Security News

Yesterday, on the 3rd anniversary of the infamous global WannaCry ransomware outbreak for which North Korea was blamed, the U.S. government released information about three new malware strains used by state-sponsored North Korean hackers. Called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH, the malware variants are capable of remote reconnaissance and exfiltration of sensitive information from target systems, according to a joint advisory released by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Department of Defense.

SecOps teams are learning a valuable lesson: when you can't physically get onsite to make changes and upgrades to security infrastructure, your ability to deal with security threats slows significantly, and cyber defense agility is greatly reduced. With every day that passes during the current pandemic, the lack of cyber defense agility and lack of visibility into what goes on across a network is one of the biggest cybersecurity issues.

Agari, the market share leader in phishing defense solutions for the enterprise, unveiled Agari Active Defense with a new service that delivers actionable threat intelligence driven through active engagement with Business Email Compromise threat actors. Agari Active Defense - BEC Threat Intelligence Service is the only commercial offering on the market that delivers real-world cyber intelligence harvested from direct active engagements with email fraudsters attacking and scamming organizations.

24By7Security is pleased to announce the launch of Readiness Assessment Services for Department of Defense contractors seeking preparedness for Cybersecurity Maturity Model Certification. In upcoming months, the Department of Defense will require that all contractors and suppliers doing business with the Defense Department comply with CMMC standards.

Yuri Diogenes, a professor at EC-Council University and Senior Program Manager at Microsoft, and Dr. Erdal Ozkaya, a prominent cybersecurity professional, advisor, author, speaker and lecturer, published the second edition of their acclaimed book "Cybersecurity - Attack and Defense Strategies". This book will teach you how to identify unusual behaviors within your organization and use incident response methods by applying blue team and read team strategies.

Revolutionary Security's portfolio of cybersecurity services includes assessment and testing, design and build of security programs and functions as well as security operations across its clients' IT and OT systems. Revolutionary Security leverages proprietary technology and methods to help mature the security capabilities of its clients and manage risk.

Linux malware is real and Advanced Persistent Threat groups have been infiltrating critical servers with these tools for at least eight years, according to a new report from BlackBerry. The RATs report describes how five APT groups are working with the Chinese government and the remote access trojans the cybercriminals are using to get and maintain access to Linux servers.

Security should always be a top priority, but it's easy to let these security reviews and user training fall low on the to-do list. No one wants a reminder about how important these tasks are in the form of an expensive security breach.

ReversingLabs has analyzed clues from attacks by the Kwampirs remote access trojan to help software companies defend their organizations against this malware. In addition to attacks against supply chain software providers, the FBI said the same malware was also used in attacks against healthcare, energy, and financial companies.

Phishing is typically used to gain credentials so attackers have access to an organization's systems, or as a way to deploy malware directly. One of the key reasons phishing is so successful is how easy it is to execute, and how many ways it can be used.