Security News

The challenge of planning an IAM strategy for multi-cloud environments to avoid risk
2022-03-25 06:30

28% of companies are using four or more public/private clouds today, but that is expected to more than double in two years to 65%. "As cloud service providers improve their security and data protection offerings, decision-makers increasingly realize they can't protect their firms' data on-premises as well as they can in the cloud. But migrating existing IAM tools and processes to multicloud IaaS, PaaS, and private clouds creates problems that firms must solve" according to the Forrester study. "According to the Forrester study, firms can't just lift-and-shift existing IAM tools from on-premises to the cloud," said Eric Olden, CEO of Strata Identity.

Multi-tool/multi-cloud environments reaching the limit of their efficacy
2022-02-23 05:00

CloudBolt Software released its latest research report, examining industry sentiment in specific dimensions of hybrid cloud/multi-cloud, and aiming to uncover unmet cloud needs that hinder cloud innovation. These limitations are caused by too many groups across an enterprise using too many different tools and clouds, with 80% struggling to achieve comprehensive visibility into cloud usage and spend.

Hackers have begun adapting to wider use of multi-factor authentication
2022-02-08 18:28

Hackers have begun adapting to wider use of multi-factor authentication. Security researchers at Proofpoint are warning of a new threat that's only likely to become more serious as time goes on: Hackers who publish phishing kits are beginning to add multi-factor authentication bypassing capabilities to their software.

Microsoft warns of multi-stage phishing campaign leveraging Azure AD
2022-01-27 18:11

Microsoft's threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target's network and use them to distribute phishing emails. "The inbox rule allowed the attackers to avoid arousing the compromised users' suspicions by deleting non-delivery reports and IT notification emails that might have been sent to the compromised user."

Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts
2022-01-18 06:40

Cybersecurity researchers have disclosed details of a now-patched bug in Box's multi-factor authentication mechanism that could be abused to completely sidestep SMS-based login verification. "Using this technique, an attacker could use stolen credentials to compromise an organization's Box account and exfiltrate sensitive data without access to the victim's phone," Varonis researchers said in a report shared with The Hacker News.

Multi-day IT systems outage whacks umbrella biz Parasol Group amid fears of a cyber attack
2022-01-14 16:30

Contractors employed via umbrella company Parasol Group are increasingly nervous about a multi-day outage of some IT systems used to process payroll, with several suspecting a security attack as the root cause. Greet Borsens, the chief sales officer at Parasol Group, itself part of Optionis Group, wrote to its contractor customers on 12 January confirming "a systems outage in parts of our group" affecting the MyParasol portal.

A new multi-platform backdoor is leveraged by an advanced threat actor
2022-01-12 13:14

A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2021. "In the Linux and macOS versions, it masquerades as a system update. In the Windows version, it masquerades as Intel drivers. The update names are somewhat generic: In the macOS version, the file is relocated and named 'updateMacOs' and in the Linux version it is named 'updateSystem'," Avigayil Mechtinger, security researcher at Intezer, has shared with Help Net Security.

APT37 targets journalists with Chinotto multi-platform malware
2021-11-29 13:43

North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android devices. Chinotto, the malware deployed in their most recent campaign discovered by Kaspersky security researchers, allows the hacking group to control compromised devices, spy on their users via screenshots, deploy additional payloads, harvest data of interest, and upload it to attacker-controlled servers.

Fraud fighters aren’t prepared for the multi-billion dollar threat of global insurance fraud
2021-11-23 04:30

The research found that fraud fighters - professionals tasked with investigating and prosecuting insurance fraud - in North America were the least prepared for threats from abroad. "Organized rings, both foreign and domestic, are stealing billions," Coalition Co-Chair David Rioux of Erie Insurance said. Globalized insurance fraud is not a priority at all for 27.7% of respondents and a low-to-medium priority for 57.5% of respondents, leading to a lack of resources and time invested in day-to-day operations fighting global insurance fraud.

Lockean multi-ransomware affiliates linked to attacks on French orgs
2021-11-04 11:22

Details about the tools and tactics used by a ransomware affiliate group, now tracked as Lockean, have emerged today in a report from France's Computer Emergency Response Team. Lockean activity was first noticed in 2020 when the actor hit a French company in the manufacturing sector and deployed DoppelPaymer ransomware on the network.