CyberSecure Specialist

07 Mar

Akamai releases new threat hunting tool backed by Guardicore capabilities

Data Breaches, Malware, Social Engineering

Akamai on Tuesday launched Akamai Hunt, a visibility tool that uses the infrastructure of microsegmentation platform Guardicore to allow customers to identify and remediate threats and risks in their cloud environments. Akamai acquired Guardicore in October 2022 for about $600 million. Akamai Hunt combines Akamai’s historic data with Guardicore’s network segmentation and visualization capabilities to help identify and eliminate threats. “An earlier version of Hunt was available through Guardicore to a limited set of customers,”…

Read More
07 Mar

DoppelPaymer ransomware supsects arrested in Germany and Ukraine

Information

by Naked Security writer You’ve almost certainly heard of the ransomware family known as DoppelPaymer, if only because the name itself is a reminder of the double-barrelled blackmail technique used by many contemporary ransomware gangs. To increase the pressure on you to pay up, so-called double-extortionists not only scramble all your data files so your business stops running, but also steal copies of those files to use as extra leverage. The idea is that if…

Read More
07 Mar

What is zero trust? A model for more effective security

Data Breaches, Malware, Social Engineering

Security leaders are embracing zero trust, with the vast majority of organizations either implementing or planning to adopt the strategy. The 2022 State of Zero-Trust Security report found that 97% of those surveyed either have or plan to have a zero-trust initiative in place within 18 months. In fact, the percentage of organizations with zero trust already in place more than doubled in just one year, jumping from 24% in 2021 to 55% in the…

Read More
06 Mar

PayPal sued for negligence in data breach that affected 35,000 users

Data Breaches, Malware, Social Engineering

A pending class action lawsuit accuses online payments giant PayPal of failing to adequately safeguard the personal information of its users, leaving them vulnerable to identity theft and related ills at the hands of the unidentified perpetrators of a data breach that occurred late last year. Nearly 35,000 people were affected by the cyberattack, which used previously compromised usernames and passwords to gain access to PayPal’s systems. PayPal’s notice to users whose personal information was…

Read More
06 Mar

Cyberattack Hits Major Hospital in Spanish City of Barcelona

Information, News

A ransomware cyberattack on one of Barcelona’ s main hospitals has crippled the center’s computer system and forced the cancellation of 150 nonurgent operations and up to 3,000 patient checkups, officials said Monday. The attack Sunday on the Hospital Clinic de Barcelona shut down computers at the facility’s laboratories, emergency room and pharmacy at three main centers and several external clinics. “We can’t make any prediction as to when the system will be back up…

Read More
06 Mar

Ransomware Gang Leaks Data Stolen from City of Oakland

Attacks, Malware

Organizations should initiate proactive measures to ensure they are protected from ransomware. The US DHS website, stopransomware.gov, has links to resources that help organizations protect their systems from intrusions that lead to ransomware. To protect against ransomware attacks, organizations should: • Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.• Implement network segmentation.•…

Read More
06 Mar

DoppelPaymer Ransomware Gang Targeted in Europol Operation

Attacks, Malware

According to the German police, the five suspects have ties to Russia. The DoppelPaymer ransomware operation first appeared in 2019, focusing on critical infrastructure and major corporations. Europol reported that victims based in the United States alone paid the group at least $42.4 million between May 2019 and March 2021. German authorities have also reported 37 targeted companies by the ransomware gang. Among DoppelPaymer’s major victims are Dutch Research Council (NWO), Kia Motors America, laptop…

Read More
06 Mar

Modesto Police Department Suffers Ransomware Attack

Attacks, Malware

This incident serves as a reminder of the growing threat of cyber-attacks and that no industry or organization is off limits. This also highlights the need for organizations to take proactive steps to protect their data and systems. All organizations, both public and private, should review their security practices on a regular basis and take appropriate measures to safeguard their sensitive data from cyber threats. https://www.govtech.com/security/personal-data-exposed-in-cyber-attack-on-modesto-calif-pd

Read More
06 Mar

Open letter demands OWASP overhaul, warns of mass project exodus

Data Breaches, Malware, Social Engineering

For more than two decades, the Open Worldwide Application Security Project (OWASP) has provided free and open resources for improving the security of software. Led by the non-profit OWASP Foundation, OWASP has brought together community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and educational and training conferences for developers and technologists to secure the web. However, an open letter signed by dozens of OWASP members, contributors, and supporters questioned…

Read More
06 Mar

Municipal CISOs grapple with challenges as cyber threats soar

Data Breaches, Malware, Social Engineering

On February 10, the City of Oakland, California, announced it had been hit by a ransomware attack that knocked many of its systems offline. Four days later, Oakland declared a state of emergency as it grappled with the wide-ranging impact of the incident, which left city phone systems and multiple non-emergency services inoperable, including its 311 phone system. As of February 24, many city services were still down, including the 311 system, just as a…

Read More