Social Engineering

Password management company LastPass, which was hit by two data breaches last year, has revealed that data exfiltrated during the first intrusion, discovered in August, was used to target the personal home computer of one of its devops engineers and launch a second successful cyberatttack, detected in November. The threat actor involved in the breaches infected the engineer’s home computer with a keylogger, which recorded information that enabled a cyberattack that exfiltrated sensitive information from…

Read More

While phishing, business email compromise (BEC), and ransomware still rank among the most popular cyberattack techniques, a mix of new-breed attacks is gaining steam, according to a new report from cybersecurity and compliance company Proofpoint. “While conventional phishing remains successful, many threat actors have shifted to newer techniques, such as telephone-oriented attack delivery (TOAD) and adversary in the middle (AitM) phishing proxies that bypass multi-factor authentication,” said Ryan Kalember, executive vice president of cybersecurity strategy…

Read More

Over the weekend an attacker has been uploading thousands of malicious Python packages on the public PyPI (Python Package Index) software repository. If executed on a Windows system, these packages will download and install a Trojan program hosted on Dropbox. Flooding public package repositories with malicious packages is not entirely new. Last year researchers detected a group of 186 packages from the same account on the JavaScript npm repository that were designed to install cryptomining…

Read More

Multilayered, well-funded cybersecurity systems are unable to protect enterprises in the US and Europe from cyberattacks, according to a report by automated security validation firm Pentera. The report, which was based on a survey of 300 CIOs, CISOs and security executives to get insights on their current IT and security budgets and cybersecurity validation practices, noted that the financial slowdown has had a minimal impact on cybersecurity budgets. “We’re seeing more organizations increase the cadence…

Read More

Companies rightly see much promise for future revenues and productivity by building and participating in emerging digital ecosystems — but most have not given enough consideration to the risks and threats inherent in such ecosystems. According to the TCS Risk & Cybersecurity Study, cyber threats within digital ecosystems may be an enterprise blind spot. TCS Santha Subramoni, global head, cybersecurity business unit at Tata Consultancy Services Digital ecosystems are dynamic, agile, interactive, borderless, multimodal, and…

Read More

Whenever shells rain down on Ukraine, Yuriy Gatupov’s colleagues put a ‘+’ sign in a chat room. Then, the pluses are counted. “We check if everybody is alive,” he says. Gatupov, the owner of two cybersecurity companies, says it is vital to stay connected during a time of war. With Russia now controlling around 18% of Ukraine’s territory including Donbas and Crimea, tech workers face formidable challenges. Air raid sirens blast all the time. Explosions…

Read More

The US Cybersecurity and Infrastructure Security Agency has issued an advisory urging organizations to increase cybersecurity vigilance today, the anniversary of Russia’s invasion of Ukraine, in the wake of a cyberattack against several Ukrainian government websites. “The United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord,” the CISA advisory said. The cyberattack in Ukraine, detected yesterday, hit the websites of a number…

Read More

Microsoft is advising Exchange Server administrators to remove some of the endpoint antivirus exclusions that the company’s own documentation recommended in the past. The rules are no longer needed for server stability and their presence could prevent the detection of backdoors deployed by attackers. “Times have changed, and so has the cybersecurity landscape,” the Exchange Server team said in a blog post. “We’ve found that some existing exclusions — namely the Temporary ASP.NET Files and…

Read More

Content delivery network (CDN) service provider Edgio has added a new Distributed Denial of Service (DDoS) scrubbing ability along with improved Web Application and API Interface (WAAP) to its network security offering. Designed to reduce severe damages from sophisticated DDoS attacks, Edgio’s scrubbing solution impersonates the customer’s network by routing the customer’s IP traffic through its scrubbing point-of-presence (PoP) and only sending the “clean” traffic back to the customer’s infrastructure, according to Richard Yew, senior…

Read More

Proof-of-concept exploit code is now available for a critical vulnerability in Fortinet FortiNAC appliances and attackers have already started using it in the wild. Users are advised to patch their systems as soon as possible. FortiNAC is a zero-trust network access solution that can be deployed both as a hardware device or as a virtual machine appliance. It is used for network segmentation, visibility, and control of devices and users connected to the network. As…

Read More