You are here

Home » Cybersecurity

Cybersecurity

Security Awareness – Organizations Continue to Fall Victim to Email Phishing Attacks

Email-borne cyber threats remain one of the most prevalent avenues for threat actors to target organizations and are thus a major headache for companies. A new report from Cyren and Osterman Research found that companies are spending an average of 3,850 hours per year responding to compromises caused by email-borne attacks. The most common breach vector the study found was compromised Office 365 login credentials. Email-based account compromise can lead to financial scams, business email compromise (BEC), and the deployment of ransomware.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - April 26, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Alerts, Updates, and Bulletins:

FBI FLASH - BlackCat/ALPHV Ransomware Indicators of Compromise

The FBI has published a TLP:WHITE FLASH providing indicators of compromise associated with BlackCat/ALPHV ransomware. The Flash notes that BlackCat/ALPHV threat actors operate as a ransomware as a service (RaaS) organization and since March 2022 have compromised at least 60 entities worldwide. The group is reportedly the first successful ransomware entity to employ the RUST programing language, which is considered to be more secure.

Joint Cybersecurity Advisory – Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

The cybersecurity authorities of the U.S., Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory (CSA) (AA22-110A) to warn organizations of the potential for increased Russian malicious cyber activity as a response to the unprecedented economic costs imposed on Russia as well as the materiel support provided by the U.S. and its allies and partners. Members are encouraged to review the advisory and immediately take action to protect against and mitigate this activity.

Security Awareness – Social Media Among Top Brands Impersonated in Phishing Attacks

Phishing attacks continue to be one of the one of the most common entry vectors for threat actors. Brand impersonation attacks, when adversaries attempt to mimic a website or domain of a well-known brand by using a similar domain name and webpage designed like the actual site, remain one of the most pernicious forms of phishing. A recent report from the IT company Check Point identifies the top brands criminals impersonated in brand phishing attacks in the first quarter of 2022.

Security Awareness – Cyber Criminal Groups Expand Working Relationship

Security researchers have uncovered technological and financial links between the Karakurt cyber crime group and the Conti and Diavol ransomware gangs, allowing these threat actors to expand their operations and target additional victims. Karakhurt is a financially motivated threat actor, first identified last summer, and it was previously believed that the group focused exclusively on data exfiltration. However, the group’s link to Conti and Diavol suggest it is expanding its tactics and operations.

Joint Cybersecurity Advisory – North Korean State-Sponsored APT Targets Blockchain Companies

The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, and the U.S. Department of Treasury, have published a joint Cybersecurity Advisory on tactics, techniques, and procedures associated with a North Korean state-sponsored advanced persistent threat (APT) group as well as warning that the group is targeting blockchain companies. This North Korean APT group, commonly tracked as the Lazarus Group, uses spear phishing and social engineering to trick individuals into downloading trojanized cryptocurrency applications onto their operating system.

Pages

Subscribe to Cybersecurity