Malware

Brute-force credential guessing attacks against database servers are ramping up with MSSQL being at the top of the target list. That’s because attackers can leverage the many extensibility features that Microsoft’s database server provides to integrate with other Windows components and features to elevate their privileges and gain full control of the underlying servers. Last week, researchers from security firm Trustwave released data collected over four months from their global honeypot project, a network of…

Read More

In the early morning of May 3, the City of Dallas, Texas, was hit by a ransomware attack, for which the Royal ransomware gang later took credit. The city’s police, fire rescue, water service payment, and development systems, among others, were significantly hampered by the incident, forcing many departments to revert to handwritten and radio-related communications. In a report dated May 31, released on June 9, the city said that more than 90% of the…

Read More

Data security software provider Baffle has released Baffle Manager 2.0, an interface upgrade to automate enterprise-level data protection for applications, analytics, and AI. The user interface upgrade is aimed at simplifying application-level encryptions, which were difficult and time-consuming with legacy systems, the company said in a press statement. “Baffle Manager 2.0 is a single platform where users can create and manage their data protection policies across the cloud, legacy, and third-party applications and stay on…

Read More

Russia didn’t just attack Ukraine on the ground when it invaded that country on February 24, 2022, it also raided Ukraine’s data connections in space. On that date, “a multifaceted and deliberate cyber-attack against Viasat’s KA-SAT network resulted in a partial interruption of KA-SAT’s consumer-oriented satellite broadband service,” Viasat reported on March 30, 2022. According to the satellite services provider, “the cyber-attack did impact several thousand customers located in Ukraine and tens of thousands of…

Read More

Western Digital has blocked devices running vulnerable firmware versions from accessing its cloud services, the company said in an advisory. The move comes about a month after the company released firmware updates for its My Cloud product line to address a critical path traversal bug that leads to remote code execution (RCE). “Devices running unpatched firmware versions will not be able to connect to Western Digital cloud services starting June 15, 2023, and users will…

Read More

Misguided expectations on security spend are causing problems for CISOs despite notable budget increases. That’s according to new research from risk and cybersecurity solutions provider BSS, which surveyed 150 security leaders. It found that while most CISOs are experiencing noteworthy increases in security funding, impractical expectations of budget holders are leading to significant amounts being spent on what’s hitting the headlines instead of strategic, business-centric investment in security defenses. This lack of understanding shows that…

Read More

A Forbes article is making the rounds right now about America’s most cyber-secure companies, and I can already see the cybersecurity outrage machine up in arms. Full confession: I haven’t yet read the article, but I’m about to. I’m writing this in two parts: before I read the article, and after I read the article. Part I: What are the most cyber-secure companies? If you ask me to list the most cyber-secure companies (what does…

Read More

A cybercriminal group calling itself Diicot is performing mass SSH brute-force scanning and deploying a variant of the Mirai IoT botnet on compromised devices, according to researchers. The group also deploys a cryptocurrency mining payload on servers with CPUs that have more than four cores. “Although Diicot have traditionally been associated with cryptojacking campaigns, Cado Labs discovered evidence of the group deploying an off-the-shelf Mirai-based botnet agent, named Cayosin,” researchers from Cado Security said in…

Read More

Trend Micro has announced the integration of generative AI into its flagship Vision One platform with the new AI tool, Companion. Companion uses advanced AI/machine learning analytics and correlated detection models to enhance extended detection and response (XDR) capabilities, according to the cybersecurity vendor. It has been designed to amplify security operations, improve accessibility and efficiency, and quicken threat hunting speeds for analysts of varying skill levels, Trend Micro claimed in a press release. The…

Read More

Team Cymru has launched Pure Signal Scout, an external threat-hunting and malicious infrastructure analysis tool to “level up” security operations centers (SOCs). Under the promise of being the “fastest” tool available for threat insights, Pure Signal Scout is expected to save analysts’ time by providing fast answers to complex queries. “We are now achieving in one working day what used to take several,” Josh Picolet, team leader of Team Cymru’s S2 Threat Research, said in…

Read More