Malware

21 Mar

Developed countries lag emerging markets in cybersecurity readiness

Data Breaches, Malware, Social Engineering

Organizations in developed countries are not as prepared for cybersecurity incidents compared to those in developing countries, according to Cisco’s Cybersecurity Readiness Index, released today. Countries that were found to be most mature in their overall cybersecurity readiness included Asia-Pacific countries such as Indonesia, with 39% of organizations in what Cisco considers a “mature stage” of security preparedness; Philippines and Thailand, both with 27% of organizations in the mature stage; and India, with 24% of…

Read More
21 Mar

CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management

Attacks, Insights, Malware

As part of the Enduring Security Framework (ESF), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) has released Identity and Access Management Recommended Best Practices Guide for Administrators. These recommended best practices provide system administrators with actionable recommendations to better secure their systems from threats to Identity and Access Management (IAM). IAM—a framework of business processes, policies, and technologies that facilitate the management of digital identities—ensures that users only gain…

Read More
21 Mar

CISA Releases Updated Cybersecurity Performance Goals

Attacks, Insights, Malware

Today, we published stakeholder-based updates to the Cybersecurity Performance Goals (CPGs). Originally released last October, the CPGs are voluntary practices that businesses and critical infrastructure owners can take to protect themselves against cyber threats. The CPGs have been reorganized, reordered and renumbered to align closely with NIST CSF functions (Identify, Protect, Detect, Respond, and Recover) to help organizations more easily use the CPGs to prioritize investments as part of a broader cybersecurity program built around…

Read More
21 Mar

9 attack surface discovery and management tools

Data Breaches, Malware, Social Engineering

Cyber asset attack surface management (CAASM) or external attack surface management (EASM) solutions are designed to quantify the attack surface and minimize and harden it. The goal with CAASM tools is to give the adversary as little information about the security posture of the business as possible while still maintaining critical business services. If you’ve ever watched a heist film, step one in executing the score of the century is casing the place: observing security…

Read More
20 Mar

ForgeRock, Secret Double Octopus offer passwordless authentication for enterprises

Data Breaches, Malware, Social Engineering

ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations. ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications. “While ForgeRock already offers passwordless authentication for…

Read More
20 Mar

ForgeRock, Double Secret Octopus offer passwordless authentication for enterprises

Data Breaches, Malware, Social Engineering

ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations. ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications. “While ForgeRock already offers passwordless authentication for…

Read More
20 Mar

Bitcoin ATM Manufacturer General Bytes Closes Cloud Service After User Hot Wallets Are Compromised

Attacks, Malware

This incident highlights the importance of security measures when it comes to storing and managing cryptocurrency. Users should be careful when choosing where to store their funds and should always use secure storage options such as hardware wallets or cold storage. Additionally, companies that offer cloud-based cryptocurrency services must prioritize security to prevent unauthorized access and protect their customers’ funds. https://cointelegraph.com/news/bitcoin-atm-maker-shuts-cloud-service-after-user-hot-wallets-compromised

Read More
20 Mar

Alleged BreachForums Owner Pompompurin Arrested on Cybercrime Charges

Attacks, Malware

A separate BreachForums administrator under the alias Baphomet immediately posted a message following Pompompurin’s arrest. Baphomet claimed they retained control of the forum’s infrastructure and stated they would keep everyone updated on the situation. After the site went down, Baphomet began using the forum’s Telegram channel to provide updates to the forum’s community. On the morning of March 20th, Baphomet stated the migration process has slowed but claims the forum will return. In the meantime,…

Read More
20 Mar

New dotRunpeX Malware Spreads via Malicious Ads

Attacks, Malware

According to Check Point’s study, “each dotRunpeX sample has an embedded payload of a certain malware family to be injected,” with the injector identifying a list of anti-malware processes that should be terminated. This is made possible by exploiting a weak process explorer driver (procexp.sys) built into dotRunpeX to gain kernel mode execution. The malware may be linked to Russian-speaking threat actors. This conclusion was made based on the language references in the code. The…

Read More
20 Mar

CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws

Data Breaches, Malware, Social Engineering

Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) announced the launch of the Ransomware Vulnerability Warning Pilot (RVWP) program to “proactively identify information systems that contain security vulnerabilities commonly associated with ransomware attacks.” Once the program identifies vulnerable systems, regional CISA personnel will notify them so they can mitigate the flaws before attackers can cause too much damage.  CISA says it will seek out affected systems using existing services, data sources, technologies, and…

Read More