Security News > 2022 > July

Contrary to most worms, Hopper was built to do good. The development team at Cymulate based Hopper on a common malware stager - a small executable that serves as an initial payload, with its primary objective being to prepare a larger payload. Our stager also serves as a PE packer, a program that loads and executes programs indirectly, usually from a package.

Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency, has warned the UK government that they could be the victim of a 9/11-style cyber-attack unless they face up to the "Magnitude of the threat" posed by ransomware. In agreement with this, Steve Barclay, the UK government Minister responsible for cybersecurity, claims that "The greatest cyber threat to the UK - one now deemed severe enough to pose a national security threat - is from ransomware attacks."

The past few years have clearly demonstrated that the longer it takes to detect malicious activities, the more costly the breach. In this Help Net Security video, Doron Hendler, CEO at RevealSecurity, discusses the insider threat challenge in business processes, and illustrates the depth of the problem.

42% have spent their own money on better tech to work more productively. Conflicting views remain between C-Suite, IT, and employees when it comes to the future of work and technology's role in enabling the culture of hybrid work.

The YouTube takeover replaced the legit account with regalia that faked that used by an investment management firm and filled with more crypto boosterism, namely a video that cut an old chat between Elon Musk and Twitter founder Jack Dorsey into a new and misleading narrative. We are aware of a breach of the Army's Twitter and YouTube accounts and an investigation is underway.

The Privacy Protection Authority in Israel seized servers hosting multiple travel booking websites because their operator failed to address security issues that enabled data breaches affecting more than 300,000 individuals. On Thursday, Israel's The Privacy Protection Authority on Thursday confirmed the cyberattack, which is believed to be the work of an Iranian threat actor, The Times of Israel reports.

Kaspersky has launched a new information hub to help with their open-source stalkerware detection tool named TinyCheck, created in 2019 to help people detect if their devices are being monitored. Since TinyCheck doesn't need to run on the device itself, it can identify stalkerware presence on any mobile OS, including Android and iOS. TinyCheck will only look at the signs of abuse, like which servers receive communication from the device and won't read the contents of the victim's communications, like SMSs and emails.

Microsoft has introduced a new Microsoft Defender for Endpoint feature in public preview to help organizations detect weaknesses affecting Android and iOS devices in their enterprise networks.After enabling the new Mobile Network Protection feature on Android and iOS devices you want to monitor, the enterprise endpoint security platform will provide protection and notifications when it detects rogue Wi-Fi-related threats and rogue certificates.

The latest threat security research into operational technology and industrial systems identified a bunch of issues - 56 to be exact - that criminals could use to launch cyberattacks against critical infrastructure. "Industrial control systems have these inherent vulnerabilities," Ron Fabela, CTO of OT cybersecurity firm SynSaber told The Register.

OT security: Helping under-resourced critical infrastructure organizationsIn this Help Net Security interview, Dawn Cappelli, Director of OT-CERT at the industrial cybersecurity company Dragos, talks about the OT security risks critical infrastructure organizations are facing, offers advice on how they can overcome obstacles that prevent them improving their cybersecurity posture, and explains how the recently set up OT-CERT she's heading can help asset owners and operators of industrial infrastructure. Trends to watch when creating security strategy for the next two yearsExecutive performance evaluations will be increasingly linked to ability to manage cyber risk; almost one-third of nations will regulate ransomware response within the next three years; and security platform consolidation will help organizations thrive in hostile environments, according to the top cybersecurity predictions revealed by Gartner.