Security News

Publishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. The attack reportedly occurred over the weekend, on Saturday, June 25th, with the company shutting down all of their IT systems to prevent the spread of the attack.

Norway's National Security Authority published a statement yesterday warning that some of the country's most important websites and online services are being rendered inaccessible due to distributed denial of service attacks. DDoS attacks are a special type of cyberattack that causes internet servers to be overwhelmed by many requests and garbage traffic, rendering the hosted sites and services inaccessible for legitimate visitors and users.

Black Lotus Labs, a threat intelligence team within Lumen Technologies, has recently exposed a new modus operandi for an attack campaign that went undiscovered for nearly two years. One of its most intriguing characteristics is that it targets small office / home office routers as an initial point of compromise, in addition to being particularly stealth.

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture. Often, there is a misguided characterization of ransomware attacks that implies defenders either completely thwart an attack or that attackers establish complete control of their targets' IT infrastructure.

OpenSea, the largest non-fungible token marketplace, disclosed a data breach on Wednesday and warned users of phishing attacks that could target them in the coming days. The company's Head Of Security, Cory Hardman, said that an employee of Customer.io, the platform's email delivery vendor, downloaded email addresses belonging to OpenSea users and newsletter subscribers.

The new head of Israel's National Cyber Directorate has announced the nation intends to build a "Cyber-Dome" - a national defense system to fend off digital attacks. Gaby Portnoy, director general of INCD, revealed plans for Cyber-Dome on Tuesday, delivering his first public speech since his appointment to the role in February.

American retailer Walmart has denied being hit with a ransomware attack by the Yanluowang gang after the hackers claimed to encrypt thousands of computers. "We believe this claim is inaccurate and are not aware of a successful attack in this regard on our devices," a Walmart spokesperson told BleepingComputer.

Eighty-two percent of attacks on organizations in Q1 2022 were caused by the external exposure of a known vulnerabilities in the victim's external-facing perimeter or attack surface. "These behaviors are considered 'risky' because the mitigation relies on an organization's continued security vigilance and willingness to enforce consistent standards over long periods of time," said Tetra Defense in the report.

The threat of firmware attacks is a growing concern for IT leaders now that hybrid workers are connecting from home networks more frequently: With hybrid or remote work now the norm for many employees there is a greater risk of working on potentially unsecure home networks meaning that the level of threat posed by firmware attacks has risen. More than eight-in-ten IT leaders say firmware attacks against laptops and PCs now pose a significant threat, while 76% of ITDMs said firmware attacks against printers pose a significant threat.

A determined and sophisticated cyber attacker's first step will be to model their likely attack path through your systems, plotting the most fruitful route to whichever of your digital assets they've got their eye on. Doesn't it make sense that you should be doing exactly the same thing? That you should be simulating the attack paths that can lead to your key assets, and working out the associated risks and potential impact? And using this insight to neutralize them before attackers can take advantage?