Security News

The Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency published today an advisory with details about how the BlackMatter ransomware gang operates.The joint cybersecurity advisory from CISA, the FBI, and the NSA shares the tactics, techniques, and procedures associated with BlackMatter activity that could help organizations protect against the BlackMatter ransomware gang.

Emerging AI-based data governance solutions offer an additional weapon for the ransomware fight: situational awareness informed by deep insights into content. Armed with an understanding of the attack process and empowered with insights into your content, you'll have what you need to minimize damage before, during, and after ransomware incidents.

A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan. The malware, known as MysterySnail, was found by Kaspersky security researchers on multiple Microsoft Servers between late August and early September 2021.

The threat actor's goal is Microsoft Office 365 account takeovers. Microsoft, which began tracking the activity in late July 2021, detailed the attacks in an alert released Monday, adding that the culprits appear to be bent on espionage and have ties to Iran.

An emerging threat actor likely supporting Iranian national interests has been behind a password spraying campaign targeting U.S., E.U., and Israeli defense technology companies, with additional activity observed against regional ports of entry in the Persian Gulf as well as maritime and cargo transportation companies focused in the Middle East. Microsoft is tracking the hacking crew under the moniker DEV-0343.

Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks. The activity cluster was temporarily dubbed DEV-0343 by researchers at Microsoft Threat Intelligence Center and Microsoft Digital Security Unit, who have tracked it since late July.

33% of emails employees report as phishing attempts are either malicious or highly suspect, according to new research. The finding comes from an analysis of emails reported by employees from organizations across the globe during the first half of 2021, and highlights the efficacy of employee-led efforts in preventing cyberattacks.

New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. This Internet Explorer MSHTML remote code execution vulnerability, tracked as CVE-2021-40444, was disclosed by Microsoft on Tuesday but with few details as it has not been patched yet.

Thus, security teams often place focus on the race itself and forget about the actual goal or finish line. For example: "Our mission is to continuously improve the organization's security posture by preventing, detecting, analyzing and responding to cybersecurity incidents." It is missing the finish line.

Sarcos Defense and BAE Systems announced that the companies are partnering to develop advanced perception and sensing capabilities for autonomous platforms for Air Force Research Laboratory, to benefit Department of Defense operations. This platform will aim to address the complex issues that involve the coordination of both individual and multiple cooperating heterogeneous autonomous platforms, including unmanned aircraft systems and unmanned ground vehicles equipped with standard multi-modal sensors, such as cameras, radar, and LiDAR. The expected result will coalesce multiple environmental inputs and combine with artificial intelligence and machine learning technologies to enable unmanned systems to work together in greater harmony, both alone and coordinating with each other in "Swarm" scenarios.