Security News

Ransomware remains primary threat in the first half of the year as cybercriminals continued to target big-name victims. Working with third parties to gain access to targeted networks, they used Advanced Persistent Threat tools and techniques to steal and encrypt victims' data.

In this interview with Help Net Security, Dr Shreekant Thakkar, Chief Researcher, Secure Systems Research Centre at TII, talks about the ever evolving threat landscape and how automation could improve the way organizations detect and respond to attacks. The modern cybersecurity threat landscape is evolving faster than ever, particularly threatening critical infrastructures.

Organizations struggle to identify the warning signs of insider threats, according to a report by the Ponemon Institute. "The vast majority of security threats follow a pattern or sequence of activity leading up to an attack, and insider threats are no exception," said Dr. Larry Ponemon, Chairman and Founder, Ponemon Institute.

The sun never seems to set on the cybercriminal threat, but whether you're heading into autumn or bursting into spring you can tap into the world's finest cyber security training, at upcoming SANS Institute events in Asia and Oceania. With the cloud accounting for ever more of the world's compute, you can be assured that they all feature top courses focusing on detecting and countering cloud threats, including newly minted courses such as Cloud Security and DevSecOps Automation, and Public Cloud Security: AWS, Azure and GCP. With the development of the larger curriculum, SANS has conscientiously looked at job roles, training needs within those roles, and how we help students progress along their professional cloud security journey.

Cyber attacks against critical national infrastructure are escalating. The most frequently-discussed aspect of critical infrastructure events are availability impacts: stopping or interrupting a process or organization.

Offboarding employees securely is a key problem for business leaders, with 40% concerned that employees who leave a company retain knowledge of passwords that grant access to corporate data. This is according to A research by My1Login, which found few organizations are implementing access management solutions that work with all applications, meaning most lack the ability to revoke access to all corporate data as soon as an employee leaves.

Adam Flatley: I think what really needs to be done, and what has started to happen recently, is that we need to bring all of the components of the private industry and the government together to combat this threat in an organized, intel-driven campaign that is targeting the actors behind these ransomware operations and working to dismantle those organizations through using all the tools available to the private industry and governments around the world. Adam Flatley: It was a really big honor to be part of the Ransomware Task Force that IST put together.

In this interview with Help Net Security, Peter Broadhurst, Maritime Senior VP Safety, Security, Yachting and Passenger, Inmarsat, talks about the impact of cyber threats on passenger vessels and superyachts, and provides an inside look at maritime cybersecurity today. Different vessels have specific vulnerabilities that have driven regulators to act and introduce a new cyber security regime for the industry, requiring commercial shipping, cruise vessels and ferries, and charter and private superyacht sectors to adopt a stricter approach to cyber security.

Five malicious Docker container images were recently detected on Docker Hub, totaling more than 120,000 pulls. There's a new threat cybersecurity teams need to watch out for: malicious Docker containers hiding on legitimate sites like Docker Hub, where Aqua Security's threat research arm, Team Nautilus, found five images accounting for a whopping 120,000 pulls by unsuspecting users.

Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service attacks. The goal is the same though: use contact forms to deliver BazaLoader malware that often drops Cobalt Strike, which can lead to data theft or a ransomware attack.