Security News

As many as 722 ransomware attacks were observed during the fourth quarter of 2021, with LockBit 2.0, Conti, PYSA, Hive, and Grief emerging as the most prevalent strains, according to new research published by Intel 471. The attacks mark an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively.

As Russian ground forces closed in on key Ukrainian cities including capital Kyiv, and airstrikes hit military bases near the western city of Lviv, the expected cyber-onslaught by Russia has largely failed to become reality. Until last week, when it emerged that Western spy agencies were investigating a large-scale satellite broadband outage affecting satellite communications provider Viasat, which began on 24 February - the day Russia invaded Ukraine.

Palo Alto Networks has rolled out a new supply chain security system that the cybersecurity vendor claims can identify vulnerabilities and misconfigurations across the lifecycle of cloud native applications. It's called Prisma Cloud Supply Chain Security, and it scans for any issues in code - such as version control system and CI pipeline misconfigs - across open-source packages, infrastructure-as-code files and delivery pipelines, according to the security shop.

Revenge and inflation are key drivers behind an 800 percent increase in cyberattacks seen by a managed services provider since the days before the onset of Russia's invasion of Ukraine last month, according to the company's top executive. The attacks are coming not only from groups inside of Russia but also from within the region as well from Russia allies like North Korea and Iran, historically sources of global cyber-threats, Emil Sayegh, president and CEO of Ntirety, an MSP that focuses on security, told The Register.

Anime giant Toei suffered a weekend cyberattack causing delays in airing new episodes of popular anime series, including ONE PIECE and Delicious Party Precure. According to the announcement by both Toei and ONE PIECE, the anime studio detected unauthorized access to their systems on Mach 6th, 2022.

A new rule proposed by the US Securities and Exchange Commission would force public companies to disclose cyberattacks within four days along with periodic reports about their cyber-risk management plans. Specifically, the proposed rule would amend the Form 8-K reporting requirements to include cybersecurity incident disclosure "Within four business days after the registrant determines that it has experienced a material cybersecurity incident." The 8-K is the form that the SEC requires public companies file to publicly announce corporate changes or big events that may be material to shareholders.

Enterprises need to create a more strategic alliance between their application security and cybersecurity teams if they are going to better protect themselves against cyberthreats. Appsec team members tend to be developers and quality assurance pros creating internal applications used within the organization or exposed publicly or privately to customers, while cybersecurity teams' jobs include penetration testing and responding to incidents, he said.

Before it began, I'd been really worried about Russian cyberattacks, which would overrun Ukraine and flood into the West's infrastructure. Where are those massive attacks? Why is Ukraine's electrical system still up and running - except for damaged nuclear reactors? Why, instead of shutting down Ukraine's TV networks with cyber attacks, did they have to blow up a Kyiv TV tower? Did we just let paranoia overrule our common sense?

The findings of the report take into account security events occurring across more than 120,000 user accounts during the period of January 1st to December 31st, 2021 and shows that the vast majority of attacks on top SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox are originating from the countries of Russia and China. Over the last several weeks, there has been a sharp rise in activity from countries with consistently high levels of both attempted and successful attacks originating within their borders - Russia and China.

Security vendors pledge free protection for US hospitals and utilities amid fear of Russian cyberattacks. With that in mind, three security companies are offering their products for free to US hospitals and utilities.