I recently read a technology forum post where a system administrator described symptoms of post-traumatic stress disorder after their company was attacked by ransomware. The recent State of Data Security report from Rubrik Zero Labs even found that 96% of individuals suffered emotional or psychological impacts as a direct result of experiencing a cyberattack.
A rootkit is a malicious software program that helps cybercriminals infiltrate a system and take control. Hackers use rootkits to carry out espionage, data theft, deploy other malware such as ransomware, and all without leaving a trace. Once a rootkit is installed on a device, it can intercept system calls, replace software and processes and be part of a larger exploit kit containing other modules such as keyloggers, data theft malware, or even cryptocurrency mining malware.
Researchers at Lookout Threat Lab have discovered close to 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior such as exfiltrating excessive user data from mobile devices and harassing borrowers for repayment. These apps, which were found in Southeast Asian and African countries, as well as India, Colombia, and Mexico, purportedly offer quick, fully-digital loan approvals with reasonable loan terms.
Ransomware attacks have become so prevalent in recent years that it’s no longer a matter of “if” your business may be the victim of a ransomware attack, but “when.” In fact, in 2021, 37% of global organizations reported that they were the victim of a ransomware attack. To mitigate the impact and probability of ransomware on your business, you must continuously look for new ways to secure your network and maintain continuous cybersecurity monitoring.
The npm CLI has a very convenient and well-known security feature – when installing an npm package, the CLI checks the package and all of its dependencies for well-known vulnerabilities – The check is triggered on package installation (when running npm install) but can also be triggered manually by running npm audit. This is an important security measure that warns developers against using packages with known vulnerabilities.
Kroll analysts have identified new tactics used by threat actors associated with the AvosLocker ransomware. Critical vulnerabilities have been exploited within Veeam Backup and Replication, which may be an attempt to hide activity from detection technologies. The proxy tool “Chisel” has been identified, which can encrypt traffic through a victim’s firewall and could be used as a further evasion technique.
"People tell you who they are, but we ignore it, because we want them to be who we want them to be.” - Don Draper Earlier this year we announced some security enhancements to how we handle submissions to Splunkbase. The simple statement is we are making things faster/cheaper/better where Splunkbase security is concerned. Faster in that it takes less time for a developer to get an app into our platform. Cheaper in that it’s more automated.
Ransomware attacks continue to make headlines and cause havoc on organizations on an international scale. Unfortunately, we should expect that ransomware attacks will persist as one of the primary threats to organizations. Ransomware attacks have grown 350% in recent years, and while the best strategy is to prevent attacks from happening in the first place, there is no guarantee your data won’t be compromised.
