Blog

August 2020 was a hot month, with cybercrime heating up as well. Ransomware attacks became more sophisticated, more incidents of cyber espionage were reported, and there were some major data breaches. The month started with the notorious ransomware group Maze stealing 10TB of data from Canon during a ransomware attack. On August 12, cybercrooks posed as Ritz employees to obtain an unknown amount of personal data of guests in London’s The Ritz, including credit card information. Around the.

July 2020 might have been hot, and COVID-19 is still rampant, but that did not stop or slow down cybercriminals, on the contrary. Here is a rundown of their activity.  Hancitor and Emotet were used in several campaigns. Hanticor is a notorious downloader spreading through malicious attachments to download data-stealing malware such as Pony and Vawtrak. For the first time, Hanticor used a new three-pronged delivery approach: The use of the uncommon, native Windows CallWindowProc API. Piggyback.

Banking firms have cybersecurity needs that blend traditional financial concerns with retail concerns. This leads to unique cybersecurity issues as IT and Security teams attempt to determine how an attacker could leverage well-known infiltration points (phishing, USB devices, etc.) with industry-specific entry areas such as ATM’s.  Lateral Movement Simulation enables thorough testing of security controls and segmentation policies that are designed to prevent network propagation of a threat.

Cymulate wishes you a cybersafe holiday season! The holiday season is a time of joy and celebration, and as we all know, lots of shopping. With Black Friday, Cyber Monday, and Christmas shopping, the amount of shopping drastically increases, specifically online shopping. In a report released by Deloitte, analysts predict that in 2019, 60% of consumers will make their purchases online and over half of holiday spending is anticipated to take place online. It’s a great season for online retailers,.

The no. 1 barrier to better security testing A recent poll by the SANS Institute found that the top barrier cited by security practitioners to improving their security testing is a “Lack of a systematic approach to defining testing (e.g. lack of testing plan).” In fact, this echoes questions we get from security professionals we meet at conferences, as well as organizations getting started with their own automated security testing. Building a security risk assessment plan So, how do you.

The lead up to this year’s 4th of July has been chockful of cyber events, from cities getting extorted, through triple-threat ransomware, to state-sponsored APT activity. Here’s a recap of last month’s cyber threat highlights. The month started with AMCA (an American billing collections service provider) announcing on June 3 that an unauthorized user had accessed its system containing personal information that AMCA had received from various entities. The personal data of 11.9 million customers,.

March's Cyberattacks In our monthly wrap-up, we cover the latest cyberattacks highlighting the attack methods and payloads used by malicious hackers and cybercriminals. Cybercrooks were very active in March 2019 successfully attacking Asus, Toyota, Jackson County, Earl Enterprise restaurants (e.g., Planet Hollywood), and various other industries.   If we look at the Asus breach, attackers used the Asus’ software update system to distribute their malware to about 1 million Windows computers. It.

To keep on giving our users the necessary tools to boost their cybersecurity posture, the Cymulate Research Lab is constantly searching for new global attacks that can compromise organizations. By adding the latest in-the-wild detected threats, we keep our BAS platform up-to-date. A unique (and highly popular) feature in our platform is the Immediate Threat assessment, which allows organizations to test themselves if they are vulnerable against the latest threats, hours after they are.

In the last few years, APT attacks conducted by individual cybercriminals, organized crime and state-sponsored groups have become prevalent and sophisticated, bypassing standard security controls such as APT, or Advanced Persistent Threat, is a sophisticated attack in which a person or group attains access to a network and remains undetected for an extended period of time.   The DarkHydrus APT Attack Let’s have a closer look at how APT threat actors operate by looking at a recent APT attack,.

  Targeting politicians with cyber-attacks is not new, cybercriminals, hacktivists and rival nations have been doing this for many years. In 2016, Russian hackers allegedly tried to interfere in the 2016 US presidential election. The British parliament was targeted in mid-2017 in an attempt to access the accounts of hundreds of MPs, Lords, aides and staff by the suspected Russia and North Korea. During July 2018, hackers stole 1.5 million accounts patient data in Singapore including those of.