Security News

One of the most powerful leadership tools is positive reinforcement - a proven and effective method for shaping and changing behavior. While dog owners might use treats or toys to reward desired behaviors, CISOs can leverage technology to reinforce certain behaviors conducted by employees - guiding them in their role in protecting the broader organization.

A new piece of ransomware named Epsilon Red has been used to target at least one organization in the United States, and its operators have apparently already made a significant profit. Cybersecurity firm Sophos reported last week that Epsilon Red operators have been spotted targeting a US-based company in the hospitality sector.

The latest escalation of the cybersecurity arms race finds threat actors following their targets into the cloud as they start to launch difficult-to-detect attacks by leveraging trusted domains owned by companies like Google and Microsoft. According to a blog post from cybersecurity software company Proofpoint, cloud collaboration tools like Microsoft 365, Azure, OneDrive, SharePoint, G-Suite and Firebase are being used to launch an increasing number of cyberattacks, and their cloud-hosted nature makes them difficult to detect.

Colonial Pipeline on Thursday restored operations to its entire pipeline system nearly a week following a ransomware infection targeting its IT systems, forcing it to reportedly shell out nearly $5 million to restore control of its computer networks. "Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during this start-up period. Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal."

The infamous cybercrime organization known as Evil Corp may be running cyberespionage operations on behalf of a Russian intelligence agency, security consulting company Truesec reports. Evil Corp is allegedly run by Russian nationals Maksim Yakubets and Igor Turashev, who were charged by the United States in 2019.

Threat actors are increasingly adopting Excel 4.0 documents as an initial stage vector to distribute malware such as ZLoader and Quakbot, according to new research. The findings come from an analysis of 160,000 Excel 4.0 documents between November 2020 and March 2021, out of which more than 90% were classified as malicious or suspicious.

"Gathered from over 285 million real-world endpoints and sensors, and leveraging the extensive BrightCloud network of industry-leading partners, this year's Threat Report clearly shows how cybercriminals are willing and able to evolve their tactics to exploit collective human interest and current events," said Prentiss Donohue, EVP, SMB/C Sales, OpenText. One of which, %appdata%, saw the infection rate jump 59.2% YoY. Consumer devices saw twice as many malware infections when compared to business devices.

An examination of cybercrime ecosystems reveals it mirrors legitimate financial organization and market systems. "Cybercriminals need to move money and pay employees in their organization just like any other company," said Derek Manky Chief Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs.

Attacks against the supply chain have been growing in quantity and gravity for several years, culminating in SolarWinds. Most discussion has focused on the software supply chain, but a new study shows that the physical logistics supply chain is equally subject, and susceptible, to cyberattacks.

Adversaries are increasingly abusing Telegram as a "Command-and-control" system to distribute malware into organizations that could then be used to capture sensitive information from targeted systems. In September 2019, an information stealer dubbed Masad Stealer was found to plunder information and cryptocurrency wallet data from infected computers using Telegram as an exfiltration channel.