Security News

Finance ministers from the G7 industrialized countries expressed "Concern" on Tuesday over the rise in "Malicious cyber-attacks" in the midst of the Covid-19 pandemic, including some involving cryptocurrencies. These ransomware attacks demanding payments often to facilitate money laundering "Have been growing in scale, sophistication, and frequency" over the past two years, causing "Significant economic damage and customer protection and data privacy," the ministers said.

Threat actors are consistently leveraging legitimate services and tools from within Microsoft Office 365 to pilfer sensitive data and launch phishing, ransomware, and other attacks across corporate networks from a persistent position inside the cloud-based suite, new research has found. Office 365 user account takeover - particularly during the COVID-19 pandemic with so many working from home - is one of the most effective ways for an attacker to gain a foothold in an organization's network, said Chris Morales, head of security analytics at Vectra AI. From there, attackers can move laterally to launch attacks, something that researchers observed in 96 percent of the 4 million Office 365 customers sampled between June to August 2020.

Hackney Council in East London has declared that it was hit by a "Cyberattack" - but both the authority and officials from the National Cyber Security Centre remain tight-lipped about what actually happened. In a statement published on the council website this morning, local mayor Philip Glanville said: "Hackney Council has been the target of a serious cyberattack, which is affecting many of our services and IT systems."

The city council systems for the London Borough of Hackney have been hit with a 'serious' cyberattack that impacts many of their services and IT systems. Not much is known about the attack, but in a press release to the borough's website, Mayor Philip Glanville stated that it was the Hackney Borough Council's IT systems that had suffered the attack.

For prices between $300 and $10,000, ransomware groups have the opportunity to easily buy initial network access to already-compromised companies on underground forums. The ability to purchase initial network access gives cybercriminals a quicker handle on infiltrating corporate and government networks, so that they can focus in on establishing persistence and moving laterally.

A new report from data protection provider Infrascale discusses how ransomware and other cyberattacks can harm SMBs and how they can better protect their critical data in the event of an attack. Data protection is designed to defend data against both internal and external threats, including data corruption, server crashes, human error, malicious attacks, and even natural disasters.

SMB Suite is now working with CI Security, a Managed Detection and Response services provider specializing in protecting the networks of critical infrastructure, essential organizations, and mid-market companies, to protect and defend customers from cyberattacks. Teaming up with CI Security allows SMB Suite to offer to their customers top-notch security operations and staffing solutions that typically only large companies have been able to afford.

The United Nations' International Maritime Organization last week said some of its systems were disrupted as a result of a cyberattack. IMO's website and other web services were first disrupted on September 30, when the agency announced on Twitter that its team was working on fixing some "Technical issues." Then, on October 2, it admitted that the problems were caused by a cyberattack, and said that it was working on restoring impacted systems.

Siemens Energy announced a new AI-based industrial cybersecurity service, Managed Detection and Response, powered by Eos.ii, to help small and medium-sized energy companies defend critical infrastructure against cyberattacks. "As the digital revolution transforms the energy industry, industrial operating environments are becoming increasingly vulnerable to cyberattacks," said Leo Simonovich, Head of Industrial Cybersecurity at Siemens Energy.

Health insurer Anthem has agreed to another multimillion-dollar settlement over a cyberattack on its technology that exposed the personal information of nearly 79 million people. Anthem said it was the last open investigation into the attack.