Security News

The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more targets. Emotet is a notorious malware botnet historically distributed through Microsoft Word and Excel attachments that contain malicious macros.

"The first approach is just keeping the bad guy out and never permitting access to the system. The physical analogue is to build a big wall and don't let him in in the first place. And the backup plan is, if the wall doesn't work, we rely on detection. Both of those approaches are imperfect. And so, what moving target defense offers as a complementary strategy is, even if those two approaches fail, moving target confuses the attacker and makes it more difficult to do damage," Vugrin continued. Like a game of three-card monte, in which a con artist uses sleight of hand to shuffle cards side-to-side, moving target defense requires randomness.

Security will always be front of mind for businesses, and open source and its collaborative nature have the power to drive new ways of protecting against evolving security threats. For companies choosing open source, this becomes collaborative, with multiple organizations and individuals having a stake in ensuring that security is kept tight and up to date.

Japan is also revising its cyber security strategy according to Nikkei. Japan's Aerospace Exploration Agency announced last week it has started conceptualizing a satellite refueling service with private Japanese orbital debris removal company, Astroscale.

If safety regulations are written in blood, what are security policies written in? Sweat and cursing? Australian health insurance company Medibank will take all of its IT systems offline and close...

A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected. The attacks have been attributed with low confidence to hackers tracked as 'Scattered Spider,' who demonstrate persistence in maintaining access, reversing mitigations, evading detection, and pivoting to other valid targets if thwarted.

Defense contractors hold information that's vital to national security and will soon be required to meet Cybersecurity Maturity Model Certification compliance to keep those secrets safe. Nation-state hackers are actively and specifically targeting these contractors with sophisticated cyberattack campaigns.

A cyberespionage threat actor tracked as Billbug has been running a campaign targeting a certificate authority, government agencies, and defense organizations in several countries in Asia. Symantec hasn't determined how Billbug gains initial access to the target networks but they have seen evidence of this happening by exploiting public-facing apps with known vulnerabilities.

The European Commission on Thursday proposed a cyber defense policy in response to Europe's "Deteriorating security environment" since Russia illegally invaded Ukraine earlier this year. This will include establishing an EU Cyber Defence Coordination Centre, encouraging member states to more actively participate in Military Computer Emergency Response Teams, while building a similar network for civilian cyber incident responders, according to a joint communication [PDF] to the European Parliament and Council.

Japan's Ministry of Defence announced on Friday that it has formally joined NATO's Cooperative Cyber Defense Centre of Excellence. The CCDCOE is recognized as an international military organization and cyber defence hub focusing on research, training and exercises, like its yearly red team versus blue team cyber war game, Locked Shields.