CyberSecure Specialist

06 Jan

RSA crypto cracked? Or perhaps not!

Information

by Paul Ducklin There’s been a bit of a kerfuffle in the technology media over the past few days about whether the venerable public-key cryptosystem known as RSA might soon be crackable. RSA, as you probably know, is short for Rivest-Shamir-Adleman, the three cryptographers who devised what turned into an astonishingly useful and long-lived encryption system by means of which two people can communicate securely… …without meeting up first to agree on a secret encryption…

Read More
06 Jan

SpyNote Android Malware Infections Surge Following Leak of CypherRat Source Code

Attacks, Malware

While no official statement has been released as to how the malware variants are spreading, it can be assumed that these are likely spreading through phishing campaigns and malicious websites. From an enterprise level, the best course of action to take to prevent against this malware would be to educate end users on the best practices to take when browsing the internet, to verify application legitimacy, and to read application reviews prior to installation. Applications…

Read More
06 Jan

Bitdefender Releases Decryptor for MegaCortex Ransomware

Attacks, Malware

MegaCortex was first discovered in 2019 and was observed targeting corporate network with attacks that included adjustable ransom demands based on the companies that were attacked and the amount of data stolen. In October 2021, officials arrested 12 individuals related to thousands of MegaCortex and LockerGoga ransomware attacks. Along with the arrests, authorities discovered the private keys used in attacks, which lead to Bitdefender releasing the decryptor for the LockerGoga ransomware. Bitdefender did not release…

Read More
06 Jan

Rackspace: Customer Email Data Accessed in Ransomware Attack

Attacks, Malware

Since discovering the attack on December 2 and confirming the resulting outage was caused by a ransomware attack, Rackspace has been offering affected customers free licenses to migrate their email from its Hosted Exchange platform to Microsoft 365. The cloud computing provider also provided affected customers with download links to recovered historic mailbox data (containing email messages before December 2) through its customer portal via an automated queue. Rackspace added that its Hosted Exchange environment…

Read More
06 Jan

XDR and the Age-old Problem of Alert Fatigue

Information, News

XDR’s fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture According to 451 Research’s M&A Knowledgebase, cybersecurity M&A activity in 2021 reached an all-time high total deal value of $74.1 billion. Contributing to that growth, extended detection and response (XDR) went from zero to 28 deals in 19 months and is expected to drive continued M&A activity, with good reason. Extending its research into…

Read More
06 Jan

IOTW: Almost 50,000 UK government workers vulnerable to cyber attacks

Attacks, Data Breaches

A large number of UK government ministers and civil servants have been warned that they are vulnerable to hackers after their personal information was posted online and remained visible for months. The personal information for more than 45,000 civil servants was available until March 2020 via the Government Communication Service (GCS) website. The information included names, email addresses, phone numbers and job titles as well as links to social media profiles including Twitter and LinkedIn.…

Read More
06 Jan

Many of 13 New Mac Malware Families Discovered in 2022 Linked to China

Information, Malware, News

More than a dozen new Mac malware families were discovered in 2022, including information stealers, cryptocurrency miners, loaders, and backdoors, and many of them have been linked to China. Mac security expert Patrick Wardle has compiled a list of the macOS malware that came to light over the course of last year. The number of new malware appears to be increasing as only eight new families were spotted in 2021. The first malware to emerge…

Read More
06 Jan

14 UK schools suffer cyberattack, highly confidential documents leaked

Data Breaches, Malware, Social Engineering

More than a dozen schools in the UK have suffered a cyberattack which has led to highly confidential documents being leaked online by cybercriminals. That’s according to a report from the BBC which claimed that children’s SEN information, child passport scans, staff pay scales and contract details have been stolen by notorious cybercrime group Vice Society, known for disproportionately targeting the education sector with ransomware attacks in the UK and other countries. Passport, contract data…

Read More
06 Jan

SASE Company Netskope Raises $401 Million

Information, News

Secure access service edge (SASE) provider Netskope on Thursday announced that it has raised $401 million in an oversubscribed financing round. To date, the company has raised close to $1.5 billion. The new investment round was led by Morgan Stanley Tactical Value, with participation from CPP Investments, Goldman Sachs Asset Management, and Ontario Teachers’ Pension Plan. Founded in 2012, the Santa Clara, California-based Netskope offers a converged SASE platform that provides optimized access and zero…

Read More
06 Jan

Twitter’s mushrooming data breach crisis could prove costly

Data Breaches, Malware, Social Engineering

Since Elon Musk purchased Twitter in late October, non-stop turmoil and controversy have dogged the company, from massive staff firings and resignations to reputational damage from Musk’s careless and often bizarre tweets. Now, mushrooming concern around a possible data breach stemming from a now-fixed Twitter flaw is poised to drive the company further down unless Twitter takes quick action. Even as regulators in Europe begin to probe what appears to be a massive Twitter data…

Read More