Worried About the Exchange Zero-Day? Here's What to Do

While organizations wait for an official patch for the two zero-day flaws in Microsoft Exchange, they should scan their networks for signs of exploitation and apply these mitigations.

LA School District Ransomware Attackers Now Threaten to Leak Stolen Data

Weeks after it breached the Los Angeles Unified School District, the Vice Society ransomware group is threatening to leak the stolen data, unless they get paid.

Cybercriminals See Allure in BEC Attacks Over Ransomware

While ransomware seems stalled, business email compromise (BEC) attacks continue to make profits from the ProxyShell and Log4j vulnerabilities, nearly doubling in the latest quarter.

Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack

Malicious Comm100 files have been found scattered throughout North America, and across sectors including tech, healthcare, manufacturing, telecom, insurance, and others.

With the Software Supply Chain, You Can't Secure What You Don't Measure

Reports to the National Vulnerability Database jumped in 2022, but we should pay just as much attention to the flaws that are not being reported to NVD, including those affecting the software supply chain.

Veristor Partners with SANS Security Awareness to Deliver Employee Security Awareness Training

Companies collaborate to strengthen organizations' first line of security defense – end users.

Ransomware Attacks Continue Increasing: 20% of All Reported Attacks Occurred in the Last 12 Months - New Survey

Survey of over 2,000 IT pros revealed that a quarter either don't know or don't think Microsoft 365 data can be affected by ransomware.

The Country Where You Live Impacts Password Choices

Literacy, levels of personal freedom, and other macro-social factors help determine how strong average passwords are in a given locale, researchers have found.

Dangerous New Attack Technique Compromising VMware ESXi Hypervisors

China-based threat actor used poisoned vSphere Installation Bundles to deliver multiple backdoors on systems, security vendor says.

3 Reasons Why BEC Scams Work in Real Estate

Identity verification could be the key to fighting back and building trust in an industry beset with high-stakes fraud.

What Lurks in the Shadows of Cloud Security?

Organizations looking to get ahead in cloud security have gone down the path of deploying CSPM tooling with good results. Still, there’s a clear picture that data security and security operations are next key areas of interest.

Plug Your Data Leaks: Integrating Data Loss Prevention into Your Security Stack

The average cost of a data-exposing cybersecurity incident is $4.35 million. If your business can’t avoid to pay, make sure you’ve got a strong data loss prevention practice in place.

Google Quashes 5 High-Severity Bugs With Chrome 106 Update

External researchers contributed 16 of the 20 security updates included in the new Chrome 106 Stable Channel rollout, including five high-severity bugs.

Sophisticated Covert Cyberattack Campaign Targets Military Contractors

Malware used in the STEEP#MAVERICK campaign features rarely seen obfuscation, anti-analysis, and evasion capabilities.

Phishing Attacks Crushed Records Last Quarter, Driven by Mobile

Shocking phishing numbers (more than 1 million in a single quarter) are being driven by vishing, smishing, and other lures that target mobile devices.

The Countdown to DORA

With provisional agreement reached on the Digital Operational Resilience Act, the clock is now ticking for banks and information and communications technology (ICT) services companies with European operations. Here's what you need to know.

Chaos Malware Resurfaces With All-New DDoS & Cryptomining Modules

The previously identified ransomware builder has veered in an entirely new direction, targeting consumers and business of all sizes by exploiting known CVEs through brute-forced and/or stolen SSH keys.

When Will Cybersecurity Get Its Bloomberg Terminal?

The "single pane of glass" that gathers and correlates all the information security professionals need doesn't exist, so it's up to us to create it.

Most Attackers Need Less Than 10 Hours to Find Weaknesses

Vulnerable configurations, software flaws, and exposed Web services allow hackers to find exploitable weaknesses in companies' perimeters in just hours, not days.

FBI Helping Australian Authorities Investigate Massive Optus Data Breach: Reports

Initial reports suggest a basic security error allowed the attacker to access the company's live customer database via an unauthenticated API.

Microsoft Rolls Out Passwordless Sign-on for Azure Virtual Desktop

Azure says cloud-native single sign-on with a passwordless option is most-requested new AVD feature in the product's history.

Lessons from the GitHub Cybersecurity Breach: Protecting the Most Sensitive Data

This Tech Tip outlines three steps security teams should take to protect the information stored in Salesforce.

4 Data Security Best Practices You Should Know

There are numerous strategies to lessen the possibility and effects of a cyberattack, but doing so takes careful planning and targeted action.

IaC Scanning: A Fantastic, Overlooked Learning Opportunity

Infrastructure as code can help teams build more consistently in the cloud. But who owns it? Are teams getting the insights they need from your IaC security tool?

Netography Upgrades Platform to Provide Scalable, Continuous Network Security and Visibility

Netography Fusion® gives security and cloud operations teams visibility and control of network traffic and context across users, applications, data, and devices.

MITRE Rolls Out FiGHT to Protect 5G Networks

MITRE's new FiGHT framework describes adversary tactics and techniques used against 5G systems and networks.

BlackCat/ALPHV Gang Adds Wiper Functionality as Ransomware Tactic

Using its "Exmatter" tool to corrupt rather than encrypt files signals a new direction for financially motivated cybercrime activity, researchers say.

Fake Sites Siphon Millions of Dollars in 3-Year Scam

A crime syndicate based in Russia steals millions of dollars from credit card companies using fake dating and porn sites on hundreds of domains to rack up fraudulent charges.

Despite Recession Jitters, M&A Dominates a Robust Cybersecurity Market

Funding has been somewhat lower than last year, but investment remains healthy, analysts say, amid thirst for cloud security in particular.

Russia Planning Cyberattacks on Ukraine's Energy Grid

Ukraine military intelligence says Russia is planning cyberattacks on the country's energy sector, as well as against allies including Poland and the Baltic states.

Cyber Threat Alliance Extends Membership to 6+ Leading Cybersecurity Companies

CTA now has 36 members headquartered in 11 countries who follow cyber activities across the world, showing cybersecurity industry members realize the value in collaboration.

How Quantum Physics Leads to Decrypting Common Algorithms

YouTuber minutephysics explains how Shor's algorithm builds on existing formulae like Euclid's algorithm and Fourier transforms to leverage quantum superpositioning and break encryption.

We're Thinking About SaaS the Wrong Way

Many enterprise applications are built outside of IT, but we still treat the platforms they're built with as point solutions.

Malicious Apps With Millions of Downloads Found in Apple App Store, Google Play

The ongoing ad fraud campaign can be traced back to 2019, but recently expanded into the iOS ecosystem, researchers say.

CISA: Zoho ManageEngine RCE Bug Is Under Active Exploit

The bug allows unauthenticated code execution on the company's firewall products, and CISA says it poses "significant risk" to federal government.

Researchers Uncover Mysterious 'Metador' Cyber-Espionage Group

Researchers from SentinelLabs laid out what they know about the attackers and implored the researcher community for help in learning more about the shadowy group.

Developer Leaks LockBit 3.0 Ransomware-Builder Code

Code could allow other attackers to develop copycat versions of the malware, but it could help researchers understand the threat better as well.

Time to Quell the Alarm Bells Around Post-Quantum Crypto-Cracking

Quantum computing's impact on cryptography is not a cliff that we'll all be forced to jump off of, according to Deloitte.

Malicious npm Package Poses as Tailwind Tool

Branded as a components library for two popular open source resources, Material Tailwind instead loads a Windows .exe that can run PowerShell scripts.

Cyber Insurers Clamp Down on Clients' Self-Attestation of Security Controls

After one company suffered a breach that could have been headed off by the MFA it claimed to have, insurers are looking to confirm claimed cybersecurity measures.

Allurity Acquires Spanish Multinational Aiuken Cybersecurity

.

Palo Alto Networks 5G-Native Security Now Available on Microsoft Azure Private Multi-Access Edge Compute

.

Wintermute DeFi Platform Offers Hacker a Cut in $160M Crypto-Heist

The decentralized finance (DeFi) platform was the victim of an exploit for a partner's vulnerable code — highlighting a challenging cybersecurity environment in the sector.

Quantify Risk, Calculate ROI

SecurityScorecard's ROI Calculator helps organizations quantify cyber-risk to understand the financial impact of a cyberattack.

Threat Actor Abuses LinkedIn's Smart Links Feature to Harvest Credit Cards

The tactic is just one in a constantly expanding bag of tricks that attackers are using to get users to click on links and open malicious documents.

Data Scientists Dial Back Use of Open Source Code Due to Security Worries

Data scientists, who often choose open source packages without considering security, increasingly face concerns over the unvetted use of those components, new study shows.

Don't Wait for a Mobile WannaCry

Attacks against mobile phones and tablets are increasing, and a WannaCry-level attack could be on the horizon.

Ransomware: The Latest Chapter

As ransomware attacks continue to evolve, beyond using security best practices organizations can build resiliency with extended detection and response solutions and fast response times to shut down attacks.

Microsoft Brings Zero Trust to Hardware in Windows 11

A stacked combination of hardware and software protects the next version of Windows against the latest generation of firmware threats.

ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat

Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises.

Beware of Phish: American Airlines, Revolut Data Breaches Expose Customer Info

The airline and the fintech giant both fell to successful phishing attacks against employees.

Cast AI Introduces Cloud Security Insights for Kubernetes

The release augments the company's Kubernetes management platform with free, user-friendly insight on security postures, along with cost monitoring and observability.

Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords

It's called "spell-jacking": Both browsers have spell-check features that send data to Microsoft and Google when users fill out forms for websites or Web services.

Survey Shows CISOs Losing Confidence in Ability to Stop Ransomware Attacks

Despite an 86% surge in budget resources to defend against ransomware, 90% of orgs were impacted by attacks last year, a survey reveals.

How to Dodge New Ransomware Tactics

The evolving tactics increase the threat of ransomware operators, but there are steps organizations can take to protect themselves.

SASE Bucks Economic Uncertainty With Over 30% Growth in 2Q 2022, According to Dell'Oro Group

Overall SASE Spend on Pace to Top $6 Billion in 2022.

Water Sector Will Benefit From Call for Cyber Hardening of Critical Infrastructure

A call for federal agency "review and assessment" of cyber-safety plans at water treatment plants should better protect customers and move the industry forward.

CrowdStrike Investment Spotlights API Security

The investment in Salt Security underscores the fact that attacks targeting APIs are increasing.

Rockstar Games Confirms 'Grand Theft Auto 6' Breach

The Take-Two Interactive subsidiary acknowledges an attack on its systems, where an attacker downloaded "early development footage for the next Grand Theft Auto" and other assets.

Cyberattackers Make Waves in Hotel Swimming Pool Controls

Pool controllers exposed to the Internet with default passwords let threat actors tweak pool pH levels, and potentially more.

5 Ways to Improve Fraud Detection and User Experience

If we know a user is legitimate, then why would we want to make their user experience more challenging?

TPx Introduces Penetration Scanning, Expands Security Advisory Services

TPx, a leading nationwide managed services provider (MSP) delivering cybersecurity, managed networks, and cloud communications, today announced the addition of penetration scanning to its Security Advisory Services portfolio.

Cyberattack Costs for US Businesses up by 80%

Cyberattacks keep inflicting more expensive damage, but firms are responding decisively to the challenge.

Tackling Financial Fraud With Machine Learning

Financial services firms need to learn how — and when — to put machine learning to use.

Keep Today's Encrypted Data From Becoming Tomorrow's Treasure

Building quantum resilience requires C-suite commitment, but it doesn't have to mean tearing out existing infrastructure.

DDoS Attack Against Eastern Europe Target Sets New Record

The target has been under relentless DDoS attack, which ultimately set a new packets-per-second record for Europe.

Business Application Compromise & the Evolving Art of Social Engineering

Be wary of being pestered into making a bad decision. As digital applications proliferate, educating users against social engineering attempts is a key part of a strong defense.

Note to Security Vendors — Companies Are Picking Favorites

A stunning three-quarters of companies are looking to consolidate their security products this year, up from 29% in 2020, suggesting fiercer competition between cybersecurity vendors.

Malware on Pirated Content Sites a Major WFH Risk for Enterprises

Malware-laced ads are hauling in tens of millions of dollars in revenue for operators of pirated-content sites — posing a real risk to enterprises from remote employees.

Will the Cloud End the Endpoint?

When an organization fully embraces the cloud, traditional endpoints become disposable. Organizations must adapt their security strategy for this reality.

Popular IoT Cameras Need Patching to Fend Off Catastrophic Attacks

Several models of EZVIZ cameras are open to total remote control by cyberattackers, and image exfiltration and decryption.

Telos Corporation to Help Enterprises Operationalize Cybersecurity Compliance and Regulatory Risks with IBM Security

Solution addresses compliance challenges in complex landscapes

5 Best Practices for Building Your Data Loss Prevention Strategy

The entire security team should share in the responsibility to secure sensitive data.

Token-Mining Weakness in Microsoft Teams Makes for Perfect Phish

Access tokens for other Teams users can be recovered, allowing attackers to move from a single compromise to the ability to impersonate critical employees, but Microsoft isn't planning to patch.

White House Guidance Recommends SBOMs for Federal Agencies

New executive order stops short of mandating NIST's guidelines, but recommends SBOMs for federal agencies across government.

How to Use SSH Keys and 1Password to Sign Git Commits

This Tech Tip walks through the steps to set up signed commits with SSH keys stored in 1Password.

SparklingGoblin Updates Linux Version of SideWalk Backdoor in Ongoing Cyber Campaign

Researchers link the APT to an attack on a Hong Kong university, which compromised multiple key servers using advanced Linux malware.

Bishop Fox Releases Cloud Enumeration Tool CloudFox

CloudFox is a command-line tool to help penetration testers understand unknown cloud environments.

Microsoft Quashes Actively Exploited Zero-Day, Wormable Critical Bugs

In Microsoft's lightest Patch Tuesday update of the year so far, several security vulnerabilities stand out as must-patch, researchers warn.

U-Haul Customer Contract Search Tool Compromised

Password compromise led to unauthorized access to a customer contract search tool over a five-month window, according to the company.

Cyberattackers Abuse Facebook Ad Manager in Savvy Credential-Harvesting Campaign

Facebook lead-generation forms are being repurposed to collect passwords and credit card information from unsuspecting Facebook advertisers.

Name That Toon: Shiver Me Timbers!

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Opus Security Emerges from Stealth with $10M in Funding for Cloud SecOps and Remediation Processes

Siemplify veterans introduce Cloud Security Orchestration and Remediation platform, backed by high-profile investors including YL Ventures, Tiger Global, and CEOs of CrowdStrike and CyberArk

Lorenz Ransomware Goes After SMBs via Mitel VoIP Phone Systems

The ransomware gang has been seen exploiting a Mitel RCE flaw discovered in VoIP devices in April (and patched in July) to perform double-extortion attacks.

Business Security Starts With Identity

How identity-centric security can support business objectives.

Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022

.

How Machine Learning Can Boost Network Visibility for OT Teams

Opswat says its new tool uses neural networks to protect critical environments through AI-assisted asset discovery, network visibility, and risk management.

Google Releases Pixel Patches for Critical Bugs

Unpatched Pixel devices are at risk for escalation of privileges, Google warns.

Cisco Data Breach Attributed to Lapsus$ Ransomware Group

Analysis shows attackers breached employee credentials with voice phishing and were preparing a ransomware attack against Cisco Systems.

Cybersecurity Awareness Campaigns: How Effective Are They in Changing Behavior?

Your chance to be a part of a ground-breaking study.

Google Completes Acquisition of Mandiant

The threat-intelligence and cyberdefense company company will join Google Cloud and retain its brand name.

Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats

Users must continually be made aware of new threats, including attacks targeting shipping, the supply chain, email, and hybrid workers.

Zane Lackey: 'Technology Is the Easy Bit'

Security Pro File: The DevOps evangelist and angel investor shares his expertise with the next generation of startups If you're lucky, maybe he'll even share his Lagavulin.

Monti, the New Conti: Ransomware Gang Uses Recycled Code

A new group, Monti, appears to have used leaked Conti code, TTPs, and infrastructure approaches to launch its own ransomware campaign.

Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy

The critical flaw in BackupBuddy is one of thousands of security issues reported in recent years in products that WordPress sites use to extend functionality.

US Sanctions Iran Over APT Cyberattack Activity

The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.

Microsoft, Cloud Providers Move to Ban Basic Authentication

Microsoft moves ahead with a plan to sunset basic authentication, and other providers are moving — or have moved — to requiring more secure authentication as well. Is your company ready?

LockBit, ALPHV, and Other Ransomware Gang Leak Sites Hit by DDoS Attacks

A sweeping effort to prevent a raft of targeted cybercrime groups from posting ransomware victims' data publicly is hampering their operations, causing outages.

Why Ports Are at Risk of Cyberattacks

More docked ships bring a new challenge. The longer a ship is docked, the more vulnerable the port is to a cyberattack.

Darktrace Shares Plunge After Thoma Bravo Acquisition Falls Apart

No agreement could be reached on terms of a firm offer, the provider of AI-based cybersecurity products says.

A Pragmatic Response to the Quantum Threat

You certainly don't need to panic, but you do need to form a plan to prepare for the post-quantum reality.

5 Keys to Better Key Management

From analyzing your company's risk profile to knowing where keys are stored and who can access them, prioritize key clean-up and management. Make compliance an outcome and develop a risk management strategy.

Meta to Appeal $400M GDPR Fine for Mishandling Teen Data in Instagram

Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors.

Former Conti Ransomware Members Join Initial Access Broker Group Targeting Ukraine

The initial access broker (IAB) for ransomware gangs known as UAC-0098 has targeted Ukrainian organizations in five separate phishing campaigns spanning April to August.

SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform

Investment to fuel growth and market presence as demand grows for SaaS' next-generation security tools for managed service providers.

Everything You Need To Know About BlackCat (AlphaV)

A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide.

Pentesting Evolves for the DevSecOps World

Penetration testing not only serves to triage and validate other defect discovery activities, it informs risk management activities, such as threat modeling and secure design.

Holiday Inn Owner InterContinental Has a Breach Trend

After a high-profile 2017 breach and a Holiday Inn ransomware hit earlier this year, IHG confirms that its booking channels and applications have been disrupted in yet another cyberattack.

Fighting Ransomware Takes an Army: Our Public & Private Sector Soldiers Join Forces

Continued collaboration will help win the fight as cybersecurity remains a national priority. International and public-private cooperation is helping stem the damage from ransomware threats and cyberattacks.

Next-Gen Linux Malware Takes Over Devices With Unique Toolset

The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cyptominer, and allows full remote control.

Some Employees Aren't Just Leaving Companies — They're Defrauding Them

Here are a few measures your organization can implement to minimize fraudulent behavior and losses.

Name That Edge Toon: Mime's the Word

Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Critical QNAP NAS Zero-Day Bug Exploited to Deliver DeadBolt Ransomware

This is the fourth DeadBolt campaign this year against QNAP customers, but it differs from previous attacks in exploiting an unpatched bug instead of a known vulnerability.

The 3 Fundamentals of Building an Effective IoMT Security Strategy

The high stakes and unique priorities for Internet of Medical Things devices require specialized cybersecurity strategies.

Cymulate Raises $70M Series D Funding for Continuous Security Posture Testing

Investor participation from prior round demonstrates confidence in the company's current and future performance.

EvilProxy Commodifies Reverse-Proxy Tactic for Phishing, Bypassing 2FA

The phishing-as-a-service offering targets accounts from tech giants, and also has connections to PyPI phishing and the Twilio supply chain attack.

Botnets in the Age of Remote Work

Here are some strategies for protecting the business against botnets poised to take advantage of remote-work vulnerabilities.

3 Critical Steps for Reducing Cloud Risk

Having a better understanding of how clouds are built, connected, and managed helps organizations mitigate risks and reduce attack surfaces.

Researchers Spot Snowballing BianLian Ransomware Gang Activity

The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace.

Raspberry Robin Malware Connected to Russian Evil Corp Gang

Infections attributed to the USB-based worm have taken off, and now evidence links the malware to Dridex and the sanctioned Russian cybercriminal group Evil Corp.

4 Scenarios for the Digital World of 2040

Our digital future depends on the choices we make today. We need to invest in cybersecurity technologies and skills so that humanity can control its future.

AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data

Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.

The Makings of a Successful Threat-Hunting Program

Threat hunters can help build defenses as they work with offensive security teams to identify potential threats and build stronger threat barriers.

Ragnar Locker Brags About TAP Air Portugal Breach

TAP assures its customers that it stopped data theft in a recent cyberattack, but the Ragnar Locker ransomware group says it made off with user info.

Ghost Data Increases Enterprise Business Risk

IT has to get its hands around cloud data sprawl. Another area of focus should be on ghost data, as it expands the organization's cloud attack surface.

Threat Actor Phishing PyPI Users Identified

"JuiceLedger" has escalated a campaign to distribute its information stealer by now going after developers who published code on the widely used Python code repository.

New Guidelines Spell Out How to Test IoT Security Products

The proposed AMTSO guidelines offer a roadmap for comprehensive testing of IoT security products.

Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

The insecurities exist in CI/CD pipelines and can be used by attackers to subvert modern development and roll out malicious code at deployment.

(ISC)(2) Launches 'Certified in Cybersecurity' Entry-Level Certification to Address Global Workforce Gap

After a rigorous pilot program, the association's newest certification is officially operational. More than 1,500 pilot participants who passed the exam are on the path to full certification.

Real-World Cloud Attacks: The True Tasks of Cloud Ransomware Mitigation

Cloud breaches are inevitable — and so is cloud ransomware. (Second of two parts.)