Security News > 2022 > June

The firm has been delivering OT solutions since its foundation back in 1903, introducing the first PLC back in the 70's, and linking the plant floor and the information world in the late 80's. It started to deliver network and security services in the OT space in the 2000's and more recently delved deeper into cybersecurity through the acquisition of several smaller security and cloud companies in this sector. It's the first thing which makes OT networks different from IT - OT networks are often full of a lot of very old kit.

Credential stuffing is a technique by which attackers try likely username and password combinations until they gain access to one or more accounts. A 2021 study by Specops Software found that users often use the name of their favorite band as their password AC/DC, Metallica, and KISS were all popular password choices.

If claims hold true, AMD has been targeted by the extortion group RansomHouse, which says it is sitting on a trove of data stolen from the processor designer following an alleged security breach earlier this year. The data was stolen from AMD in January, according to the group.

The Raccoon Stealer malware is back with a second major version circulating on cybercrime forums, offering hackers elevated password-stealing functionality and upgraded operational capacity. The Raccoon Stealer operation shut down in March 2022 when its operators announced that one of the lead developers was killed during Russia's invasion of Ukraine.

A determined and sophisticated cyber attacker's first step will be to model their likely attack path through your systems, plotting the most fruitful route to whichever of your digital assets they've got their eye on. Doesn't it make sense that you should be doing exactly the same thing? That you should be simulating the attack paths that can lead to your key assets, and working out the associated risks and potential impact? And using this insight to neutralize them before attackers can take advantage?

Shrav Mehta, CEO, Secureframe, outlines the top six bad habits security teams need to break to prevent costly breaches, ransomware attacks and prevent phishing-based endpoint attacks. Bad security habits, such as using the same password more than once may seem innocuous, but unchecked bad behavior or security habits can leave your organization open to a devastating breach.

A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. In a new campaign discovered by TrustWave, threat actors use chatbots to steal credentials for managers of Facebook pages, commonly used by companies to provide support or promote their services.

A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages. In a new campaign discovered by TrustWave, threat actors use chatbots to steal credentials for managers of Facebook pages, commonly used by companies to provide support or promote their services.

Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP application and using it as a springboard plant malware on targeted systems. The Mitel focuses on VoIP technology allowing users to make phone calls using an internet connection instead of regular telephone lines.

Russia-linked cyber collective Killnet has claimed responsibility for DDoS attacks Monday on the Lithuanian government and other entities in the Baltic country over closure of transit routes within the Russian exclave of Kaliningrad, according to researchers. On Monday, Lithuania's National Cyber Security Center under the Ministry of National Defense warned of intense and ongoing DDoS attacks against Lithuania's Secure National Data Transfer Network as well as other governmental institutions and private companies in the country.