Security News

Adam Flatley: I think what really needs to be done, and what has started to happen recently, is that we need to bring all of the components of the private industry and the government together to combat this threat in an organized, intel-driven campaign that is targeting the actors behind these ransomware operations and working to dismantle those organizations through using all the tools available to the private industry and governments around the world. Adam Flatley: It was a really big honor to be part of the Ransomware Task Force that IST put together.

In this interview with Help Net Security, Peter Broadhurst, Maritime Senior VP Safety, Security, Yachting and Passenger, Inmarsat, talks about the impact of cyber threats on passenger vessels and superyachts, and provides an inside look at maritime cybersecurity today. Different vessels have specific vulnerabilities that have driven regulators to act and introduce a new cyber security regime for the industry, requiring commercial shipping, cruise vessels and ferries, and charter and private superyacht sectors to adopt a stricter approach to cyber security.

Five malicious Docker container images were recently detected on Docker Hub, totaling more than 120,000 pulls. There's a new threat cybersecurity teams need to watch out for: malicious Docker containers hiding on legitimate sites like Docker Hub, where Aqua Security's threat research arm, Team Nautilus, found five images accounting for a whopping 120,000 pulls by unsuspecting users.

Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service attacks. The goal is the same though: use contact forms to deliver BazaLoader malware that often drops Cobalt Strike, which can lead to data theft or a ransomware attack.

Over the past year, it's been impossible to ignore the rising tide of threats targeting government and commercial organizations around the world, and the cybersecurity market is reacting. On top of that, we've seen supply chain attacks, like SolarWinds and Microsoft Exchange, causing widespread impact on thousands of organizations worldwide and the European Union Cybersecurity Agency recently predicted a fourfold increase in supply chain attacks in 2021 over last year, warning that strong cybersecurity protection is no longer effective in defending against these types of attacks.

Amid the COVID-19 crisis, the global market for advanced persistent threat protection estimated at $8 billion in the year 2020, is projected to reach a revised size of $20.3 billion by 2026, growing at a CAGR of 16.7% over the analysis period, according to Global Industry Analysts. The U.S. and China advanced persistent threat protection market forecast.

A decade ago, hunting for adversary infrastructure was often as simple as monitoring a domain registrant's name or phone number in public WHOIS records. As bad actors have moved first toward privacy protection services and then gained further obscurity behind laws such as the General Data Protection Regulation and the California Consumer Privacy Act, many in the cybersecurity industry have lamented the loss of unredacted WHOIS records as an end to effective hunting.

Analysts reviewed 13 million security incidents and found that end-of-life versions of Linux distributions were at the biggest risk. Linux now has been around long enough that old versions are causing security problems, according to a new report from Trend Micro.

Phishing can be a profitable business model, and most breaches begin with a phishing email. As detailed in the report, threats ranging from ransomware, credential harvesters to difficult-to-discover but costly Business Email Compromise targeted inboxes, could have resulted in over $354 million in direct losses had they been successful.

Researchers have discovered a Nigerian threat actor trying to turn an organization's employees into insider threats by soliciting them to deploy ransomware for a cut of the ransom profits. "In this latest campaign, the sender tells the employee that if they're able to deploy ransomware on a company computer or Windows server, then they would be paid $1 million in bitcoin, or 40% of the presumed $2.5 million ransom," researchers wrote in a report published Thursday about the campaign.