Continuous Monitoring and Protection
Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world’s biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight. Global concern over cybersecurity has never been higher, with attacks coming fast and furious and…
Read MoreNo internet, perfect security? Two ESET researchers perform a thought experiment where they consider the implications of being plunged into digital darkness. Not every computer problem is due to a war in Ukraine, or the failure of the power grid in Texas. But let’s say your network access gets shut off from the rest of the world due to a catastrophic event. Whether it is an armed conflict, a decision of an authoritarian regime, an…
Read MoreA view of the T3 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts In 2022, an unprovoked and unjustified attack on Ukraine shocked the world, bringing devastating effects on the country and its population. The war continues to impact everything from energy prices and inflation to cyberspace, which ESET researchers and analysts have monitored extensively throughout the year. Among the effects seen in cyberspace,…
Read Moreby Paul Ducklin CAN YOU GET HACKED AND THEN PROSECUTED FOR IT? Cryptocurrency crimelords. Security patches for VMware, OpenSSH and OpenSSL. Medical breacher busted. Is that a bug or a feature? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and…
Read MoreAuthorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “Trickbot,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. Initially a stealthy trojan…
Read MoreIndividuals who may have been affected by this breach should change login information immediately. Customers who may have been affected should also be aware that phishing attempts, whether by email or text, are likely to increase so any suspicious emails from unknown senders should be dealt with cautiously. https://www.bleepingcomputer.com/news/security/weee-grocery-service-confirms-data-breach-11-million-affected
Read MoreInfections via malicious Google ads has become increasingly utilized by threat actors in recent months, indicating the popularity of such a tactic gaining traction. It is recommended to install an ad blocker on web browsers, as this can help prevent these malicious Google ads from being served. This can help prevent an unsuspecting user from accidentally visiting the malicious website instead of the legitimate one. In cases where a masquerading malware such as Gootkit is…
Read MoreRansomware continues to be a dominant force in the cybercrime industry. While mitigating this threat is difficult, it is far from impossible, especially with mature incident response, threat detection, and disaster recovery programs in place. Implementing detections for Data Encrypted for Impact (MITRE ATT&CK Technique T1486) and other common ransomware techniques will help incident response teams react as soon as possible, potentially stopping the attacker in their tracks. Backups of critical systems, if kept disconnected…
Read MoreOriginal release date: February 9, 2023 CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Republic of Korea’s Defense Security Agency and National Intelligence Service have released a joint Cybersecurity Advisory (CSA), Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities, to provide information on ransomware activity used by North Korean state-sponsored cyber to target various critical infrastructure sectors, especially Healthcare and Public…
Read MoreVulnCheck, a Massachusetts startup with ambitious plans in the vulnerability intelligence space, has attracted $3.2 million in seed-stage funding from several prominent investors. The early-stage financing round was led by Sorensen Ventures and included equity stakes for In-Q-Tel, Lux Capital, and Aviso Ventures. Based in Lexington, Mass., VulnCheck is building technology that promises exploit intelligence for vulnerability prioritization and an early-warning system for in-the-wild software exploitation activity. Founded in 2021, VulnCheck is the brainchild of…
Read More