Security News > 2023 > February

Lifetime VPNSecure subscriptions are now just $39.99 Secure your internet connection now with VPNSecure while it's still on sale. Normally worth $1,194, a lifetime subscription is now only $39.99 for a limited time at TechRepublic Academy.

The State Cyber Protection Centre of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon for its targeted cyber attacks on public authorities and critical information infrastructure in the country. All the analyzed VBScript droppers and PowerShell scripts, per SCPC, are variants of GammaLoad and GammaSteel malware, respectively, effectively permitting the adversary to exfiltrate sensitive information.

Teams of hackers defend their own computers while attacking other teams'. It's a controlled setting for what computer hackers do in real life: finding and fixing vulnerabilities in their own systems and exploiting them in others'.

Super Bock Group, Portugal's largest beverage biz, is warning of potential interruption to supplies as it manages the fallout from cybercrooks attacking its tech infrastructure. "The situation causes major restrictions in its supply chain operation to the market of some of its products in the different marketing channels," it added in a Portuguese post translated into English.

Despite growing attention and budgets for cybersecurity in recent years, attacks have only become more common and more severe. It's easy to assume that the solution to the cybersecurity problem is money- to hire more security experts, to invest in more tools and technology.

A new intelligence gathering campaign linked to the prolific North Korean state-sponsored Lazarus Group leveraged known security flaws in unpatched Zimbra devices to compromise victim systems. Targets of the malicious operation included a healthcare research organization in India, the chemical engineering department of a leading research university, as well as a manufacturer of technology used in the energy, research, defense, and healthcare sectors, suggesting an attempt to breach the supply chain.

Help Net Security is attending the Cybertech Tel Aviv 2023 conference and exhibition, which gathers cybersecurity experts, businesses and startups from around the world. Here are a few photos from the event, featured vendors include: DarkOwl, ThriveDX, Minerva Labs, Astrix Security, Ox Security, Waterfall Security, Cynet, Cyber 2.0, Acronis, CyberArk, Israel Aerospace Industries, SafeBreach, Silverfort, CYREBRO. Part 1 of the photos is available here.

At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "Elusive and severe threat" dubbed HeadCrab since early September 2021. The findings come two months after the cloud security firm shed light on a Go-based malware codenamed Redigo that has been found compromising Redis servers.

During the first half of 2022, we saw the emergence of the first trinity attack that used three TTPs from the OWASP list. While our tracking revealed these attacks only represented a small proportion of the attacks monitored - 100 million - the rate of trinity attacks was consistent throughout the year, indicating that it must be paying off as a technique.

Companies are challenged with more complex hybrid IT environments. They are raising budgets to fend off cyberattacks and keep up as production environments continue to diversify across various clouds, according to Veeam Software.