Security News

VPNLab.net, a VPN provider that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation. Europol said it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 and rendering it inoperable as part of a disruptive action that took place across Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the U.S., and the U.K. A second outcome of the seizure is that at least 100 businesses that have been identified as at risk of impending cyber attacks are being notified.

Cybercrime continues to be a major concern, with 51% of SMEs experiencing a cybersecurity breach, a Markel Direct survey reveals. In this survey that polled 1000 respondents, Markel Direct explored the issue of cybercrime and its impact on the self-employed and SMEs.

Darktrace reported that the IT and communications sector was globally the most targeted industry by cybercriminals in 2021. Attackers could then launch ransomware attacks against the clients of the backup vendor, preventing recovery and forcing payment.

Due to the sheer number of devices in use, their high power and numerous known vulnerabilities within them, threat actors have been using MikroTik devices for years as the command center from which to launch numerous attacks, researchers said. Eclypsium researchers began exploring the how and why of the weaponization of MikroTik devices in September, based on previous research into how TrickBot threat actors used compromised routers as command-and-control infrastructure.

Black Friday is approaching, and cybercriminals are honing their malware droppers, phishing lures, and fake sites while shoppers prepare to open their wallets. The security firm shared a detailed report highlighting the most common threats expected to surface during this year's Black Friday, as well as the Christmas shopping season.

Cybersecurity firm Rapid7 is running 2022 Planning, a "Four-part webinar series to help cybersecurity teams plan for their 2022 needs." The EMEA edition features Jen Ellis, vice-president of community and public affairs at Rapid7; and Carl Nightingale, a partner in cybersecurity and digital trust at PA Consulting.

Here's the irony of ransomware data breach stories that gets surprisingly little attention: cybercriminals enthusiastically encrypt and steal sensitive data to extort money and yet their victims rarely bother to defend themselves using the same obviously highly effective concept. If sensitive data such as IP are competently encrypted, that not only means that attackers can't access or threaten to leak it, in many cases they won't even be able to see it in the first place - all encrypted data looks alike.

Cybercriminals are targeting Alibaba Elastic Computing Service instances, disabling certain security features to further their cryptomining goals. Alibaba offers a few unique options that make it a highly attractive target for attackers, researchers noted.

With a bait attack, criminals try to obtain the necessary details to plan future attacks against their targets, says Barracuda. Cybercriminals often will research potential victims to help strategize exactly how and where to attack them.

If you're congratulating yourself on your progress adopting Kubernetes, just consider that the cybercriminals have been poring over it too. Does your Kubernetes deployment support multiple components and services across multiple nodes, all spawning data, the hijacking of which could bring your operations to a shuddering halt? Great.