Security News > 2024 > July

The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. Black Basta is a ransomware operator who has been active since April 2022 and is responsible for over 500 successful attacks on companies worldwide.

Theoretically, the threat of ransomware would be more of a costly irritant than a catastrophe; the idea being that if you pay the ransom, the problem goes away. Research from McGrathNicol Advisory found that 73% of Australian organisations that experienced a ransomware attack in the past five years chose to pay the ransom.

Google Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks. As Chrome software engineer Will Harris explained in a blog post published today, Chrome currently uses the most robust techniques provided by each operating system to safeguard sensitive data such as cookies and passwords: Keychain services on macOS, kwallet or gnome-libsecret on Linux, and the Data Protection API on Windows.

The City of Columbus, Ohio, says it's investigating whether personal data was stolen in a ransomware attack on July 18, 2024 that disrupted the City's services. An update published on the City's website yesterday confirms that the City of Columbus suffered a ransomware attack that was successfully thwarted, and no systems were encrypted.

The European Union's General Data Protection Regulation requires every organization that collects sensitive personal data from those residing in the EU to ask for clear and specific consent before collecting that data. The three sample texts, created by Mark W. Kaelin for TechRepublic Premium, will provide a customizable framework for your organization to use and stay compliant.

DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours. DigiCert is one of the prominent certificate authorities that provides SSL/TLS certificates, including Domain Validated, Organization Validated, and Extended Validation certificates.

Insight The developers of EvilProxy - a phishing kit dubbed the "LockBit of phishing" - have produced guides on using legitimate Cloudflare services to disguise malicious traffic. "In recent months, Proofpoint has observed a significant increase in EvilProxy campaigns that use Cloudflare services to disguise their traffic, which prevents automated sandbox detection and ensures only targeted human users interact with the phishing links to receive the credential phishing landing pages," Blackford explained.

One way to do this is by aligning password policies with wider cybersecurity KPIs. Aligning your password policies with wider cybersecurity KPIs lets you prove the value of your investments.

What can I do? If you are a visitor of this website: Please try again in a few minutes. Contact your hosting provider letting them know your web server is not responding.

A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. A majority of the downloads originated from Canada, Germany, Italy, Mexico, Spain, Peru, and the U.K. "The new samples included new layers of obfuscation and evasion techniques, such as moving malicious functionality to obfuscated native libraries, using certificate pinning for C2 communications, and performing a wide array of tests to check if Mandrake was running on a rooted device or in an emulated environment," researchers Tatyana Shishkova and Igor Golovin said.