Security News

Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year. "Multiple North Korean threat actors have recently targeted the Russian government and defense industry - likely for intelligence collection - while simultaneously providing material support for Russia in its war on Ukraine," said Clint Watts, the head of Microsoft's Digital Threat Analysis Center.

In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack. The website's affiliation with contract proposals suggests that the attackers might be seeking publicly accessible information about military requisites or trying to find information on Defense Industrial Base-affiliated organizations.

Apple last year introduced a security feature called App Management that's designed to prevent one application from modifying another without authorization under macOS Ventura - but a developer claims it's not very good at its job under some circumstances. "If an app is modified by something that isn't signed by the same development team and isn't allowed by an NSUpdateSecurityPolicy, macOS will block the modification and notify the user that an app wants to manage other apps," explained Justin Sagurton of Apple's privacy engineering team, in a video presentation at the fruity computer seller's 2022 Worldwide Developers Conference.

The defense sector in Ukraine and Eastern Europe has been targeted by a novel. NET-based backdoor called DeliveryCheck that's capable of delivering next-stage payloads.

The year previous to that, LockBit was known to be the most active global ransomware group and RaaS provider in terms of the number of victims claimed on their data leak site. As ransomware continues to rise and evolve, new strains develop.

You can book a DDoS attack on one of countless shady platforms, and then you don't even have to deal with the technology yourself. No matter what, a company's protective measures should always be kept up to date, and you should always question yourself about how well-prepared you are against a DDoS attack - or face severe consequences if you are caught unprepared.

The latest research from Fortinet reveals that more than 90% of leaders believe that increased employee cybersecurity awareness would help decrease the occurrence of cyberattacks. As organizations face increasing cyber risks, the research highlights the important role of employees in serving as an organization's first line of defense in protecting their organization from cybercrime.

According to the World Economic Forum's 2023 Global Cybersecurity Outlook, 86% of business leaders and an even higher percentage of cyber leaders, 93%, believe a catastrophic cyber event is likely in the next two years due to global geopolitical instability. For defense contractors, who work with some of our country's most sensitive information, establishing effective cybersecurity protocols takes on an added layer of importance.

While the digitalization of manufacturing operations provided transformational opportunities and greater efficiency and sustainability, it also connected manufacturing environments and infrastructures that operated historically as isolated silos with limited external connectivity. How do cyber threats in the manufacturing sector differ from those in other industries, and what unique challenges do manufacturers face in implementing cybersecurity measures?

Evolving threats The war between Ukraine and Russia unleashed a flurry of amateur and state-sponsored attacks and breaches on organizations and critical infrastructure. "As move forward in 2023, data extortion and attacks of opportunity will continue to evolve, employing different extortion tactics and techniques to force victims to pay the ransom. With threats evolving quickly, security organizations must operationalize threat intelligence by gathering data from every possible source, then effectively processing, correlating, and incorporating that information into day to day security operations to reduce risk," Barton continued.