Security News

The business of hackers-for-hire threat actors
2022-07-01 17:57

In the world of illegal cyber activities, different kinds of threat actors exist. Another category of threat actors exists, dubbed hackers-for-hire.

The challenges and advantages of building behavior-based threat detection
2022-07-01 04:00

In this video for Help Net Security, Scott Sutherland, Senior Director, Adversary Simulation and Infrastructure Testing, NetSPI, discusses how, in order to stay ahead of malicious actors,...

OpenSea phishing threat after rogue insider leaks customer email addresses
2022-06-30 21:20

An employee of OpenSea's email delivery vendor "Misused" their access to download and share OpenSea users' and newsletter subscribers' email addresses "With an unauthorized external party," Head of Security Cory Hardman warned on Wednesday. "If you have shared your email with OpenSea in the past, you should assume you were impacted," Hardman continued.

EMEA continues to be a hotspot for malware threats
2022-06-30 03:00

The report also shows that EMEA continues to be a hotspot for malware threats. Overall regional detections of basic and evasive malware show WatchGuard Fireboxes in EMEA were hit harder than those in North, Central and South America at 57% and 22%, respectively, followed by Asia-Pacific at 21%. "Based on the early spike in ransomware this year and data from previous quarters, we predict 2022 will break our record for annual ransomware detections," said Corey Nachreiner, chief security officer at WatchGuard.

Destructive firmware attacks pose a significant threat to businesses
2022-06-29 04:00

The threat of firmware attacks is a growing concern for IT leaders now that hybrid workers are connecting from home networks more frequently: With hybrid or remote work now the norm for many employees there is a greater risk of working on potentially unsecure home networks meaning that the level of threat posed by firmware attacks has risen. More than eight-in-ten IT leaders say firmware attacks against laptops and PCs now pose a significant threat, while 76% of ITDMs said firmware attacks against printers pose a significant threat.

New Bumblebee malware loader increasingly adopted by cyber threat groups
2022-06-28 10:00

Conti, Quantum and Mountlocker were all linked to having used the new piece of software to inject systems with ransomware. The post New Bumblebee malware loader increasingly adopted by cyber...

Overview of Top Mobile Security Threats in 2022
2022-06-28 04:43

Sadly, granting extensive permissions to dangerous apps can have severe consequences. Never give apps all the permissions, see what permission they need to run, and grant only those.

Threat actors increasingly use third parties to run their scams
2022-06-28 03:30

In January 2022, the number of business email compromise attacks impersonating external third parties surpassed those impersonating internal employees for the first time and has continued to exceed traditional internal impersonations in each month since. These tactics are increasingly dangerous, with one attack stopped by Abnormal requesting $2.1 million for a fake invoice.

Cybersecurity Experts Warn of Emerging Threat of "Black Basta" Ransomware
2022-06-27 21:48

The Black Basta ransomware-as-a-service syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. "Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics, plumbing and heating, automobile dealers, undergarments manufacturers, and more," Cybereason said in a report.

Avos ransomware threat actor updates its attack arsenal
2022-06-23 13:50

A new report from Cisco Talos Intelligence Group exposes new tools used in Avos ransomware attacks. The threat actor provides a control panel for the affiliates, a negotiation panel with push and sound notifications, decryption tests, and access to a diverse network of penetration testers, initial access brokers and other contacts.