You are here

Home » Cybersecurity

Cybersecurity

Cyber Threat Intelligence - The Importance of OSINT for ICS

Adversaries do not usually have to work too hard to discover valuable information to plan and execute attacks against their targets. Even threat actors targeting ICS are able to find plenty of open source information during their reconnaissance phase to disrupt operational functions. For example, Dragos observed adversaries conducting ICS-targeting activities that sought data about energy infrastructure and physical processes necessary to recover from a compromise.

FBI PIN: Egregor Ransomware Targets Businesses Worldwide, Attempting to Extort Businesses by Publicly Releasing Extorted Data

The FBI has published a Private Industry Notification (PIN) on the Egregor ransomware, noting that the threat actors behind this operation have so far claimed to have compromised over 150 victims worldwide. The PIN provides an overview of the Egregor operation, observing that once a victim company’s network is compromised the threat actors exfiltrate and encrypt files on the network. The threat actors then demand a ransom payment for the return of the exfiltrated files and decryption of the network.

FBI Tech Tuesday on Building a Digital Defense against Tech Support Fraud

As part of its Tech Tuesday series, the FBI's Portland, Oregon office has published an article on building a digital defense against tech support fraud, which is an especially relevant topic now given that many people received new electronic gadgets over the holidays. In one version of the scam, the user of the new device scans the internet for help on how to use it, which could lead them to illegitimate websites. In the second scenario, the scam starts with the fraudster contacting the user first, pretending to represent a well-known, reputable tech company.

NSA Releases Guidance on Eliminating Obsolete TLS Protocol Configurations

The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet on eliminating obsolete Transport Layer Security (TLS) configurations. The information sheet identifies strategies to detect obsolete cipher suites and key exchange mechanisms, discusses recommended TLS configurations, and provides remediation recommendations for organizations using obsolete TLS configurations. Access the CSI sheet at the NSA.

Recent Swatting Attacks Targeting Camera and Voice-Capable Smart Devices

The FBI has issued a Public Service Announcement (PSA) warning users of smart home device with cameras and voice capabilities to use complex, unique passwords and enable two-factor authentication to help protect against “swatting” attacks. Smart home device manufacturers recently notified law enforcement that offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities and carry out these attacks.

Most Dangerous Online Threats to Businesses

An article in the Latest Hacking News outlines the greatest online threats that businesses should be prepared for. It notes that as every day passes, more and more information is being transferred into an online format. While this allows for more efficient handling, greater utilization of information, and overall improved productivity, it does come at a risk. Any time that information is aggregated into one place, there is an increased security risk against that system.

Microsoft and McAfee Part of New Ransomware Task Force

A group made up of 19 security firms, tech companies, and non-profits, headlined by big names such as Microsoft and McAfee, have announced plans to form the Ransomware Task Force (RTF), a new group that will focus on assessing existing technical solutions that provide protections during a ransomware attack. The end result should be a standardized framework for dealing with ransomware attacks across verticals, one based on an industry consensus rather than individual advice received from lone contractors.

Ransomware Prevention for Businesses

The Federal Trade Commission (FTC) has posted a blog with tips for preventing ransomware infections at businesses. The blog begins with an overview of ransomware, reminding its readers that attacks aren’t just directed at large corporations and adding, “every company is a potential target.” After going through a list of steps to take to protect against ransomware, the blog addresses the potentially tricky question of whether to pay. On this, it notes that, for one thing, paying the ransom doesn’t guarantee the victim will get their data back.

Widespread Malware Campaign Seeks to Silently Inject Ads into Search Results, Affecting Multiple Browsers

Microsoft has discovered that a persistent malware campaign has been actively distributing an evolved browser modifier malware at scale since at least May 2020. The malware is designed to inject ads into search engine results pages. The threat affects multiple browsers, including Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox.

Pages

Subscribe to Cybersecurity