Update as of December 17, 2020 A consortium of industry vendors including Microsoft and Google have actively been working to circumvent the ability of SUNBURST to successfully activate and attack. Microsoft was able to gain possession and control over a key domain - avsvmcloud[.]com - which the SUNBURST attack binaries use to get Command and Control (C&C) information. Without this C&C connectivity, the SUNBURST system remains in an inactive state if it has not yet become active within an.
Is It Time For CEOs To Be Personally Liable For Cyber-Physical Security Incidents? In a recent Gartner press release written in an article September 1st Gartner predicts 75% of CEOs will be personally liable for cyber-physical security incidents by 2024. The famous last words “I wasn’t aware” or “ Oh that’s our CISO, they handle this” can no longer be handed that hall pass. What’s that old saying about ignorance of the law? While ignorance is bliss said Cypher in the movie Matrix, we can no.
Threat actors keep stepping up their game in November 2020 PyXie (aka GOLDEN DUPONT) PyXie has conducted successful ransomware campaigns since 2018, counts healthcare, educational, government, and technology organizations and companies among its favorite targets. In its attacks, the group used the Vatet loader which was created by combining and altering the original application of various open-source tools, turning into a highly-effective attack tool. The loader executes payloads such as Cobalt.
During October 2020, there were some major developments in cybercrime, with ransomware groups stepping up their game and new malware strategies being used. In this monthly wrap-up, we will have a closer look at threat actors Egregor and Trickbot, malware GravityRAT, MosaicRegressor, and IPStorm. Egregor Posts Stolen Data Ransomware groups stepped up their game. The Egregor ransomware group started posting stolen data belonging to Barnes & Noble customers on its dark web domain when the US.
Cybersecurity can be a tricky thing. Gaining information about an environment through internal and external testing can take a wide variety of forms and generate an overwhelming amount of data in the process. From Pen-Testing to Vulnerability Scanning, from Incident Response exercises to Breach and Attack Simulation; the details generated on every aspect of a cyber infrastructure can outpace the ability of the humans who have to make decisions to properly and completely ingest and analyze the.
In September 2020, cybercrime caused the death of an innocent victim. A patient suffering from a life-threatening illness had to be turned away from a hospital in the city of Düsseldorf since the systems had been blocked due to a ransomware attack. This forced the ambulance transporting her, to drive to a hospital in the nearby city of Wuppertal. The patient died on the way. The threat actors breached the hospital using a hole in Citrix software. Hospitals remain a popular target, even in.
Editor's note: Due to the sensitive nature of the topic of this post, Cymulate will not be placing our usual advertising information inside and at the end of the post. We stand with the hospital, emergency services workers, and the family of the victim in recognizing the gravity of this issue. Contact information for Cymulate can be found at the top and bottom of every page of our site, and so we will be presenting this post as-is. Unfortunately, the time has come to answer a question I get on.
A moment of candor - at first look I didn’t get the National Institute of Standards and Technology (NIST) Cyber Security Framework. It just looked like a list of sensible things to do. Being in the Cyber industry for more years than I care to mention, I have seen it grow from its infancy. Well, I was fortunate to play around with Checkpoint Firewall-1 when it was released as a set of floppies and ran on Solaris. Alongside the amazing development of the cyber security industry I also witnessed.
August 2020 was a hot month, with cybercrime heating up as well. Ransomware attacks became more sophisticated, more incidents of cyber espionage were reported, and there were some major data breaches. The month started with the notorious ransomware group Maze stealing 10TB of data from Canon during a ransomware attack. On August 12, cybercrooks posed as Ritz employees to obtain an unknown amount of personal data of guests in London’s The Ritz, including credit card information. Around the.
Continuing with our series of questions from readers and users of the Cymulate BAS Platform, let's take a look at this user question: "What happens during a Web Gateway Assessment?" When looking at Web Gateways, there are often a lot of "moving parts."Most people think of firewalls when thinking of a web gateway, and the firewall and its technologies are a critical component of a web gateway overall, but there are several other components to take into account when assessing the security of.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips