CyberSecurity Updates

06 Jan

Bitdefender Releases Decryptor for MegaCortex Ransomware

Attacks, Malware

MegaCortex was first discovered in 2019 and was observed targeting corporate network with attacks that included adjustable ransom demands based on the companies that were attacked and the amount of data stolen. In October 2021, officials arrested 12 individuals related to thousands of MegaCortex and LockerGoga ransomware attacks. Along with the arrests, authorities discovered the private keys used in attacks, which lead to Bitdefender releasing the decryptor for the LockerGoga ransomware. Bitdefender did not release…

Read More
06 Jan

Rackspace: Customer Email Data Accessed in Ransomware Attack

Attacks, Malware

Since discovering the attack on December 2 and confirming the resulting outage was caused by a ransomware attack, Rackspace has been offering affected customers free licenses to migrate their email from its Hosted Exchange platform to Microsoft 365. The cloud computing provider also provided affected customers with download links to recovered historic mailbox data (containing email messages before December 2) through its customer portal via an automated queue. Rackspace added that its Hosted Exchange environment…

Read More
06 Jan

XDR and the Age-old Problem of Alert Fatigue

Information, News

XDR’s fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture According to 451 Research’s M&A Knowledgebase, cybersecurity M&A activity in 2021 reached an all-time high total deal value of $74.1 billion. Contributing to that growth, extended detection and response (XDR) went from zero to 28 deals in 19 months and is expected to drive continued M&A activity, with good reason. Extending its research into…

Read More
06 Jan

IOTW: Almost 50,000 UK government workers vulnerable to cyber attacks

Attacks, Data Breaches

A large number of UK government ministers and civil servants have been warned that they are vulnerable to hackers after their personal information was posted online and remained visible for months. The personal information for more than 45,000 civil servants was available until March 2020 via the Government Communication Service (GCS) website. The information included names, email addresses, phone numbers and job titles as well as links to social media profiles including Twitter and LinkedIn.…

Read More
06 Jan

Many of 13 New Mac Malware Families Discovered in 2022 Linked to China

Information, Malware, News

More than a dozen new Mac malware families were discovered in 2022, including information stealers, cryptocurrency miners, loaders, and backdoors, and many of them have been linked to China. Mac security expert Patrick Wardle has compiled a list of the macOS malware that came to light over the course of last year. The number of new malware appears to be increasing as only eight new families were spotted in 2021. The first malware to emerge…

Read More
06 Jan

14 UK schools suffer cyberattack, highly confidential documents leaked

Data Breaches, Malware, Social Engineering

More than a dozen schools in the UK have suffered a cyberattack which has led to highly confidential documents being leaked online by cybercriminals. That’s according to a report from the BBC which claimed that children’s SEN information, child passport scans, staff pay scales and contract details have been stolen by notorious cybercrime group Vice Society, known for disproportionately targeting the education sector with ransomware attacks in the UK and other countries. Passport, contract data…

Read More
06 Jan

SASE Company Netskope Raises $401 Million

Information, News

Secure access service edge (SASE) provider Netskope on Thursday announced that it has raised $401 million in an oversubscribed financing round. To date, the company has raised close to $1.5 billion. The new investment round was led by Morgan Stanley Tactical Value, with participation from CPP Investments, Goldman Sachs Asset Management, and Ontario Teachers’ Pension Plan. Founded in 2012, the Santa Clara, California-based Netskope offers a converged SASE platform that provides optimized access and zero…

Read More
06 Jan

Twitter’s mushrooming data breach crisis could prove costly

Data Breaches, Malware, Social Engineering

Since Elon Musk purchased Twitter in late October, non-stop turmoil and controversy have dogged the company, from massive staff firings and resignations to reputational damage from Musk’s careless and often bizarre tweets. Now, mushrooming concern around a possible data breach stemming from a now-fixed Twitter flaw is poised to drive the company further down unless Twitter takes quick action. Even as regulators in Europe begin to probe what appears to be a massive Twitter data…

Read More
05 Jan

The doctor will see you now … virtually: Tips for a safe telehealth visit

Information

Are your virtual doctor visits private and secure? Here’s what to know about, and how to prepare for, connecting with a doctor from the comfort of your home. Telehealth services were one of the tech success stories of the COVID-19 pandemic. Just as cloud-based services helped suddenly locked-down workers to stay productive, telemedicine consultations ensured doctors could still provide essential healthcare and advice without endangering their patients or staff. In fact, telehealth consultations accounted for…

Read More
05 Jan

S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]

Information

by Paul Ducklin LAST STRAW FOR LASTPASS? IS CRYPTO DOOMED? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE…

Read More