Security News > 2022 > July

SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022. In an interview with The Register, SonicWall CEO Bill Conner noted that factors including the Russia and Ukraine conflict as well as the activities of law enforcement agencies had at least partially caused the drop but warned: "I think in the next six to 12 months you're going to see ransomware come back strong as the state of affairs settle into whatever this new norm is."

SANS provides broad range of immersive, flexible learning experiences taught by active practitioners on the front lines of global cyber security. As a student, you get the skills and certifications you need plus support and community engagement from other dedicated cyber security professionals.

A strong account lockout policy is one of the most effective tools for stopping brute force authentication attempts on Windows domains. As an alternative, you can force an account lockout to remain in effect until an administrator unlocks the account by setting the account lockout duration value to 0.

The No More Ransom project celebrates its sixth anniversary today after helping millions of ransomware victims recover their files for free. "Six years later, No More Ransom offers 136 free tools for 165 ransomware variants, including Gandcrab, REvil/Sodinokibi, Maze/Egregor/Sekhmet and more," Europol said Tuesday.

The bloom is back on phishing attacks with criminals doubling down on fake messages abusing popular brands compared to the year prior. Microsoft, Facebook and French bank Crédit Agricole are the top abused brands in attacks, according to study on phishing released Tuesday.

I haven't written about Apple's Lockdown Mode yet, mostly because I haven't delved into the details. Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware.

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. Cybercriminals use botnets for various malicious purposes, most significantly for DDoS attacks against targets.

WithSecure researchers have discovered an ongoing operation, dubbed "DUCKTAIL", that targets individuals and organizations operating on Facebook's Ads and Business platform. DUCKTAIL's operations utilize an infostealer malware component that includes functionality specifically designed to hijack Facebook Business accounts.

1Password is a password manager that allows you to store all of your passwords in one place. Most people resort to using the same password across several apps to avoid having to remember multiple passwords.

The U.S. Department of Justice has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui. The DoJ did not disclose where the rest of the payments originated from.