You are here

Home » Cybersecurity

Cybersecurity

Threat Awareness – Anchor Malware

Cybersecurity researchers have uncovered a new version of the Anchor malware that has been observed targeting Windows systems. Anchor is a backdoor malware that was first spotted in 2018 and helped threat actors communicate with C2 servers to ultimately deploy Conti ransomware. Anchor has been used to target multiple critical infrastructure sectors. This new variant, dubbed AnchorMail, employs an email-based C2 server and communicates via the SMTP and IMAP protocols over TLS. This helps threat actors avoid detection from common email-based security protocols.

Cybersecurity Resilience – NSA Releases Network Infrastructure Best Practices

The National Security Agency (NSA) has just released a new report, Network Infrastructure Security Guidance, to help cybersecurity professional implement network security best practices. Procedures for securing networks are constantly evolving as new vulnerabilities are exploited by adversaries, new security features are implemented, and new methods of securing devices are identified. Consequently, this report focuses on the design and configurations that protect against common vulnerabilities and weaknesses on existing networks.

Ransomware Resilience – NIST Publishes Ransomware Risk Management: A Cybersecurity Framework Profile

The National Institute of Standards and Technology (NIST) just published the final version of its ransomware guide, Ransomware Risk Management: A Cybersecurity Framework Profile (NISTIR 8374), to help organizations and individuals manage the risk of ransomware incidents. This ransomware report identifies the Cybersecurity Framework Version 1.1 security objectives that support identifying, protecting against, detecting, responding to, and recovering from ransomware incidents. The profile can be used as a guide for understanding the ransomware threat and managing the risk from it.

Improving Phishing Awareness to Prevent Ransomware Attacks

The cybersecurity company Proofpoint recently released its annual report on user phishing awareness, vulnerability, and resilience. According to the report, 78 percent of organizations experienced email-based ransomware attacks in 2021, while 77 percent saw business email compromise attacks (BEC) increase 18 percent compared to 2020. These results demonstrate the continuing focus of adversaries to compromise users via non-technical social engineering tactics compared to exploiting technical vulnerabilities.

Ransomware Awareness – Microsoft Exchange Vulnerabilities Exploited to Deliver Cuba Ransomware

The Cuba ransomware group is exploiting Microsoft Exchange vulnerabilities to gain initial access to enterprise networks and eventually deploy ransomware, according to security researchers at Mandiant. Cuba ransomware has been around since 2019, but their activity increased in 2021 prompting the FBI to issue a FLASH advisory.

Joint Cybersecurity Advisory: New Sandworm Malware Cyclops Blink Replaces VPNFilter

The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, the National Security Agency (NSA), and the United Kingdom’s National Cyber Security Centre (NCSC-UK), have just released a joint Cybersecurity Advisory regarding a threat actor known as Sandworm (a.k.a., Voodoo Bear, Static Kitten, et. al.) that has been observed using a new malware, referred to in the advisory as Cyclops Blink. Government agencies have previously attributed the Sandworm actor to Russian intelligence services.

Security Awareness – Phishing Method Exploits Remote Access to Circumvent MFA

A new phishing technique is helping threat actors bypass multi-factor authentication (MFA) by tricking victims into logging into their accounts directly on adversary-controlled servers using the VNC screen sharing system. MFA protocols have become one of the best defenses against phishing compromises and other malicious cyber activity.

Pages

Subscribe to Cybersecurity