Cybersecurity

Ransomware Prevention for Businesses

The Federal Trade Commission (FTC) has posted a blog with tips for preventing ransomware infections at businesses. The blog begins with an overview of ransomware, reminding its readers that attacks aren’t just directed at large corporations and adding, “every company is a potential target.” After going through a list of steps to take to protect against ransomware, the blog addresses the potentially tricky question of whether to pay. On this, it notes that, for one thing, paying the ransom doesn’t guarantee the victim will get their data back.

Read more about Ransomware Prevention for Businesses

Widespread Malware Campaign Seeks to Silently Inject Ads into Search Results, Affecting Multiple Browsers

Microsoft has discovered that a persistent malware campaign has been actively distributing an evolved browser modifier malware at scale since at least May 2020. The malware is designed to inject ads into search engine results pages. The threat affects multiple browsers, including Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox.

Read more about Widespread Malware Campaign Seeks to Silently Inject Ads into Search Results, Affecting Multiple Browsers

Steps to Protect against Nation State Attacks

With the recent, high-profile cyber incidents involving FireEye and SolarWinds, Microsoft has shared information and issued guidance about increased activities from a sophisticated threat actor that is focused on high value targets such as government agencies and cybersecurity companies.

Read more about Steps to Protect against Nation State Attacks

Risks Associated with Edge Computing in 5G Networks

Today the Cybersecurity and Infrastructure Security Agency (CISA) released a Critical Infrastructure Security and Resilience Note, Edge vs. Core - An Increasingly Less Pronounced Distinction in 5G Networks, to inform stakeholders about the risks of untrusted components within 5G networks. This product is intended to provide an overview of edge computing and represents CISA’s analysis of the risks associated with installation of untrusted components into 5G infrastructure.

Read more about Risks Associated with Edge Computing in 5G Networks

Australia Launches Cybersecurity Campaign Focused on Ransomware Threats

The Australian Cyber Security Centre (ACSC) has launched a new cyber security campaign encouraging all Australians to protect themselves against online threats, with an accompanying joint announcement from Minister for Home Affairs Peter Dutton and Minister for Defence Linda Reynolds.

Read more about Australia Launches Cybersecurity Campaign Focused on Ransomware Threats

New NIST Guides for Securing Data Integrity against Ransomware Attacks

The National Institute of Standards and Technology (NIST) has released two new guides to help address data integrity challenges poses by ransomware attacks and other “destructive” events, which include destructive malware. Organizations can use the first guide, SP 1800-25, to develop a strategy for identifying and protecting assets against one of these events.

Read more about New NIST Guides for Securing Data Integrity against Ransomware Attacks

Security Awareness – Recent Microsoft 365 Phishing Campaign

Attackers are convincingly mimicking the ‘microsoft[.]com’ domain in a recent phishing campaign. In spite of Microsoft’s reported lack of email spoofing protection mechanisms such as DMARC (Domain-based Message Authentication, Reporting and Conformance), users need to be vigilant for emails appearing to come from Microsoft using a relatively new Microsoft 365 capability to review quarantined messages as a pretext to trick users into following the offered link.

Read more about Security Awareness – Recent Microsoft 365 Phishing Campaign

Qakbot’s New Quip

Once considered a simple information stealing worm, Qakbot has evolved into one of the top quality malware droppers for many cyber attack campaigns. Following the likes of TrickBot, quirky Qakbot is often paired up with post compromise attack platforms such as Cobalt Strike.

Read more about Qakbot’s New Quip

Industry Evangelist Urges Convergence of Cultures

ICS cybersecurity expert Joe Weiss thoughtfully revisits recent posts reflecting on the Aurora incident and others like it. Everyone who knows Joe, knows his passion regarding Aurora-type incidents and how engineering mishaps/failures can seem like (and have the same impact as) cyber attacks and vice versa. When is a failure due to a mechanical issue or a cyber attack – it takes both engineers and cyber analysts to properly investigate and determine.

Read more about Industry Evangelist Urges Convergence of Cultures

Ransomware Awareness – Egregor

While Egregor continues with recent attacks on Kmart, Metro Vancouver's transit system TransLink, and the Randstad staffing agency, Insikt Group researchers at Recorded Future publish a

Read more about Ransomware Awareness – Egregor

You are here

Cybersecurity

Ransomware Prevention for Businesses

Widespread Malware Campaign Seeks to Silently Inject Ads into Search Results, Affecting Multiple Browsers

Steps to Protect against Nation State Attacks

Risks Associated with Edge Computing in 5G Networks

Australia Launches Cybersecurity Campaign Focused on Ransomware Threats

New NIST Guides for Securing Data Integrity against Ransomware Attacks

Security Awareness – Recent Microsoft 365 Phishing Campaign

Qakbot’s New Quip

Industry Evangelist Urges Convergence of Cultures

Ransomware Awareness – Egregor

Pages

You are here

Cybersecurity

Pages

Footer Email Signup