%term

Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances

Aug 31, 2023 By James Liolios In Arctic Wolf

Arctic Wolf has been tracking multiple intrusions where Cisco VPN account credentials were harnessed by Akira ransomware for initial access. In a recent Cisco PSIRT advisory, Cisco stated they were aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations. Our case data supports the observation that affected accounts did not have MFA enabled.

Read Post

Arctic Wolf

Read more about Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances

Coffee Talk with SURGe: 2023-SEPT-05 Mudge Joins CISA, Qakbot Takedown, Infamous Chisel Malware

Aug 31, 2023 By Splunk In Splunk

Grab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge to share their favorite hack of all time before a deep dive on extortionware vs. ransomware.

View Video

Splunk

Read more about Coffee Talk with SURGe: 2023-SEPT-05 Mudge Joins CISA, Qakbot Takedown, Infamous Chisel Malware

JUMPSEC research reveals ransomware attacks rising again

Aug 30, 2023 By Sean Moran In JUMPSEC

In the first half of 2023, UK ransomware attacks rose by 87% and by 37% globally. UK is the most targeted country outside the US and 20% of European ransomware attacks occur there. There has been increased exploitation of the financial services, insurance and IT sectors.

Read Post

JUMPSEC

Read more about JUMPSEC research reveals ransomware attacks rising again

1H 2023 Ransomware Landscape Overview

Aug 30, 2023 By Arctic Wolf In Arctic Wolf

Threat actor groups maintain dark web shame sites to negotiate ransoms with their victims, name them, and leak their data as punishment for not paying. These sites serve as a major tool for threatening victims and securing ransom payments but are not a precise record of global cyber attacks. However, there’s a lot to learn from the dark web behavior observed in the first half of this year to help contextualize the current threat landscape.

Read Post

Arctic Wolf

Read more about 1H 2023 Ransomware Landscape Overview

Harnessing the Power of Rubrik Security Cloud (RSC) Integration with ServiceNow: A Strategic Leap in Data Management

Aug 30, 2023 By Benjamin Troch In Rubrik

With the goal of achieving robust and efficient data management, one cannot overlook the prowess of Rubrik Secure Cloud (RSC), a platform encapsulating a comprehensive suite of GraphQl APIs. As many organizations trust both Rubrik and ServiceNow for their operational needs, blending these two systems creates a potent synergy.

Read Post

Rubrik

Read more about Harnessing the Power of Rubrik Security Cloud (RSC) Integration with ServiceNow: A Strategic Leap in Data Management

Battling malware in the industrial supply chain

Aug 29, 2023 By Irfan Shakeel In AT&T Cybersecurity

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

Read Post

AT&T Cybersecurity

Read more about Battling malware in the industrial supply chain

Rubrik Cyber Recovery Named Gold Winner at VMware Explore 2023

Aug 29, 2023 By Srujana Puttagunta In Rubrik

Las Vegas was buzzing last week with VMware Explore where Rubrik Cyber Recovery snagged the top award in the Business Continuity and Data Protection category. Our excitement continued when Rubrik Data Threat Analytics earned an honorable mention in the Security, Networking, and Edge category!

Read Post

Rubrik

Read more about Rubrik Cyber Recovery Named Gold Winner at VMware Explore 2023

CTI Roundup: An XLoader macOS variant, Lazarus Group Update, and Hackers Abuse Facebook Ads

Aug 29, 2023 By Tanium In Tanium

XLoader macOS variant poses as a productivity app, Lazarus Group uses new malware, and threat actors abuse Facebook promotions to spread malicious code.

Read Post

Tanium

Read more about CTI Roundup: An XLoader macOS variant, Lazarus Group Update, and Hackers Abuse Facebook Ads

The Windows Restart Manager: How It Works and How It Can Be Hijacked, Part 1

Aug 25, 2023 By Mathilde Venault In CrowdStrike

Malware utilizes a multitude of techniques to avoid detection, and threat actors are continuously uncovering and exploiting new methods of attack. One of the less common techniques includes the exploitation of the Windows Restart Manager. To stay ahead of malicious authors, it is important to be aware of them and understand how they work.

Read Post

CrowdStrike

Read more about The Windows Restart Manager: How It Works and How It Can Be Hijacked, Part 1

CTI Roundup: Monti ransomware targets VMware ESXi servers with new Linux locker

Aug 23, 2023 By Tanium In Tanium

Raccoon Stealer malware reappears, AI adoption remains low among threat actors, and Monti ransomware targets VMware ESXi servers with new Linux locker.

Read Post