Security News > 2022 > June

Even Sanmina customers use varying file sharing tools, creating another data sprawl issue company has to adapt to. He doesn't necessarily call it a worry - he believes Sanmina has it under control - but in such a highly distributed corporate environment, making sure they know here the data is is his largest focus.

The world's largest nonprofit association of certified cybersecurity professionals,2, estimates we've had a YOY increase of 7,000 cybersecurity professionals and that currently, over four million people work in cybersecurity worldwide. Organizations have multiple opportunities to close the cybersecurity gap, starting with reducing the time it takes to fill new cybersecurity positions.

LNKs are Windows shortcut files that can contain malicious code to abuse legitimate tools on the system, the so-called living-off-the-land binaries, such as PowerShell or the MSHTA that is used to execute Microsoft HTML Application files. Researchers at Cyble have spotted a new tool for creating malicious LNKs called Quantum, which features a graphical interface and offers convenient file building through a rich set of options and parameters.

How to import passwords into 1Password We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Which password manager should you use? The good news is that whatever password manager you start using, you can always migrate to a new one with more features and more security, such as 1Password.

Nichirin-Flex U.S.A, a subsidiary of the Japanese car and motorcycle hose maker Nichirin, has been hit by a ransomware attack causing the company to take the network offline.The firm's website had to be taken down temporarily until experts were able to determine the extent of the ransomware attack impact, but it's now back online.

A new report from Cisco Talos Intelligence Group exposes new tools used in Avos ransomware attacks. The threat actor provides a control panel for the affiliates, a negotiation panel with push and sound notifications, decryption tests, and access to a diverse network of penetration testers, initial access brokers and other contacts.

Two Chinese hacking groups conducting cyber espionage and stealing intellectual property from Japanese and western companies are deploying ransomware as a decoy to cover up their malicious activities. Threat analysts from Secureworks say that the use of ransomware in espionage operations is done to obscure their tracks, make attribution harder, and create a powerful distraction for defenders.

Advanced persistent threat group Fancy Bear is behind a phishing campaign that uses the specter of nuclear war to exploit a known one-click Microsoft flaw. Fancy Bear is also known as APT28, Strontium and Sofacy.

In slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB's noted in its latest report detailing the workings of one of the most prolific ransomware / extortion gangs out there. By the end of 2021, Conti came out on top as one of the largest and most aggressive groups, having published data belonging to 530 companies on its DLS. In just four months in 2022, the group posted information belonging to 156 companies, making for a total of 859 DLS victims in two years, including 46 in April 2022.

A new phishing campaign is targeting users on Microsoft 365 while spoofing the popular MetaMask cryptocurrency wallet provider and attempting to steal recovery phrases. The phishing email, appearing to be sent from MetaMask support, spoofs a Know Your Customer verification request and features convincing branding and no typos or other obvious scam giveaways.