Attacks

Wiper malware can be a very destructive tool for threat actors when targeting a specific group or business. Although difficult to defend against, there are ways to make organizations less susceptible to these types of attacks. Some of these methods include: • Making sure malware protection and AV is up to date• Regularly creating secure offline backups• Train employees on how to spot phishing attempts and other forms of attacks• Install updates/patch operating systems, software,…

“One of the primary reasons [threat actors] may be using Golang for their information stealer malware is because it allows them to easily create cross-platform malware that can run on multiple operating systems, such as Windows, Linux, and macOS. Additionally, the Go compiled binary files are small in size, making them more difficult to detect by security software,” reads Cyble’s technical analysis. The finding comes a little more than two months after SEKOIA announced Aurora…

DDoS attacks can have devastating consequences if performed successfully. The use of the internet will not go away, and with the world increasingly going more digital, the likelihood of DDoS attempts will continue to grow. It is important to dedicate resources towards protecting against these types of attacks with a vigilant DDoS mitigation approach. Cyberattacks Target Websites of German Airports, Admin

It is highly recommended to install security patches on all Windows systems in an environment, particularly any that are exposed to the Internet. As vulnerabilities are discovered, maintaining a consistent patching cycle for devices can help reduce attack surface and prevent an environment from being breached. Threat actors have been known to still use fixed vulnerabilities that are months old, due to inconsistent patching among many systems around the world. It is also recommended to…

The authoring organizations encourage network defenders to:• Implement best practices to block phishing emails.• Audit remote access tools on your network to identify currently used and/or authorized RMM software.• Review logs for execution of RMM software to detect abnormal use of programs running as a portable executable.• Use security software to detect instances of RMM software only being loaded in memory.• Implement application controls to manage and control execution of software, including allow listing RMM…

The company did not disclose how many users were impacted, but said it’s directly contacting the victims to provide additional information and recommend certain “actionable steps” to secure their accounts. GoTo has also taken the step of resetting the passwords of affected users and requiring them to reauthorize MFA settings. It further said it’s migrating their accounts to an enhanced identity management platform that claims to offer more robust security. Individuals who have been compromised…