Security News

An alert released by the United States this week provides information on Kimsuky, a threat actor focused on gathering intelligence on behalf of the North Korean government. The malicious cyber activity associated with the North Korean government is typically referred to as HIDDEN COBRA by the United States.

Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an "Imminent cybercrime threat to U.S. hospitals and healthcare providers." The agencies on the conference call, which included the U.S. Department of Health and Human Services, warned participants about "Credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers."

Mike Wiacek, founder of Google's Threat Analysis Group and co-founder / former Chief Security Officer of Alphabet moonshot Chronicle, leads the company as its CEO and founder. Stairwell wants to provide security teams with accessible, user-centric tools that help them understand the pivotal relationships between their external and internal data sources.

So we have halting the largest DDoS attack ever recorded; GameStop getting hit with DDOs attacks; etc. Some of these extortion attacks, there's about six or seven different vectors that are commonly used as part of these attacks.

Cloud-first security firm Wandera reports that malicious network traffic is the highest cybersecurity risk for hospitals and other healthcare providers and affects 72% of all organizations. The new report, "Cybersecurity in the Healthcare Industry," ranked phishing and outdated operating systems as the other top risks.

A report published last year has noted that most attacks against artificial intelligence systems are focused on manipulating them, but that new attacks using machine learning are within attackers' capabilities. Microsoft now says that attacks on machine learning systems are on the uptick and MITRE notes that, in the last three years, "Major companies such as Google, Amazon, Microsoft, and Tesla, have had their ML systems tricked, evaded, or misled." At the same time, most businesses don't have the right tools in place to secure their ML systems and are looking for guidance.

Organizations are often forced to make critical security decisions based on threat data that is not accurate, relevant and fresh, a Neustar report reveals. Just 60% of cybersecurity professionals surveyed indicate that the threat data they receive is both timely and actionable, and only 29% say the data they receive is both extremely accurate and relevant to the threats their organization is facing at that moment.

A Finnish psychotherapy centre was hit by hackers who stole therapy session notes - before threatening patients of the clinic with ransom demands amid selective dark web leaks of stolen material. "Psychotherapy Center Vastaamo has been the victim of data breaches and blackmail," said the Helsinki-based clinical chain late last week, adding: "In recent days, the blackmailer has published sections of the information he obtained during the hacking. Now the blackmailer has begun to approach the victims of the breach with blackmail letters demanding a ransom."

The purpose of threat intelligence is to collect data from a variety of sources outside of the organization's perimeters and generate intelligence on what is happening "Out there", enriching the organization's security operations. Threat intelligence provides visibility that extends beyond the organization's perimeters - and this visibility is based on the vendor's coverage on intelligence sources.

Securonix announced it signed an OEM agreement with Opora, a next-generation cybersecurity provider that uses pre-attack adversary behavior analytics to protect organizations from emerging threats. The partnership provides customers Securonix Adversary Behavior Analytics, an advanced capability that helps organizations protect mission critical assets by monitoring adversary behavior and delivering automated, preemptive actions that prevent attacks and help contain adversary threats.