Security News > 2022 > August

Like Private Internet Access, are expanding their ability to provide location shifting and creating a whole new reason for users to turn to VPNs. Here's an overview of the data privacy benefits of today's commercial VPN services and how PIA is elevating location shifting into the next must-have VPN feature. The core purpose of a VPN is to encrypt data as it passes through the networks that make up the internet.

According to a new Tessian report, 30% employees do not think they personally play a role in maintaining their company's cybersecurity posture. This Help Net Security video reveals why strong security culture is important in maintaining a strong security posture.

In this Help Net Security video, Ax Sharma, Senior Security Researcher at Sonatype, discusses newly found PyPI packages that pack ransomware, and another package that appears to be safe but...

The U.S. Cybersecurity and Infrastructure Security Agency on Thursday added two flaws to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The two high-severity issues relate to weaknesses in Zimbra Collaboration, both of which could be chained to achieve unauthenticated remote code execution on affected email servers -.

With the continued rise in adoption of cloud services, bad actors are utilizing the InterPlanetary File System as a new playing ground for phishing attacks. Trustwave SpiderLabs has found that in the past 90 days, more than 3,000 emails contain phishing URLs utilizing IPFS to lead to fake Outlook login and other web pages.

Avast released a report revealing a significant increase in global ransomware attacks, up 24% from Q1/2022. After months of decline, global ransomware attacks increased significantly in Q2/2022, up 24% from the previous quarter.

Businesses are increasingly concerned about how they will meet ransomware demands. Only 19 percent of those surveyed have ransomware coverage limits above $600,000, while over half hoped the government would cover damages when future attacks are linked to other nation-states, according to BlackBerry Limited and Corvus Insurance.

Network professionals feel confident with their security and compliance practices but data suggests that they also leave their organizations open to risk, which is costing a significant amount of revenue, according to Titania. Companies are prioritizing firewall security and chronicle a fast time to respond to misconfigurations when detected in annual audits.

Three different offshoots of the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks. "Three autonomous threat groups have since adopted and independently developed their own targeted phishing tactics derived from the call back phishing methodology," cybersecurity firm AdvIntel said in a Wednesday report.

Threat actors associated with the Cuba ransomware have been linked to previously undocumented tactics, techniques and procedures, including a new remote access trojan called ROMCOM RAT on compromised systems. In the intervening months, the ransomware operation has received an upgrade with an aim to "Optimize its execution, minimize unintended system behavior, and provide technical support to the ransomware victims if they choose to negotiate," per Trend Micro.