total CPU usage. This process mimics a normal, legitimate kernel process with the same name. However, while the legitimate […]
September 23, 2021
Via: Help Net SecurityRansomware attacks have reached ‘stratospheric’ levels in Q2 2021, now accounting for 69% of all attacks involving malware. That is among the most disturbing finding in the latest report from Positive Technologies. The research also reveals that the volume of […]
August 13, 2021
Via: Help Net SecurityLack of awareness and gaps in knowledge are a weak link for cybersecurity leadership who are responsible for strategic planning of cybersecurity defenses, leaving organizations exposed to risks, a Ponemon survey reveals. With 2021 already claiming high-profile victims such as […]
August 12, 2021
Via: Help Net SecurityOrdr released a report on the state of connected devices. The 2021 study addresses pandemic-related cybersecurity challenges, including the growth of connected devices and related increase of security risks from these devices as threat actors took advantage of chaos to […]
August 10, 2021
Via: The Hacker NewsA Chinese cyber espionage group has been linked to a string of intrusion activities targeting Israeli government institutions, IT providers, and telecommunications companies at least since 2019. FireEye’s Mandiant threat intelligence arm attributed the campaign to an operator it tracks […]
July 8, 2021
Via: John MathewsBackground In May 2017, 230 thousand computers were infected by a ransomware cryptoworm, called WannaCry—leading to roughly $100 million in damages, according to Infosecurity Magazine. The first of these attacks were first recorded in Europe at 3:24 am EDT, as […]
Application security, Security
May 28, 2021
Via: Help Net SecurityContrast Security announced the findings of a report based on a comprehensive survey of development, operations, and security professionals and executives at enterprise-level financial services institutions. The report explores the state of application security at these organizations, and the findings […]
December 1, 2020
Via: The Hacker NewsA nation-state actor known for its cyber espionage campaigns since 2012 is now using coin miner techniques to stay under the radar and establish persistence on victim systems, according to new research. Attributing the shift to a threat actor tracked […]
October 8, 2020
Via: WiredThough ransomware has been around for years, it poses an ever-increasing threat to hospitals, municipal governments, and basically any institution that can’t tolerate downtime. But along with the various types of PC malware that are typically used in these attacks, […]
Threats & Malware, Vulnerabilities
September 11, 2020
Via: Security WeekWith over 700,000 active installs, File Manager is a highly popular WordPress plugin that provides admins with file and folder management capabilities (copy/paste, delete, download/upload, edit, and archive). In early September 2020, the plugin’s developer addressed a critical-severity zero-day flaw […]
September 3, 2020
Via: SecurelistQuarterly figures According to Kaspersky Security Network, the second quarter saw: 1,245,894 detected malicious installers, of which 38,951 packages were related to mobile banking trojans 3,805 packages proved to be mobile ransomware trojans A total of 14,204,345 attacks on mobile […]
Threats & Malware, Virus & Malware
August 6, 2020
Via: Help Net SecurityCommodity malware campaigns utilizing machine identities are increasing rapidly, according to threat analysis from Venafi. For example, malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink. Researchers gathered data […]
June 29, 2020
Via: Security AffairsSecurity experts from ESET revealed that the number of daily brute-force attacks on Windows RDP has doubled during the COVID-19 lockdown. The phenomenon is not surprising because during the COVID-19 lockdown employees were forced to work from home remote accessing […]
Threats & Malware, Vulnerabilities
May 11, 2020
Via: Security WeekThe new attack method, dubbed Thunderspy, was discovered by Björn Ruytenberg of the Eindhoven University of Technology in the Netherlands. The researcher has discovered a total of 7 vulnerabilities related to improper firmware verification, weak device authentication, the use of […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
April 24, 2020
Via: Security WeekCybersecurity automation company ZecOps reported on Wednesday that it had identified a couple of critical zero-day vulnerabilities in the Mail app for iOS. The flaws, which the company says have existed since the release of iOS 6 in 2012, can […]
April 23, 2020
Via: Security WeekAccording to ZecOps, the vulnerabilities have existed since iOS 6, a version released in 2012. The company reported its findings to Apple in February and March, and notified the tech giant of attacks exploiting the flaws. The vendor has patched […]
Cyber warfare, Cyber-crime, Phishing
April 23, 2020
Via: Security AffairsGoogle is warning that nation-state actors are exploiting the COVID-19 (Coronavirus) pandemic to target health care organizations and entities involved in the fight against the pandemic. Google’s Threat Analysis Group (TAG) shared its latest findings related to state-backed attacks and […]
April 17, 2020
Via: Security IntelligenceAs organizations adapt and respond to the impact of COVID-19, significant new challenges are on the rise as a majority of the workforce has shifted to remote work arrangements. Employee-owned devices and home networks that were not formerly protected by […]
Cyber warfare, Cyber-crime, Malware
March 27, 2020
Via: Security AffairsGoogle shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. The number of alerts decreased by 25% when compared to […]