Security News

The password spraying attack is a special kind of password attack that can prove effective in compromising your environment. While a password spraying attack attempts to bypass this mitigation and can prove successful, password lockout policies are a good line of defense against brute force attacks in general.

The 2021 study addresses pandemic-related cybersecurity challenges, including the growth of connected devices and related increase of security risks from these devices as threat actors took advantage of chaos to launch attacks. 42% of connected devices were agentless or un-agentable devices.

Intrigue's attack surface management technology will be integrated into the Mandiant Advantage platform, enabling organizations to discover, monitor, and manage risk across their entire attack surface. By offering Intrigue's technology through the Mandiant Advantage platform, customers will be able to address critical gaps in their security programs by leveraging the latest attack surface management capabilities in an easy-to-use software-as-a-service platform.

The LockBit ransomware-as-a-service gang has published the name and logo of what's purportedly one of its latest victims: Accenture, the global business consulting firm with an insider track on some of the world's biggest, most powerful companies. In a post on its Dark Web site, LockBit offered up Accenture databases for sale, along with a requisite jab at what the gang deemed to be Accenture's pathetic security.

FireEye's Mandiant unit announced on Tuesday that it has acquired Intrigue, a provider of attack surface management technology for enterprises. According to FireEye, Intrigue's technology will be integrated into the Mandiant Advantage platform, and help customers discover, monitor, and manage risk across their attack surface.

Someone has leaked the master decryption key that Kaseya used to unlock the files encrypted by a REvil ransomware attack on the company that affected customers across 22 countries last month. While it was first thought that the key could unlock all of the REvil attacks that occurred at the same time as the Kaseya one, it soon became clear to researchers that the decryptor - which appeared to some to be genuine - was only for the files locked in the Kaseya attack.

A key that can be used to decrypt files encrypted by the REvil ransomware delivered as part of the Kaseya attack has been made public. According to threat intelligence company Flashpoint, an individual using the online moniker "Ekranoplan" recently claimed on a hacker forum that they had obtained a decryption key for the REvil ransomware.

Sectigo announced the addition of the Sectigo Secure Key Storage SDK to its collection of offerings. Sectigo Secure Key Storage: The software-based alternative for IoT devices.

A Chinese cyber espionage group has been linked to a string of intrusion activities targeting Israeli government institutions, IT providers, and telecommunications companies at least since 2019, with the hackers masquerading themselves as Iranian actors to mislead forensic analysis. FireEye's Mandiant threat intelligence arm attributed the campaign to an operator it tracks as "UNC215", a Chinese espionage operation that's believed to have singled out organizations around the world dating back as far as 2014, linking the group with "Low confidence" to an advanced persistent threat widely known as APT27, Emissary Panda, or Iron Tiger.

A Chinese cyber espionage group has been linked to a string of intrusion activities targeting Israeli government institutions, IT providers, and telecommunications companies at least since 2019. FireEye's Mandiant threat intelligence arm attributed the campaign to an operator it tracks as "UNC215", a Chinese espionage operation that's believed to have singled out organizations around the world dating back as far as 2014, linking the group with "Low confidence" to an advanced persistent threat widely known as APT27, Emissary Panda, or Iron Tiger.