Security News

High-risk users represent approximately 10% of the worker population and are found in every department and function of the organization, according to Elevate Security research. High-risk users represent a sizable threat to the organization.

Digital communication would not be possible without file sharing. Whether we are opening an exported Excel file with a Salesforce report or downloading a new note taking software, we are using files to share information and perform critical tasks.

A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. The starting point that kicks off the multi-stage attack chain is a phishing email bearing a malicious ZIP file that's used as a pathway to deliver either the clipper or the ransomware.

Adam Shostack, the author of "Threat Modeling: Designing for Security", and the co-author of "The New School of Information Security", recently launched his new book - "Threats: What Every Engineer Should Learn From Star Wars". In this Help Net Security video interview, Shostack talks about the new book.

Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers "Use several highly obfuscated and under-development custom loaders in order to infect those involved in the cryptocurrency industry with Enigma stealer," Trend Micro researchers Aliakbar Zahravi and Peter Girnus said in a report this week.

A previously unknown threat actor dubbed NewsPenguin has been linked to a phishing campaign targeting Pakistani entities by leveraging the upcoming international maritime expo as a lure. "The attacker sent out targeted phishing emails with a weaponized document attached that purports to be an exhibitor manual for PIMEC-23," the BlackBerry Research and Intelligence Team said.

Russia's invasion of Ukraine continues to have a major impact on energy prices, inflation, and cyberthreats, with the ransomware scene experiencing some of the biggest shifts, according to ESET. "The ongoing war in Ukraine has created a divide among ransomware operators, with some supporting and others opposing the aggression. Attackers have also been using increasingly destructive tactics, such as deploying wipers that mimic ransomware and encrypt the victim's data with no intention of providing a decryption key," explains Roman Kováč, Chief Research Officer at ESET. The digital threats trends. The war also affected brute-force attacks against exposed RDP services, but despite the decline of these attacks in 2022, password guessing remains the most favored network attack vector.

During a webinar called The Hacker Mindset, a Red Team Researcher shared how you can use some of these tools for your own detection and prevention of breaches. The hacker mindset can be characterized by three core values: a strong sense of curiosity, an adversarial attitude, and persistence.

As biometric face verification gains traction and becomes more widely adopted, threat actors are targeting all systems with sophisticated online attacks. To achieve both user friendliness and security, organizations need to evaluate their biometric solutions for resilience in the face of these complex attacks.

CVE-2021-21974 is a vulnerability affecting OpenSLP as used in VMware ESXi. The French government's Computer Emergency Response Team CERT-FR was the first to raise an alert on ransomware exploiting this vulnerability on Feb. 3, 2023, quickly followed by French hosting provider OVH. Attackers can exploit the vulnerability remotely and unauthenticated via port 427, which is a protocol that most VMware customers do not use.