Attacks

To protect against ransomware attacks, organizations should:• Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.• Implement network segmentation.• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location• Install updates/patch operating systems, software, and firmware as soon as…

Read More

On the contrary, End-to-End Encryption (E2EE) is a communication technique in which data is encrypted on the sender’s device and can only be unlocked by the recipient’s device using a secret key that is shared between the sender and receiver. Other Google products outside of Gmail also have client-side encryption enabled. Earlier this year, the tech giant made the same feature available for Google Meet, Drive, and Calendar. Google Drive apps also support client-side encryption…

Read More

In this campaign, the initial access using the trojanized ISO file was facilitated through phishing and relied on human error to infiltrate these organizations. A look back at campaigns over the past year have shown that many threat actors have turned to phishing tactics, likely because a human operator is often one of the weakest points in an organization’s security infrastructure. General recommendations for mitigation of phishing attacks are largely policy and user education based,…

Read More

Anyone that is a customer of FuboTV should be monitoring for any change in account activity including password or email changes. They should also be on the lookout for an update from FuboTV regarding what, if any, information was stolen and how to mitigate the attack from a customer standpoint. https://www.bleepingcomputer.com/news/security/fubotv-says-world-cup-streaming-outage-caused-by-a-cyberattack/?&web_view=true

Read More

Gemini advises its customers to rely on strong authentication methods and recommends activating two-factor authentication (2FA) protection and/or the use of hardware security keys to access their accounts. The company also provides the steps necessary for changing the email address associated with the Gemini account. https://www.bleepingcomputer.com/news/security/hackers-leak-personal-info-allegedly-stolen-from-57m-gemini-users/

Read More

It is highly recommended to implement and maintain an email security tool to help prevent malicious emails from reaching end users mailboxes. These tools utilize AV scanning and sandboxing to help identify and quarantine malicious attachments in emails. It is also recommended to implement an inbound block on HTML attachments. HTML attachments on inbound external email are generally uncommon, so the feasibility of blocking them outright should be determined to help prevent the more evasive…

Read More

A DDoS attack is an attempt to disrupt the traffic of a targeted server, service, or network by overwhelming it with a flood of Internet traffic. Threat actors send a massive number of requests for information to a server, site, or network, effectively shutting down a server and disrupting normal operations. To protect from such attacks, the Cybersecurity and Infrastructure Security Agency recommends the following. • Enroll in a DoS protection service that detects abnormal…

Read More

The ever-increasing trend of threat actors targeting healthcare organizations will likely unfortunately continue into 2023. It is unclear if this instance is a ransomware attack, but data theft is a common tactic used by ransomware operators to force victims into paying a data extortion ransom. Any impacted patients should ensure that they follow mitigation steps to protect themselves. This includes setting up credit monitoring to ensure that if data gets leaked, fraudulent accounts can not…

Read More