The latest news covering cyber security, network security, cyber threat and data breaches.

- Bill Demirkapi Says Software Is Risky With Unpatched Issues Windows computers often come with a variety of software loaded by manufacturers. HP includes many tools, one of which underwent an unflattering examination by 18-year-old security researcher . The tool has been preinstalled on all Windows desktop and laptop computers HP has made since October 2012. It pulls system software updates and ones for drivers and utilities. Demirkapi gained notoriety last year for finding vulnerabilities in education software made by Blackboard and Follett, as reported by conference in Las Vegas, and he's ... [Read More]

- Vendors of offensive cyber tools have made it easy for any threat group with the right funds to leverage unpatched bugs, FireEye says. Sophisticated advanced persistent threat groups are no longer the only ones leveraging zero-day exploits. An analysis by FireEye of exploit activity last year showed that more cyberattackers exploited more zero-day vulnerabilities in 2019 than in any of the previous three years. While known threat groups accounted for a substantial portion of the activity, FireEye found that a wide range of other groups leveraged zero-day exploits as well. In particular, ... [Read More]

- These DNS hijacking attacks, which are mainly targeting users in the U.S., France and Germany, come at a time when the COVID-19 pandemic is forcing more employees to telework, which means they're relying on home routers to conduct business (see: "With employees working from the comfort of their own home, attackers could use these attacks on home routers that are not properly secured to compromise work devices and gain access to sensitive data or phish employee credentials and use them to connect to the employer's infrastructure," Liviu Arsene, senior cybersecurity analyst at Bitdefender, ... [Read More]

- As more and more ransomware victims recover their data by paying up, the extortion payments made to ruthless cybercrooks are motivating the ransomware industry, new research suggests. A study by market research firm CyberEdge Group reveals that only 49 percent of ransom payers recovered their data in 2018. In 2019, however, that number rose to 61 percent. Today, 67 percent of ransom payers have reported recovering their data, according to the report . The news is bad for the market. With an increasing number of victims willing to pay to recover their precious data and restore operations, ... [Read More]

- The town of Jupiter, located in an area of Florida hard hit by Coronavirus, is continuing to recover from a late March ransomware attack. Town officials reported last week that its email, utility payment and planning submissions systems were all down. The attack took place on March 23 with town officials notifying residents two days later that many systems were down. The town reported on April 2 that is still in the process of restoring these services using back up files, according to . The ransomware has been identified as REvil/Sodinokibi , which has been used in a ... [Read More]

- Share this article on: The Otis R. Bowen Center for Human Services, an Indiana-based provider of mental health and addiction recovery healthcare services, has announced that unauthorized individuals have gained access to the email accounts of two of its employees. It is unclear when the email account breaches occurred and for how long unauthorized individuals had access to the email accounts. In its website substitute breach notification, The Otis R. Bowen Center said an independent digital forensic investigation revealed on January 28, 2020 that PHI had potentially been accessed as a result ... [Read More]

- Hacker tries to pin the blame on Night Lion Securty, a US cyber-security firm. For the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the name of a cyber-security firm behind, trying to divert blame. According to security researcher John Wethington , one of the people who saw this campaign unfolding and who aided ZDNet in this report, the first intrusions began around March 24. The attacks appear to be carried with the help of an automated script that ... [Read More]


- Guardicore Labs this week published a report detailing how a malicious botnet has been using a brute force technique for nearly two years now to compromise systems running Microsoft SQL Server databases, then deploying multiple backdoors and executing numerous malicious modules including multifunctional remote access tools (RATs) and cryptominers. Ophir Harpaz, a cybersecurity researcher for the provider of tools for microsegmenting network traffic, said the botnet, which has been dubbed Vollgar , has been active since at least May 2018. Guardicore is now making available a free Powershell ... [Read More]

- Crooks are taking advantage of this 'surreal situation' to increase pressure warns law enforcement agency. Cyber criminals are preying on anxieties around the coronavirus outbreak in an effort to maximise the impact of their attacks – with some operations intensifying ransomware and DDoS attacks at a time when remote access to computer networks and online services is more vital than ever. A new paper from Europol – based on contributions from European Union member states and partners - examines how cyber criminals have reacted and evolved since the beginning of the COVID-19 pandemic and ... [Read More]


- 21% of SMBs Don't Have a Data Backup or Disaster Recovery Solution in Place New research from  Infrascale  indicates that 58 percent of C-level executives at small and medium businesses (SMBs) said their biggest data storage challenge is security vulnerability. Nearly half (49 percent) of top leaders at SMBs said cyberattacks are their biggest data protection concern. Yet more than 20 percent of SMB leaders said they do not currently have a data backup or disaster recovery solution in place. The Infrascale research , conducted in March 2020, is based on a survey of more than 500 C-level ... [Read More]