Security News > 2022 > February

The shadow foreign secretary for UK's opposition Labour party, David Lammy MP, has asked why the reform of the Computer Misuse Act appears to have stalled in an open letter to government. The letter, published on the Labour Party website, takes the ruling Conservative Party's ministers to task over a range of what Labour sees as a failure to act on various Russia-linked topics.

The widespread malware known as Qbot has recently returned to light-speed attacks, and according to analysts, it only takes around 30 minutes to steal sensitive data after the initial infection. As shown in the following diagram, Qbot moves quickly to perform privilege escalation immediately following an infection, while a full-fledged reconnaissance scan takes place within ten minutes.

Ure continues, "We have to question whether we want to be part of an organisation which allows us to get infected by ransomware." Increasingly, the default framework for addressing them from a security point of view, is Secure Access Service Edge, or SASE. The technological fundamentals of SASE are not hard to grasp.

Business continuity and disaster recovery efforts go hand in hand in this digitized world of ours. More organizations are turning to vendors that provide unified BCDR, which includes backup and disaster recovery and ransomware safeguards as well as disaster recovery as a service, due to the growing amount of data as well as the increasing number of highly sophisticated cyber-attacks taking place against businesses of all sizes.

While the world's leading financial services evolved, so did the criminals who use increasingly sophisticated methods to commit fraud. For years, many of the world's largest financial institutions treated financial fraud and cybersecurity as separate departments with differing roles, responsibilities, and threats.

Starting with the CIS Controls and CIS Benchmarks can help take the guesswork out of your assessment and provide peace of mind that you're covering all of your bases. The CIS Controls Self Assessment Tool helps organizations assess the implementation of the CIS Controls.

Menlo Security announced it has identified a surge in cyberthreats, termed Highly Evasive Adaptive Threats, that bypass traditional security defenses. HEAT attacks are a class of cyber threats targeting web browsers as the attack vector and employs techniques to evade detection by multiple layers in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection.

Data also revealed that 45% of IT leaders have already seen incidents of data exfiltration increase in the last year, as people took data when they left their jobs. 29% employees admitted to having taken data with them when they quit.

A detailed examination of a Pay-per-install malware service called PrivateLoader has revealed its crucial role in the delivery of a variety of malware such as SmokeLoader, RedLine Stealer, Vidar, Raccoon, and GCleaner since at least May 2021. Loaders are malicious programs used for loading additional executables onto the infected machine.

A quantum gate between the ions can be implemented using electric fields. One is a so-called trapped-ion platform, one of the most promising candidates for quantum computing that makes use of ions - atoms that have either a surplus or a shortage of electrons and as a result are electrically charged.