Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

Fetching data using the Rubrik Security Cloud PowerShell SDK

Feb 21, 2024 By Rubrik In Rubrik
Already pulled down the Rubrik Security Cloud PowerShell SDK and wondering why you aren't seeing all of the fields you are used to? This video will walk you through the various methods of fetching data from the RSC platform using the SDK. You'll get a basic understanding of how the module is architected and the difference between the autogenerated core cmdlets and the handcrafted wrapper cmdlets that exist within the Rubrik Security Cloud PowerShell module.
View Video
Trustwave

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

Feb 21, 2024 By Ed Williams In Trustwave
The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow won’t impact ransomware overall. As in the past, another group will pick up the slack, or LockBit itself will reform and get back into business.
Read Post
Arctic Wolf

Understanding and Responding to Ransomware

Feb 20, 2024 By Arctic Wolf In Arctic Wolf
As cybercrime evolves, one avenue for attack has risen to prominence across the world: Ransomware. According to Arctic Wolf’s State of Cybersecurity 2023 Trends Report, 48% of organizations view ransomware as the top attack vector concern. A concern comes with just cause, as the Arctic Wolf Labs 2024 Threats Report showed 48.6% of incidents investigated by Arctic Wolf were ransomware attacks.
Read Post
sysdig

SSH-Snake: New Self-Modifying Worm Threatens Networks

Feb 20, 2024 By Miguel Hernández In Sysdig
The Sysdig Threat Research Team (TRT) discovered the malicious use of a new network mapping tool called SSH-Snake that was released on 4 January 2024. SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network. The worm automatically searches through known credential locations and shell history files to determine its next move. SSH-Snake is actively being used by threat actors in offensive operations.
Read Post
knowbe4

Malvertising Campaign Spreads Phony Utility Bills

Feb 20, 2024 By Stu Sjouwerman In KnowBe4
A widespread malvertising campaign is attempting to trick users into paying phony utility bills, according to researchers at Malwarebytes. “We discovered a prolific campaign of fraudulent ads shown to users via Google searches,” the researchers write. “To give an idea of scale, the number of ads we found exceeds what we have found in previous malvertising cases....The scam begins when a user searches for keywords related to their energy bill.
Read Post
knowbe4

Only 7% of Organizations Can Restore Data Processes within 1-3 Days After a Ransomware Attack

Feb 19, 2024 By Stu Sjouwerman In KnowBe4
New data on how organizations are able to respond to ransomware attacks also shows that paying a ransom is highly likely, despite having a policy of “Do Not Pay.” New research from security vendor Cohesity says organizations are overconfident in their ability to recover from a ransomware attack. According to the data: And even if you do have an outstanding recovery plan, when’s the last time you tested it?
Read Post
Featured Post
ThreatQuotient

Leveraging Threat Intelligence for Regulatory Compliance

Feb 16, 2024 By Cyrille Badeau, Vice-President International Sales In ThreatQuotient
The US Government recently announced that state-sponsored Chinese cyber group Volt Typhoon has compromised multiple critical infrastructure organisations' IT networks in the US and is preparing "disruptive or destructive cyber attacks" against communications, energy, transport, water and waste water systems. The announcement, which was supported by national cybersecurity agencies in Australia, Canada, UK, and New Zealand, is a sobering reminder that modern life relies on digital networks. From healthcare, banking, and socialising, to energy, water, local and national government - everything has a digital aspect.
Read Post
Forescout

Department of Justice disrupts Moobot botnet commandeered by Russian APT28: analysis of attacks against routers and malware samples

Feb 16, 2024 By Forescout Vedere Labs In Forescout
On February 15, the US Department of Justice announced “Operation Dying Ember”: the takedown of a botnet controlled by APT28, the Russian military cyber threat actor also known as Fancy Bear. APT28 was previously known for developing the VPNFilter botnet, which targeted routers and network attached storage devices and was also disrupted by the DoJ in 2018.
Read Post
knowbe4

Messaging Platform Telegram Sprouts Cyber Crime "Marketplaces" of Tools, Insights and Data

Feb 16, 2024 By Stu Sjouwerman In KnowBe4
Cybercriminals are taking advantage of the messaging platform Telegram by creating channels and groups where learning and commerce all can take place freely. We’ve long known the dark web to be the back shadowed corner of the Internet where cybercriminals go to do business. But we’ve seen more examples of marketplaces frequented by threat actors shifting to the open web. One of the latest is the continued misuse of messaging platform Telegram.
Read Post
Subscribe to Malware

Copyright © 2024 OpsMatters™. All rights reserved.