CyberSecure Specialist

14 Mar

How the Best CISOs Drive Operational Resilience

Information, News

The last three years have been fueled by turbulent change — especially when it comes to an organization’s tech structure. The unanticipated global pandemic drastically accelerated digital transformation (DX) and a borderless workforce, forcing businesses to fast-track projects they had previously scheduled to take years. These years-long projects began to be completed in the matter of months, or even weeks, and propelled the industry forward momentously, but also highlighted that cybersecurity must be interwoven in…

Read More
14 Mar

Universities and colleges cope silently with ransomware attacks

Data Breaches, Malware, Social Engineering

Although some cybersecurity researchers say that ransomware attacks are on the downswing as cybercriminals face declining payments, a spate of recent ransomware attacks makes it feel like the scourge is continuing at the same, or even an elevated, pace. Nowhere is this more apparent than in the higher education sector, with at least eight colleges and universities in North America reporting ransomware attacks since December 2022. Among recent incidents are: On December 30, 2022 Bristol…

Read More
14 Mar

ReversingLabs adds new context-based secret detection capabilities

Data Breaches, Malware, Social Engineering

ReversingLabs has added new secret detection capabilities to its software supply chain security (SSCS) tool to help developers prioritize remediation with context-based data on secrets. In a development environment, secrets refer to digital authentication credentials used in software components including login credentials, API tokens, and encryption keys. “We are using our knowledge of exposed secrets in the billions of files we’ve previously analyzed to provide that context,” said Tomislav Pericin, co-founder and chief software architect, ReversingLabs.…

Read More
14 Mar

Amazon-owned Ring reportedly suffers ransomware attack

Data Breaches, Malware, Social Engineering

Ring, a home security and smart home company owned by Amazon, has reportedly suffered a ransomware attack by Russia-linked ALPHV group, according to a tweet by VX-Underground. The ALPHV ransomware group, also known as BlackCat, has posted the company’s logo on its website along with a message that reads, “There’s always an option to let us leak your data.” The group has threatened to leak the stolen data if the company refuses to pay the ransom. It is…

Read More
14 Mar

Can a quantum algorithm crack RSA cryptography? Not yet

Data Breaches, Malware, Social Engineering

Every CISO has encryption implementation decisions to make at a variety of levels and instances as they sort the support needed for business operations such as production, sales, support, data retention, and communication. These decisions tend to lean heavily on the “ease of use” doctrine and ubiquitousness of the various product offerings being considered. Therefore the alarming report on “research” conducted by a pool of Chinese researchers on the “possibility” that RSA cryptographic algorithm was…

Read More
13 Mar

Medusa Ransomware Gang Picks Up Steam as It Targets Companies Worldwide

Attacks, Malware

Organizations should initiate proactive measures to ensure they are protected from ransomware. The US DHS website, stopransomware.gov, has links to resources that help organizations protect their systems from intrusions that lead to ransomware. To protect against ransomware attacks, organizations should: • Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.• Implement network segmentation.•…

Read More
13 Mar

Essendant Facing Multi-Day Systems “Outage”

Attacks, Malware

Serving about 30,000 reseller customers, Essendant maintains inventories of more than 160,000 different products, including conventional office supplies, cleaning and break room supplies, office furniture, and technology. The systems outage will significantly impact the supply chain. Essendant has not yet disclosed the reason for this outage. It is unclear if it was a technical problem or the result of a cyber attack. Lately, we have seen different multi-day “outages,” including the incidents that happened in…

Read More
13 Mar

Be Cautious of AI-Generated YouTube Videos, Experts Warn

Attacks, Malware

To combat the dissemination of disinformation, experts advise individuals to exercise caution when watching videos that seem too good to be true and verify information from multiple sources. They also urge social media platforms to proactively identify and remove fraudulent content. Employing multi-factor authentication as well as avoiding clicking suspicious links from unknown sources is advised. https://thehackernews.com/2023/03/warning-ai-generated-youtube-video.html

Read More
13 Mar

Dark Pink APT group linked to new KamiKakaBot attacks in Southeast Asia

Data Breaches, Malware, Social Engineering

The recently identified Dark Pink advanced persistent threat (APT) group is likely behind a fresh set of KamiKakaBot malware attacks on ASEAN governments and military entities, according to Netherlands-based cybersecurity company EclecticIQ. The attacks, which took place in February, were “almost identical” to those reported by Singapore-based global cybersecurity firm Group-IB on January 11, ElectricIQ said. Multiple overlapping techniques used in the campaigns helped EclecticIQ analysts attribute the recent attacks as likely to be the…

Read More
13 Mar

NMFTA Appoints Cybersecurity Director to Help Protect Trucking Industry 

Information, News

The National Motor Freight Traffic Association (NMFTA) has appointed Antwan Banks as its director of enterprise security as the organization shifts focus to end-to-end security for the trucking industry. The NMFTA told SecurityWeek that this is a newly created position. Banks will lead the organization’s cybersecurity practice, and work with its partners and members to ensure the safety and security of the supply chain in the United States.  “As you can imagine, this is increasingly…

Read More