Cyber Security News

The latest news covering cyber security, network security, cyber threat and data breaches.


- Configure Defenses to Block Attackers, Security Experts Advise ) •     Ransomware-wielding gangs are continuing to target corporate networks, and experts say they're typically breaking into victims' networks using one of three techniques: Remote desktop protocol access or some other type of remote access; phishing emails; or malware that's sometimes used in drive-by attacks against browsers. However attackers gain access to a network, it's typically a prelude to infecting every system they can find with crypto-locking malware. That's why experts say it's essential for organizations to ... [Read More]


- The notorious information-stealing trojan is one of the most prolific forms of malware out there - and has evolved yet again. Trojan malware: The hidden but deadly threat to your network 14:48 Watch Now Trickbot malware has been updated with a new method of propagation which makes it even harder to detect. Starting life as a banking trojan , Trickbot first emerged in 2016 but in the years since it has been repeatedly re-purposed for other means including being used as a fully-fledged information stealer, as well as providing backdoor access to infected machines, enabling cyber criminal groups ... [Read More]

Source: zdnet.com

- Malware, Now Acting as an Infostealer, Spotted in US and Germany: Cybereason ) •     A recently revamped version of the Valak strain of malware is targeting Microsoft Exchange servers in the U.S. and Germany, according to the security firm Cybereason . First spotted in late 2019, Valak was originally designed as a malware loader that could deliver banking Trojans such as Ursnif and IcedID to infected devices. In the more recent modifications, however, the creators of Valak have revamped the malware to act more as an information stealer capable of exfiltrating data from corporate user ... [Read More]


- The U.S. National Security Agency’s Central Security Service today  issued a warning that Russian military hackers have been exploiting a known vulnerability in email servers since at least August. The group behind the attack, known as the Sandworm Team, has been targeting unpatched Exim mail transfer agent software found on Unix-based systems and some Linux distributions as well. The Sandworm Team is said to be the part of the Russian General Staff Main Intelligence Directorate’s Main Center for Special Technologies, meaning that the attacks are state-sponsored. The vulnerability was ... [Read More]


- Small and midsize businesses (SMBs) are the bedrock of most national economies. And being a small-business owner is a hard job, especially during economic downturns and crises like the current COVID-19 pandemic. When the security industry looks at cybersecurity preparedness, it is often critical of SMBs. They are often portrayed as being lax or ignorant about security issues. However, Cisco's " " report, based on a survey of approximately 500 SMBs (those with 250 to 499 employees) shows that SMBs are actually paying close attention to security and that their sometimes novel and ... [Read More]


- Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP and PUA programs were established by the 2020 CARES (Coronavirus Aid, Relief, and Economic Security) Act to help provide financial security to certain businesses or workers during the Covid-19 pandemic. ... [Read More]


- In the second article of this two-part series, Sascha Giese, Head Geek ™ at SolarWinds , shares the final 5 steps that public sector organisations should adopt in order to form a robust security strategy Cybersecurity is crucial in today’s digital world. For the public sector, holding some of the most critical data in the U.K. and keeping it safe from all external—and internal—threats is one of their biggest challenges today. In the first of these two articles , we covered the first five steps public sector organisations should take to change how they think about their cybersecurity ... [Read More]


- The operators of the NetWalker ransomware gang have given MSU officials seven days to pay the ransom or they will leak stolen university files. The operators of the NetWalker (Mailto) ransomware have announced today that they've infected the network of Michigan State University, one of the US' oldest educational institutes. The ransomware gang has given MSU administrators a week to pay an undisclosed ransom demand to decrypt their files. In case MSU officials refuse to pay or choose to restore from backups, the ransomware gang is prepared to leak documents stolen from the university's network ... [Read More]

Source: zdnet.com

- The NSA has today issued a cybersecurity advisory warning organizations of a malicious cyber attack program that is being exploited by Sandworm Team, merely by sending a specially crafted email to execute commands with root privileges to unsuspecting victims. Victims who could then find malicious programs installed, data modified and new accounts created. The Sandworm Team is operated as part of the Russian General Staff Main Intelligence Directorate’s (GRU) Main Center for Special Technologies (GTsST), field post number 74455. Military hackers, in other words, and elite military hackers at ... [Read More]

Source: forbes.com

- Japanese telecommunications giant NTT says hackers breached its internal network and stole data on 621 customers. Nippon Telegraph & Telephone (NTT), the 64th biggest company in the world, according to the Fortune 500 list , has disclosed today a security breach. NTT says hackers gained access to its internal network and stole information on 621 customers from its communications subsidiary, NTT Communications, the largest telecommunications company in Japan, and one of the biggest worldwide. The hack took place on May 7, and NTT says it became of the intrusion four days later, on May 11. The ... [Read More]

Source: zdnet.com

- Their analysis showed the tool set contains a relatively comprehensive set of malware for everything from conducting reconnaissance to sniffing out valuable information, privilege escalation, credential theft, brute-forcing passwords, and evading intrusion detection tools. The malware includes tools for exploiting specific vulnerabilities in Windows environments and legacy server environments, such as Tomcat and WebLogic. Interestingly, a substantial proportion of the tools in the Netwalker portfolio were obtained from the public domain and included so-called gray-hat tools such as Mimikatz ... [Read More]


- Data breaches that resulted from cloud misconfigurations cost businesses nearly $3.18 trillion in 2019, according to DivvyCloud — here’s what to know to protect your business The Covid-19 pandemic is having huge effects on the economy, our social lives, and the ways in which we work. With many staff around the world now being required to work from home, the crisis has focused attention on cloud security and the resilience of its infrastructure to stand up to cloud security threats. The cybersecurity vulnerabilities inherent to cloud storage are nothing new. Many companies were still in ... [Read More]


- CIOs and CISOs have been under intense pressure to meet the needs of homebound workers, while simultaneously needing to take added steps to safeguard their enterprise networks. Steve Grobman, senior vice president and chief technology officer at McAfee, has a global view of that challenge. Grobman leads the company’s worldwide development of next-generation cyberdefense and data science technologies as well as threat and vulnerability research. In an interview for CyberScoop, Grobman shares his observations on what enterprise IT leaders are encountering — and measures that they might take ... [Read More]


- A recent rash of ransomware attacks on bank technology vendors — including Finastra, Diebold Nixdorf, Cognizant and Pitney Bowes — raises serious questions about why they're happening and what banks can do to protect themselves. “The threat vector of ransomware is definitely concerning for the industry, not only for us as a bank but for the industry and not only for the industry but also for the regulators,” Saul Van Beurden, head of technology at Wells Fargo, said in a recent interview. To his point, regulators drew specific attention to the need to protect data in the cloud in a ... [Read More]


- Last year, 60 percent of cyberattacks targeted small and medium sized businesses. Investing in protection is worth it. In the current environment, cybersecurity is essential for businesses of all sizes. Many small or medium-sized businesses find themselves without adequate cybersecurity, either as a result of believing that they don’t need it or simply overlooking it among the many demands that come with running a business.  Unfortunately, the reality is that smaller businesses are often seen as an easy target, making them at high risk for a cyberattack. To stay adequately protected, both ... [Read More]


- A malicious cyber actor or hacking collective has reportedly been sweeping the internet for online stores’ unsecured SQL databases, copying their contents, and threatening to publish the information if the rightful owners don’t pay up. The perpetrator has stolen the copied versions of at least 31 SQL databases, which have been put up for sale on an unnamed website. These databases constitute roughly 1.620 million rows of information, including e-commerce customers’ names, usernames, email addresses, MD5-hashed passwords, birth dates, addresses, genders, account statuses, histories and ... [Read More]


- In 2017, the DoD issued the Defense Federal Acquisition Regulation Supplement (DFARS) memorandum for contractors, requiring them to follow the NIST 800-171 cybersecurity framework. The goal was to protect CUI from cybersecurity attacks. However, confusion on the standards led to slow adoption. As a result, the DoD released the CMMC standard to help DIB contractors adopt strong and effective cybersecurity standards.   While CMMC has yet to fully roll out, its eventual release does not mean the demise of DFARS. All DoD contractors that process, store or transmit Controlled Unclassified ... [Read More]


- What types of cyberattacks were carried out this week, May 26, 2020? Read on to find out about the latest cyberattacks and who got hacked this week. Each week, TechDecisions brings you the latest cyber security news on cyberattacks and who got hacked from around the internet. Cyber security is becoming a main issue for many companies, and our weekly feature is a good example of why. Every week there are multiple stories of people, businesses, and products being hacked for fun, for money, and sometimes for evil. Luckily for you, knowing the enemy is half the battle. In order to prevent ... [Read More]


- There's malware in China, too. Meet DoubleGuns, one of China's largest malware botnets. Because Chinese users usually hang out in their own corner of the internet, behind the Great Firewall, we tend to forget that they are also targeted by malware on a daily basis; albeit different malware, and not usually the same that targets everyone else. For the past three years, the DoubleGuns trojan has emerged to take the crown as one of China's largest malware botnets. In an interview with ZDNet earlier today, Chinese antivirus vendor Qihoo 360 says DoubleGuns is exclusively found in China and is ... [Read More]

Source: zdnet.com

- At a time of technological transformation and “cyber everywhere”, the attack surface for organizations is exponentially growing and cyber criminals are going after operational systems and backup capabilities simultaneously in highly sophisticated ways—leading to enterprise-wide destructive cyber attacks. That’s one of the key findings of a report by consulting firm Deloitte released earlier this year, before the coronavirus pandemic and its related security threats had yet to make a significant impact on the world. As part of the research, Deloitte conducted an online poll of more ... [Read More]


BOOK A DEMO