News

Cybercrime as-a-service , Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development Malwarebytes: Gang Seeking ‘Pentesters’ and ‘Access Brokers’ Prajeet Nair (@prajeetspeaks) • July 26, 2021     Darknet advertisement posted by AvosLocker ransomware-as-a-service gang (Source: Malwarebytes) A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including “pentesters” and “access brokers,”…

Fraud Management & Cybercrime , Fraud Risk Management , Next-Generation Technologies & Secure Development Sygnia: ‘Praying Mantis’ Targets Checkbox Survey Flaws and Others Akshaya Asokan (asokan_akshaya) • July 27, 2021     Diagram of hacking group Praying Mantis’ steps (Source Sygnia) A newly discovered threat group dubbed Praying Mantis is targeting businesses in the U.S…

Governance & Risk Management , Network Detection & Response , Next-Generation Technologies & Secure Development Both Firms Buy Two Cybersecurity Companies Doug Olenick (DougOlenick) • July 27, 2021     Brisk M&A activity in the cybersecurity sector continues. Among the latest moves: Deloitte and Sophos each have announced two acquisitions See Also: An All-in-One Vulnerability…

Sophos announced that it has acquired Braintrace, further enhancing Sophos’ Adaptive Cybersecurity Ecosystem with Braintrace’s proprietary Network Detection and Response (NDR) technology. Braintrace’s NDR provides deep visibility into network traffic patterns, including encrypted traffic, without the need for Man-in-the-Middle (MitM) decryption. Located in Salt Lake City, Utah, Braintrace launched in 2016 and is privately held….

Governance & Risk Management , NIST Standards , Standards, Regulations & Compliance Firms Will Demonstrate Their Architectures to Help Agency Develop Guidance Dan Gunderman (dangun127) • July 26, 2021     The National Institute of Standards and Technology has selected 18 technology companies to demonstrate “zero trust” security architectures as it prepares to draft guidance…

Apple officially released iOS 14.7 software update last week with support for MagSafe magnetic battery pack support for iPhone 12 series. In addition to new features, system upgrades, improvements and bug fixes, the iOS 14.7 unfortunately interrupted the “Unlock with iPhone” feature. This feature mainly helped Apple Watch users for easy access to their smartwatch….

StrongPity Campaign Targeted Syrian E-Governance Website Akshaya Asokan (asokan_akshaya) • July 24, 2021     Hack-for-hire group StrongPity deployed Android malware to target visitors to Syria’s e-government website as part of its latest cyberespionage campaign, security firm Trend Micro reports. See Also: Live Webinar: Seeking Success by Adopting a SASE Architecture: en el idioma Español…

Kaseya did not negotiate with cyber criminals and pay a ransom following the REvil ransomware attack on July 2 which compromised about 60 MSPs and 1,500 end users. On Monday, the vendor confirmed on its website that it “did not pay a ransom – either directly or indirectly through a third party – to obtain…

A man washes a cow in the Mekong river in Phnom Penh November 7, 2012. REUTERS/Samrang Pring PHNOM PENH/HANOI, July 22 (Reuters) – Buried in a long U.S. indictment accusing China of a global cyberespionage campaign was a curious detail: Among the governments targeted by Chinese hackers was Cambodia, one of Beijing’s most loyal Asian…