Security News > 2022

Currently GitHub partners with service providers to flag leaked credentials on all public repos through its secret scanning partner program. Figure A. GitHub launched the secret scanning for public repositories as a beta this month.

According to NCC Group's Global Threat Intelligence team, November saw a 41% increase in ransomware attacks from 188 incidents to 265. In its most recent Monthly Threat Pulse, the group reported that the month was the most active for ransomware attacks since April this year.

The Vice Society ransomware operation has switched to using a custom ransomware encrypt that implements a strong, hybrid encryption scheme based on NTRUEncrypt and ChaCha20-Poly1305. According to cybersecurity firm SentinelOne, which discovered the new strain and named it "PolyVice," it's likely that Vice Society sourced it from a vendor who supplies similar tools to other ransomware groups.

Brave Software developers have created a new privacy-centric database query system called FrodoPIR that retrieves data from servers without disclosing the content of user queries. [...]

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate's organizational hierarchy, alongside unraveling its role as an affiliate for mounting ransomware attacks. The highly active threat group, also known as Carbanak, is known for employing an extensive arsenal of tools and tactics to expand its "Cybercrime horizons," including adding ransomware to its playbook and setting up fake security companies to lure researchers into conducting ransomware attacks under the guise of penetration testing.

The notorious FIN7 hacking group uses an automated attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size. Next, FIN7's internal 'marketing' team scrutinizes new entries and adds comments on the Checkmarks platform to list victims' current revenue, number of employees, domain, headquarters details, and other information that helps pentesters determine if the firm is worth the time and effort of a ransomware attack.

According to analysis by cloud security startup Wiz and EY, 93 percent of cloud environments were vulnerable to the Log4Shell vulnerability. It's a challenge that existing tools struggle with, argues Wiz product vice president Yinon Costica, who points out that these have been adapted ad-hoc from an established computing model not built with cloud security in mind.

As the internet continues to expand and connect more people and devices than ever before, the need for effective cyber threat intelligence sharing has never been greater. In today's interconnected world, a threat to one organization can quickly become a threat to many others, making it essential for businesses and other organizations to share information and work together to stay safe online.

Study to ace five cybersecurity certification exams Dive into CompTIA, NIST, CISSP and more with the online training offered in The 2022 Ultimate Advanced CyberSecurity Professional Certification Bundle. Rather than hire an expensive IT or cybersecurity team, why not learn the defense skills you need yourself? You can do so with The 2022 Ultimate Advanced CyberSecurity Professional Certification Bundle.