The Attack in Plain English Last Tuesday March 2nd Microsoft announced that a Chinese Nation-State actor they called HAFNIUM had been utilizing four zero-day vulnerabilities on premises version of Microsoft Exchange. Microsoft and other researchers say that the Chinese government had successfully penetrated and expanded into what was initially thought to be around 30,000 US companies and organizations. Since then, the number has been expanded to 60,000 companies and includes companies.
February 2021 remained active by threat actors, launching cyberattacks and new malware strains. We saw that organizations working on COVID-19 vaccines remained popular targets. During the month, threat actors attacked an Oxford University lab, which is researching and producing COVID-19 vaccines. They were able to gain access to its internal systems, including machines used to prepare biochemical samples. In addition to Oxford University, due to the COVID-19 pandemic, overworked hospitals.
In January 2021, cybercrime kept thriving, also exploiting the current COVID-19 pandemic for personal gain with hackers leaking stolen Pfizer COVID-19 vaccine data online. Stolen Data from Pfizer/BioNTech Servers The threat actors breached the European Medicines Agency (EMA) and stole part of its Pfizer/BioNTech COVID-19 vaccine data from its servers. The stolen data included email screenshots, EMA peer review comments, Word documents, PDFs, and PowerPoint presentations. Some of the stolen.
How to Optimize your SOC If you’re here, you are looking for the “3 step magic process” that will instantly optimize your Security Operations Center (SOC) to be a premier Cybersecurity SOC right? Ok let us do that together. Though to do that let us make sure we all are on the same page about what the SOC should be doing vs what the SOC is doing to protect your organization from today’s cybersecurity threats. For that we have to turn to Lebron James. He is the best basketball player in the.
Threat actors were active as ever during December 2020, ending an already difficult year with a major ramification. TA542 Back with a Vengence Let’s start with the threat group TA542 (aka Mummy Spider, ATK 104, and Mealybug) that came back after a month and a half break. The group relaunched its Emotet botnet, delivering documents with malicious macros that once enabled, connected to seven malicious domains to download the Emotet payload. Some of the victims included Lithuania's National.
A few days before Christmas, the domain registrar and hosting service GoDaddy came under fire in the press and social media for phish-testing their users with a fake email which made it look like they were getting a US$650 bonus for the holidays. While the methodology used can and does need to be done better in future, the test itself raises some serious questions for corporate cybersecurity professionals and regular users alike. Here's What Happened: GoDaddy's cybersecurity team sent an.
Update as of December 17, 2020 A consortium of industry vendors including Microsoft and Google have actively been working to circumvent the ability of SUNBURST to successfully activate and attack. Microsoft was able to gain possession and control over a key domain - avsvmcloud[.]com - which the SUNBURST attack binaries use to get Command and Control (C&C) information. Without this C&C connectivity, the SUNBURST system remains in an inactive state if it has not yet become active within an.
Is It Time For CEOs To Be Personally Liable For Cyber-Physical Security Incidents? In a recent Gartner press release written in an article September 1st Gartner predicts 75% of CEOs will be personally liable for cyber-physical security incidents by 2024. The famous last words “I wasn’t aware” or “ Oh that’s our CISO, they handle this” can no longer be handed that hall pass. What’s that old saying about ignorance of the law? While ignorance is bliss said Cypher in the movie Matrix, we can no.
Threat actors keep stepping up their game in November 2020 PyXie (aka GOLDEN DUPONT) PyXie has conducted successful ransomware campaigns since 2018, counts healthcare, educational, government, and technology organizations and companies among its favorite targets. In its attacks, the group used the Vatet loader which was created by combining and altering the original application of various open-source tools, turning into a highly-effective attack tool. The loader executes payloads such as Cobalt.
During October 2020, there were some major developments in cybercrime, with ransomware groups stepping up their game and new malware strategies being used. In this monthly wrap-up, we will have a closer look at threat actors Egregor and Trickbot, malware GravityRAT, MosaicRegressor, and IPStorm. Egregor Posts Stolen Data Ransomware groups stepped up their game. The Egregor ransomware group started posting stolen data belonging to Barnes & Noble customers on its dark web domain when the US.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips