The coming of widespread 5G technology promises more than just faster everything, enhanced capacity and greater reliability.

NetWalker (also known as Mailto) is the name given to a sophisticated family of Windows ransomware that has targeted corporate computer networks, encrypting the files it finds, and demanding that a cryptocurrency payment is made for the safe recovery of the encrypted data.

Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage. Ransomware, for example, usually has no interest in exfiltrating data. As with the Collection tactic, there’s little guidance on how to mitigate an attacker exfiltrating data from the enterprise.

Over the last few weeks, most organisations have had to transition to enable their employees to work remotely. The key focus has been on business continuity during this trying time. Unfortunately, business continuity isn’t so easy. Keeping the day-to-day operations of the business running has been one of the hardest IT challenges that most organisations have faced in the last decade. It’s one for which many organisations might not have had a plan in place.

Big data is revolutionizing fleet management — specifically in the form of telematics. From engine diagnostics that track fuel efficiency and mileage to sensors that detect aggressive driving behavior and interior vehicle activity, this information is so valuable that we’re quickly approaching the point where connected technology will come standard in every vehicle. Telematics is an operational goldmine.

Working remotely, either from home or from elsewhere, isn’t something new. It has been used by many companies worldwide over the past decade. That said, it was typically restricted to only a couple days a month or to specific IT-savvy departments. But as we have seen throughout time, adversity and crisis lead to change and sometimes revolutions in industry, social systems, countries and/or sometimes the entire world. COVID-19 has brought about this level of change.

Only the truly committed ever reach the summit of anything. This sentiment holds true for vulnerability management. An organization cannot reach the summit without a serious commitment to fund and staff the program appropriately across the organization. Reaching ML:5 means tying the program to the business. Everyone must be aligned with the metrics and be ready to find the root cause of any misses so that mitigations can be implemented to alleviate this miss in the future.

May 25, 2020 marks the second anniversary of when the European Union’s General Data Protection Regulation (GDPR) took full effect. Undoubtedly, many organizations have succeeded in achieving compliance with the Regulation by now. But that raises some important questions. What benefits have those organizations experienced in achieving compliance, for instance? Have they encountered any drawbacks along the way?

For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi, and gain unauthorised access to users’ names, email addresses, dates of birth, address and activity history.

The Collection tactic outlines techniques an attacker will undertake in order to find and gather the data they need to meet their actions on objectives. I see most of these techniques as being useful for describing what a piece of malware or threat actor is up to rather than looking to them for guidance on how to mitigate and detect their actions.

It’s DBIR season! Put down your pens, stop watching “The Last Dance” and get to reading the key findings of the 13th edition of the annual Verizon Data Breach Investigations Report!

British low-cost airline group easyJet revealed that an hacking incident had exposed approximately nine million customers’ information.

In this final article of our trilogy, we investigate how a cyber threat intelligence (CTI) analyst and associated programmes provide insight about physical and cyber threats to your organisation. The value of these insights is reflected in the wins, which come as a result of context building, holistic understanding, and enhanced awareness in order to outmanoeuvre malicious actor(s).

The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19).

Government officials said that a glitch in the State of Illinois’ Pandemic Unemployment Assistance (PUA) program exposed thousands of people’s Social Security Numbers (SSNs) and other private data. Jordan Abudayyeh, a spokesperson for Illinois Governor J. B. Pritzer, sent a statement to WBEZ on May 16. In it, she revealed that the Illinois Department of Employment Security (IDES) had learned of a security incident involving its PUA program. As quoted by WBEZ.

In this final part of the series, I discuss why everyone should consider reviewing their OPSEC (Operations Security), not just those with something to hide. If you haven’t read the previous articles then please check them out first (Part I & Part II), as they provide key background information about the techniques discussed in this post.

I usually spend my mornings doing some reading and enjoying my coffee. On this one particular morning, I noticed that I had received an email from a gaming company I had created an account with around 10 years ago for my kids. They had sent me a code to confirm a login that was being done from Thailand. I had forgotten that I had even created the account. The account used a set of my credentials that had been compromised many years ago in one of the many data breaches that occur on a continuous basis.

Newly-discovered zero-day vulnerabilities may generate the biggest headlines in the security press, but that doesn’t mean that they’re necessarily the thing that will get your company hacked. This week, US-CERT has published its list of what it describes as the “Top 10 Routinely Exploited Vulnerabilities” for the last three years.

This new world is putting a strain on organizations’ digital security defenses. First, malicious actors are increasingly leveraging coronavirus 2019 (COVID-19) as a theme to target organizations and to prey upon the fears of their employees. Our weekly COVID-19 scam roundups have made this reality clear. Second, organizations are working to mitigate the risks associated with suddenly having a large remote workforce.

The Cyber Security Body of Knowledge project or CyBOK is a collaborative initiative mobilised in 2017 with an aspiration to “codify the foundational and generally recognized knowledge on Cyber Security.” Version 1.0 of the published output of this consultative exercise was quietly released last year and then more publicly launched in January 2020. Yet, this free and information-packed publication does not appear to have captured the attention it perhaps deserves across the wider industry.

Digital attacks continue to exploit coronavirus 2019 (COVID-19) as part of their malicious operations. On May 5, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) along with the United Kingdom’s National Cyber Security Centre (NCSC) published a joint alert in which they revealed that they had witnessed APT actors targeting local governments, academia and pharmaceutical companies.

For most practical uses today, a combination of hardening and vulnerability detection is required to secure even the most basic digital environment. In each area it is important to see the progress you’re making in these competencies so that you can improve and build on the work you and your team have done over time. But with so many assets in your digital environment, how do you score the effectiveness of these security measures?

Have you ever been around someone who is just better at something than you are? Like when you were in school and there was this person who was effortless at doing things correctly? They had great study habits, they arrived on time, they were prepared and confident in the materials that they studied in class, and they were a consistently high performer at every stage?

Security researchers attributed a spike in Snake ransomware activity to a new campaign that’s targeted organizations worldwide. Snake ransomware first attracted the attention of malware analysts in January 2020 when they observed the crypto-malware family targeting entire corporate networks. Shortly after this discovery, the threat quieted down. It produced few new detected infections in the wild for the next few months.

The Discovery tactic is one which is difficult to defend against. It has a lot of similarities to the Reconnaissance stage of the Lockheed Martin Cyber Kill Chain. There are certain aspects of an organization which need to be exposed in order to operate a business. What is the MITRE ATT&CK™ Framework? - YouTube An error occurred. Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser.

“Never let a good crisis go to waste.” These wise words have been recently attributed to former Bill Clinton Chief of Staff Rahm Emanuel, though Freakonomics actually dates it back to 1976 and a completely different context.

If you’ve read a newspaper or watched the news in the past few weeks, you’ll notice one common topic that all the major news outlets are discussing… COVID-19. Right now, many companies are trying to provide employee guidance during this worldwide pandemic, as governments ask those who can to work from home in an effort to slow the spread.

Malicious actors continue to abuse coronavirus 2019 (COVID-19) as a lure to profit off of innocent people. Indeed, Arkose Labs found that 26.5% of all transactions recorded in Q1 2020 were fraud and abuse attempts—a 20% increase over the previous quarter and the highest attack rate ever observed by the security firm’s researchers. It’s therefore unsurprising that we’ve seen the U.S.

Security researchers observed that digital attackers are increasingly incorporating the reCaptcha API into their phishing campaigns. Barracuda Networks explained that malicious actors are starting to outfit their phishing attempts with reCaptcha walls so that they can shield their landing pages from automated URL analysis tools as well as add a sense of legitimacy to their operations. Some of these efforts have consisted of deploying a fake checkbox and form.