Security News > 2021 > May

The increasingly defiant attacks on law enforcement agencies underscore how little ransomware gangs fear repercussions. Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they've not seen such aggressive new tactics used before against police departments.

Researchers at anti-malware vendor Kaspersky are documenting a previously unknown Windows rootkit being used in the toolkit of an APT actor currently targeting diplomatic entities in Asia and Africa. Dubbed Moriya, the rootkit provides the threat actor with the ability to intercept network traffic and hide commands sent to the infected machines, thus allowing the attackers to stay hidden within the compromised networks for months.

The DarkSide ransomware gang posted a new "Press release" today stating that they are apolitical and will vet all targets before they are attacked. Today, the DarkSide ransomware gang issued a press statement stating that their organization is 'apolitical' and is not associated with any government.

Tom Merritt lists five things to know about web shells. Recently, the U.S. FBI was given court authorization to delete web shells from Microsoft Exchange servers.

The use of web shells is increasing, which could put your business at risk. Tom Merritt lists five things to know about web shells.

Four individuals from Eastern Europe have pleaded guilty in a United States court to their roles in a RICO conspiracy. Between 2008 and 2015, the four individuals provided "Bulletproof hosting" services that threat actors employed for cyberattacks on entities in the United States.

One financial startup that's targeting the gig worker market is offering up to $500 to anyone willing to hand over the payroll account username and password given to them by their employer, plus a regular payment for each month afterwards in which those credentials still work. On its blog, Argyle imagines a world in which companies choose to integrate its application platform interface and share their employee payroll data.

WAN and SASE solutions provider Aryaka announced that it completed the acquisition of Secucloud, a Germany-based company that has developed a SASE platform. Both companies provide - among several others - cybersecurity services, and Ascend said the deal will enable it to offer a brader portfolio of services and solutions, including network monitoring and cybersecurity assessments.

The pandemic, among other variables, has greatly accelerated cloud adoption for many organizations in 2021. Has your organization made the move to cloud-delivered services? At this point, the advantages of cloud services are unrivaled.

The massive blast radius from the Codecov supply chain attack remains shrouded in mystery as security teams continue to assess the fallout from the breach but a handful of victims are starting to publicly acknowledge possible exposure of sensitive developer secrets. The stealth software supply chain compromise of the Codecov Bash Uploader went undetected since January this year and exposed sensitive secrets like tokens, keys and credentials from organizations around the world.