DDoS extortion attacks have skyrocketed over the past year and are expected to trend upwards in the future too. DDoS attacks aren’t new threats. However, cybercriminals are leveraging these attacks to extort money from organizations by causing downtimes and preventing legitimate users from accessing the web application. With the global pandemic forcing organizations to adopt…
The Australian Cyber Security Centre (ACSC), Cybersecurity and Infrastructure Security Agency (CISA), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory, highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by cyber actors in 2020 and those vulnerabilities being widely exploited thus far in 2021. Cyber actors…
Australia’s top cyber spy says China’s actions in the hack of Microsoft Exchange email server software were akin to propping open the doors of thousands of homes and leaving them ajar for criminals to get inside. Rachel Noble, the director general of the Australian Signals Directorate (ASD), drew the analogy as she said the Chinese…
Fraud Management & Cybercrime , Fraud Risk Management Malware Distributed Using Fake Windows Installer Prajeet Nair (@prajeetspeaks) • July 27, 2021 Unofficial Windows 11 downloads hide malware. (Source: Kaspersky) Although Microsoft is slated to release the Windows 11 operating system in December, it’s already available for a limited pre-release preview. And cybercriminals are…
Aug. 1—Depending on who you talk to, zero trust is a new concept for stopping data breaches, the preferred network architecture for cybersecurity, the most secure model for online interactions, the best security framework or even a mantra for life — and its influence is growing rapidly. Wherever you turn, experts and thought leaders are…
Fraud Management & Cybercrime , Governance & Risk Management , IT Risk Management Patch Management and Locking Down Remote Desktop Protocol Remain Essential Defenses Mathew J. Schwartz (euroinfosec) • July 29, 2021 Buyers’ and sellers’ listings on darknet forums for access to organizations’ networks (Source: Positive Technologies) Ransomware operations continue to thrive thanks…
Last week iOS 14.7 appeared, adding features including support for Apple’s magnetic battery pack. Unfortunately, the update also interrupted the “Unlock with iPhone” feature that Apple Watch wearers used for easy access to their wristwear. Now, another update is going out to fix that. However, even if you don’t have an Apple Watch, you should…
Written by Tim Starks Jul 28, 2021 | CYBERSCOOP Digital sleuths at cyber threat intelligence firms have found clues that a seemingly new ransomware organization has links to DarkSide and REvil, two gangs that suddenly disappeared shortly after major attacks. From the moment DarkSide vanished following the Colonial Pipeline incident and REvil went dark after…
Three new Kaseya zero-day vulnerabilities were just disclosed in Kaseya Unitrends, including an RCE and an authenticated privilege escalation on the client-side. According to a recently released public advisory warning, the Kaseya serice should be kept off the internet until a patch is made available. “Do not expose this service or the clients directly to…
Embracing new technologies lead to qualitative growth but simultaneously holds high chances of quantitative data breaches. While adopting cloud technology, it is important to see the security of cloud infrastructure as one of the crucial responsibilities. There are various organizations out there that are still unsure of the security of their data present in the…
