DarkSide Ransomware Suffers ‘Oh, Crap!’ Server Shutdowns
The RaaS that crippled Colonial Pipeline lost the servers it uses to pull off ransomware attacks, while REvil’s gonads shrank in response.
Hackers Using Microsoft Build Engine to Deliver Malware Filelessly
Threat actors are abusing Microsoft Build Engine (MSBuild) to filelessly deliver remote access trojans and password-stealing malware on targeted Windows systems. The actively ongoing campaign is said to have emerged last month, researchers from cybersecurity firm Anomali said on Thursday, adding the malicious build files came embedded with encoded executables and shellcode…
Chart: Cybersecurity Now a Top Corporate Priority
Majority of global IT decision makers say cybersecurity is extremely or more important now than it was pre-pandemic, according to Cisco.
Gamers warned of downloading fake Afterburner overclocking tool to boost graphics card performance
A leading manufacturer of gaming hardware has warned internet users to be wary of downloading fake versions of free software it distributes to overclock GPUs. Read more in my article on the Hot for Security blog.
‘Scheme Flooding’ Allows Websites to Track Users Across Browsers
A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymity in Chrome, Firefox, Microsoft Edge, Safari and even Tor.
Verizon: Pandemic Ushers in ⅓ More Cyber-Misery
The DBRI – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers.
Report to Your Management with the Definitive ‘Incident Response for Management’ Presentation Template
Security incidents occur. It's not a matter of 'if' but of 'when.' There are security products and procedures that were implemented to optimize the IR process, so from the 'security-professional' angle, things are taken care of. However, many security pros who are doing an excellent job in handling incidents find…
Automating Cloudflare Tunnel with Terraform
Cloudflare Tunnel allows you to connect applications securely and quickly to Cloudflare’s edge. With Cloudflare Tunnel, teams can expose anything to the world, from internal subnets to containers, in a secure and fast way. Thanks to recent developments with our Terraform provider and the advent of Named Tunnels it’s never…
Want to be a cybersecurity manager? Colonial Pipeline is recruiting
Sounds like a great opportunity. It’s not as if things can get worse, right?
Report: Colonial Pipeline paid ransomware attackers $5 million, but still had to rely on its own backups
Bloomberg reports that the extortionists of Colonial Pipeline received almost $5 million worth of cryptocurrency, but that the tool they provided to decrypt IT systems wasn't up to the job.
Heightened work-related stress and increased workloads are taking their toll on technology leader’s mental wellbeing
A CISOs workday is riddled with high-stress situations as they constantly battle the deluge of threats emerging from the ever-expanding threat landscape. Therefore it is no wonder that the majority of technology leaders are feeling stressed. In recent years the challenges that CISOs face have only intensified. Since the…
Scumbag ransomware attackers hit Irish Health Service
Earlier today, Ireland’s health service (the HSE) shut down all of its IT systems following what they describes as a “significant ransomware attack.”
Weekly Update 243
Presently sponsored by: SecurityFWD. A brand new YouTube show from Varonis. Watch Episode 1: How Far can Wi-Fi Travel?This one is a real short intro as right now, it hurts to type (copy and paste is earlier 😊): I’m Back at a *REAL* Conference; Dealing with RSI; Shellies and MQTT;…
85% of Data Breaches Involve Human Interaction: Verizon DBIR
Ransomware, phishing, and Web application attacks all increased during a year in which the majority of attacks involved a human element.
Colonial Pipeline Shells Out $5M in Extortion Payout, Report
According to news reports, Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption key.