Security News

Presumably, the fact that the blackmail message was uploaded to your database - proving that the crooks had write access - is meant to convince you that the crooks definitely also had read access and therefore did indeed steal all your data. One thing missing from the blackmail message above is the sort of pressure you'd expect in a ransomware attack, namely that you're paying to get your data back because the crooks have wiped or scrambled it.

The U.S. Federal Communications Commission on Tuesday designated Chinese telecommunications companies Huawei and ZTE as national security threats. By declaring the Chinese companies national security threats, the FCC is banning U.S. organizations from acquiring equipment or services using money from the agency's Universal Service Fund.

A new piece of ransomware dubbed EvilQuest is being delivered bundled up with pirated versions of popular macOS software, researchers warned. The ransomware is also a smokescreen, as its "Noisiness" is meant to hide other things happening on the system in the background: the installation of a keylogger and a reverse shell, and the exfiltration of files that contain valuable information.

SafeGuard Cyber announced the release of new capabilities within its flagship collaboration, chat, and social media security platform. SafeGuard 7.6 now performs threat analysis on managed social and digital accounts to detect and remediate malware, including zero day exploits and associated messaging, file attachments, and links that are shared on these channels.

Threat hunting solutions provider Hunters today announced that it closed a $15 million Series A funding round, which brings the total raised by the company to $20.4 million. The funds will allow Hunters to invest further in machine learning research and extend its threat detection capabilities.

McAfee, the device-to-cloud cybersecurity company, announced general availability of McAfee MVISION Insights, the industry's first proactive security solution that changes the cyber security paradigm by helping to stop threats before the attack. MVISION Insights provides actionable and preemptive threat intelligence by leveraging McAfee's cutting-edge threat research, augmented with sophisticated Artificial intelligence applied to real-time threat telemetry streamed from over 1 billion sensors.

John Mauger of U.S. Cyber Command came a day after Defense Department officials briefed reporters on virtual war games that digital combatants from U.S. and allied militaries have been holding to sharpen their abilities to counter online threats with real-world impact. On Wednesday, Cybercom offered reporters a window into what it described as its largest virtual training exercise to date - in this case, a simulated attack on an airfield's control systems and fuel depots.

With more and more IT resources moving to the cloud and remote work becoming a ubiquitous business practice due to COVID-19, perimeter-based security is undeniably becoming a weak link, especially since attackers have repeatedly demonstrated they can bypass firewalls and spread laterally within enterprise networks. The first has existed for several years and is now gaining real traction to address the security gap created by the disintegration of the network perimeter.

Over a period of two years, a threat actor sold access to the compromised networks of 135 organizations in 44 countries and likely made over $1.5 million, Group-IB says. Between October 2017 and July 2018, Fxmsp sold access to compromised networks personally, but then found an accomplice who became his sales manager.

"You may collect information on an ongoing or future threat to your organization to include who the threat actor is, what are they going after, what is the tactic they will utilize to get in your network, how are they going to move laterally, how are they going to exfil information and when will the activity take place. You can collect all the relevant threat information but without the infrastructure in place to analyze the large amount of data coming in, the organization will not succeed in successfully orienting themselves and acting upon the threat information," Santiago Holley, Global Threat Intelligence Lead at Thermo Fisher Scientific, told Help Net Security. Holley has worked in multiple threat intelligence and cyber positions over the past ten years, including a stint as a Threat Intelligence Lead with the FBI, and this allows him to offer some advice to security leaders that have been tasked with setting up a robust threat intelligence program for their organization.