Human behavior can both fortify organizations’ defenses and, in some cases, inadvertently open the doors to #CyberThreat.
In Forbes, Rob Harrison, vice president, product management, at Sophos, explains how regular technology updates, #MSP partnership, and a collaborative approach to cybersecurity adds layers of protection. Learn more: https://bit.ly/3RT5Nr6
A recent report from the security threat monitoring platform Shadowserver reveals that almost 11 million SSH servers on the public web, identified by unique IP addresses, are vulnerable to Terrapin attacks.
Despite varied initial infection methods, the core of the attack remains consistent: reliance on PowerShell and the establishment of a scheduled task executing a VBS file.
We've unveiled significant #firewall and XDR updates, including:
Sophos Firewall ZTNA gateway access
Sophos #XDR support for numerous third-party products
Altogether, the updates “advance the mission for us to get better and faster at detecting and responding to threats,” says Raja Patel, chief product officer at Sophos.
As the #CyberThreat landscape evolves, our team continues to push the envelope and develop new products and upgrades that simplify processes for partners and deliver superior cybersecurity outcomes for customers.
The #CyberThreat landscape evolves, many organizations struggle with high alert volumes and false positives, resulting in a perpetual game of catch-up that taxes resources and diminishes security efficacy.
Solutions infused with automated moving target defense (AMTD), an emerging concept developed and championed by Gartner, put the pressure back on adversaries by rendering large swaths of malicious TTPs useless. Learn how: https://bit.ly/3QMjLvO
It’s crucial for boards of directors to understand the full breadth of unique #cybersecurity risks that their organization faces. Where, when, and how adversaries carry out a #cyberattack could result in a variety of outcomes.
For example, ransomware attacks vary in severity. If it impacts an organization’s operational technology, it could disrupt the delivery of critical products and services. But in some cases, attacks solely on IT systems cause fewer issues.
A general understanding of the #CyberThreat landscape and what’s at stake can help business leaders plan for potential breaches. Here’s how to provide insight:
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #42/2023 is out! It includes the following and much more:
➝ 🔓 👀 Tracking Unauthorized Access to #Okta's Support System
➝ 🔓 🇯🇵 #Casio discloses #databreach impacting customers in 149 countries
➝ 🔓 🧬 Hacker leaks millions more #23andMe user records on #cybercrime forum
➝ 🔓 🇨🇳 D-Link confirms data breach after employee #phishing attack
➝ 🔓 💰 #Equifax Fined $13.5 Million Over 2017 Data Breach
➝ 🇺🇦 🧹 Ukrainian activists hack Trigona #ransomware gang, wipe servers
➝ 🇺🇸 🇰🇵 FBI: Thousands of Remote IT Workers Sent Wages to #NorthKorea to Help Fund Weapons Program
➝ 🇮🇳 ☁️ #India targets #Microsoft, #Amazon tech support #scammers in nationwide crackdown
➝ 🇵🇸 🇮🇷 #Hamas-linked app offers window into cyber infrastructure, possible links to Iran
➝ 👮🏻♂️ 🥷🏻 Police seize #RagnarLocker leak site
➝ 🇰🇵 North Korean Hackers Exploiting Recent #TeamCity Vulnerability
➝ 🇨🇳 🇷🇺 #China replaces #Russia as top #cyberthreat
➝ 🇺🇦 📡 CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
➝ 🇫🇷 🇪🇸 #France frees the two biggest Spanish hackers
➝ 🇺🇸 ⚓️ Ex-Navy IT head gets 5 years for selling people’s data on #darkweb
➝ 🇨🇭 🗳️ #Switzerland’s e-voting system has predictable implementation blunder
➝ 🔓 🏭 Critical Vulnerabilities Expose #Weintek HMIs to Attacks
➝ 🔓 🏭 #Milesight Industrial Router #Vulnerability Possibly Exploited in Attacks
➝ 🦠 🇻🇳 Fake #Corsair job offers on #LinkedIn push #DarkGate malware
➝ 🦠 Google-hosted #malvertising leads to fake #Keepass site that looks genuine
➝ 🦠 💬 #Discord still a hotbed of #malware activity — Now APTs join the fun
➝ 🦠 🕵🏻♂️ SpyNote: Beware of This Android #Trojan that Records Audio and Phone Calls
➝ 🛍️ 🦠 #Android will now scan sideloaded apps for malware at install time
➝ 💬 🔐 #WhatsApp#passkeys on the way, but as usual, for Android first
➝ 🇷🇺 🗂️ Pro-Russian Hackers Exploiting Recent #WinRAR Vulnerability in New Campaign
➝ 🗓️ ❌ Signal Pours Cold Water on Zero-Day Exploit Rumors
➝ 🔓 💥 #Cisco warns of new #IOS XE #zeroday actively exploited in attacks
📚 This week's recommended reading is: "RTFM: Red Team Field Manual v2" by Ben Clark and Nicholas Downer
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
In its "Baseline Cyber Threat Assessment: Cybercrime" guidance that was recently released, the Canadian Centre for Cyber Security (CCCS) included a chart showing the sectors that were impacted by ransomware in 2022 in Canada.
This baseline document is a wealth of information about the cyberthreat landscape & its impacts on Canadian organizations. Even if you're not from Canada, it can still be a valuable resource as much of the content applies no matter where you & your organization is from.
U.S. spy agencies will share more intelligence with U.S. companies, nongovernmental organizations and academia under a new strategy released this week that acknowledges concerns over new threats, such as another pandemic and increasing cyberattacks.
Passwords of over 500,000 Belgians leaked in data breach.
Over 500,000 Belgians have had their passwords leaked due to a significant data breach. The breach occurred on RaidForums, an online platform commonly used by hackers to exchange stolen data. Although the FBI and Europol took down the platform last year, certain data has resurfaced and become publicly available. The data leak includes private and business email addresses from well-known companies and institutions such as KU Leuven, Ghent University, and VRT.
Experts believe the data may have originated from an older hack of a popular site like Dropbox. As per haveibeenpwned.com, the data appears to have been stolen in 2020, and it probably contains over a year old passwords.
In light of this incident, following some best practices for password management is important.
1️⃣ Enable two-step verification for an extra layer of security.
2️⃣ Regularly change passwords to limit the impact of a data leak.
3️⃣ Use different passwords for different sites. A password manager can help manage this.
4️⃣ Avoid personal information in passwords and opt for a complex mix of characters.
5️⃣ Never respond to emails asking for passwords or personal information.
We had many important conversations at the @RSAConference, including how ransomware remains a pervasive threat and why patching vulnerabilities is still overlooked. Our experts need to stay up to date on the #CyberThreat landscape, and conferences like RSA make that possible.
Our #MDR service has grown its customer base by 33% in the first six months with our newest capability — ingesting and analyzing telemetry from third-party vendors. Learn more about our expanded #CyberThreat protections: https://fal.cn/3xOBk
To Battle New Threats, Spy Agencies to Share More Intelligence With Private Sector (www.msn.com)
U.S. spy agencies will share more intelligence with U.S. companies, nongovernmental organizations and academia under a new strategy released this week that acknowledges concerns over new threats, such as another pandemic and increasing cyberattacks.