IT Trends
Chinese Threat Actors Target NY MTA, Surge in Brokerage Account Hacks, Fake Encrypted Chat Platform Anom Lures Criminals, Ransomware Attacks Prioritized as Terrorism
1. Chinese Threat Actors Target New York’s MTA Chinese-sponsored threat actors leveraged Pulse Secure vulnerabilities to compromise systems belonging to the New York Metropolitan Transportation Authority (MTA). It is unclear why state-sponsored actors targeted the MTA. Still, security experts investigating the case speculate that China may be trying to obtain sensitive information on U.S. transit networks to gain an advantage ...
Antivirus Softwares Vulnerable to ‘Cut and Mouse’, JBS Foods Cyber-Attack, Ransomware Hinders Criminal Prosecutions, US Supreme Court Restricts CFAA, US Nuclear Bunker Secrets Discovered
1. Security researchers reveal stealthy techniques to bypass antivirus tools and ransomware defenses Security researchers discovered significant vulnerabilities in popular antivirus tools, which could be exploited to deactivate protective mechanisms to launch ransomware attacks and other malicious operations. According to said researchers, of the 29 antivirus tools evaluated, 14 were found susceptible to the 'Ghost Control' attack technique. In comparison, ...
TeaBot Wreaks Havoc, New Malware Strains run Wild, Small Business Ransomware, Microsoft Office 365 Insider Threats, CISA Issues Subpoena
1. A New and Lethal Banking Trojan, TeaBot, Wreaks Havoc For European Financial Institutions Cybersecurity experts warn users of a new Android Trojan currently being exploited in the wild against banks and other financial institutions in the Netherlands, Spain, Belgium, and Italy. This trojan is called ‘TeaBot’ (or Anatsa), and it is used to hijack users’ credentials via SMS messages. ...
Ransomed Companies = Ransomed Customers, Unpatched Cyber Infrastructure Targeted Worldwide and Rust Leaks
Cring ransomware targets customers of hacked companies, Fortinet vulnerabilities expose US cyber operations, Rust leaks data & EU commission hacked
Hackers Target EDR Tools, Nuke Account Spouts Gibberish, Ransomware Labelled National Security Threat
Threat actors find ways against common endpoint security tools, US government classifies ransomware as a national security threat, an unattended government agency Twitter account that is responsible for US nuclear arsenal tweeted gibberish, a deluge of tools is actually making it harder for IT teams to assess their network's security and PHP’S ‘Git’ server compromised to add Backdoors to PHP source codes.
Less Than 25% of New IT Tools Meet Security Goals, Office365 Scams, New D/TLS, Purple Fox, REvil Hacks | aiden IT Security News
Survey finds IT teams are over-burdened with tools that don't fully meet security goals, financial phishing attacks imitate Office365 and researchers discover new D/TLS, Purple Fox, REvil ransomware hacks.
Federal Patch Order for Microsoft Exchange, Investment Firms Newly Scammed, Ryuk Ransomware Spreads Laterally – Cybersecurity News
US Dept. of Homeland Security issues patch order to any federal agencies using Microsoft Exchange, fake "capital call" emails target investors and investment firms, Ryuk ransomware adapts to move laterally through Windows LAN devices, Mobile adware campaigns targeting online banking and crypto-currency wallets sees expansive growth and threat actors game Google's SEO to prioritize payload distribution from fake sites.
Unpatched Jail Software Forgets to Release Prisoners, Sequoia Venture Capital Hacked, Ransomware Strikes Aerospace Vendor – IT Security News and Trends
Major venture capital firm Sequoia fell victim to a targeted phishing campaign. Non-violent prisoners were kept after their scheduled release dates in Arizona due to a bug in custom software that failed to update prisoner records accurately. CLOP ransomware gang struck Bombardier, shadow attacks dupe PDF anti-tampering security and NGINX misconfigurations lead to website attacks.
Kia Motors Hack, California DMV Data Breach, Morse Code Phishing Campaigns – Cybersecurity News and Trends
1. Kia Motors Suffers a Ransomware Attack, and a $20 million Ransom is Demanded The notorious ransomware gang, DoppelPaymer, has seized critical systems belonging to Kia Motors America. Thus, impacting business continuity within 800 dealerships; the integrity of critical data; and the company’s reputation. According to the attackers, to receive a decryptor and a return back to normalcy, Kia Motors ...
Poor Patching Put Businesses At Risk, China Has Stolen Your Data, SolarWinds Hack legal changes – Cybersecurity News and Trends
New data shows slow or ineffective software patching leads to more than a quarter of cybersecurity vulnerabilities, Evanina: Chinese government has stolen 80% of personally identifiable US consumer data, threat actors now targeting supercomputers, US federal, legal agencies told to file paper documents, and new ransomware encrypts virtual disks using VMWare vulnerabilities .
NetWalker Ransomware, Volatile Cedar Cyberespionage, Windows 7 TCP/IP Hijacking, USCellular CRM Hacked, Trickbot Phishing Attacks – Cybersecurity News and Trends
International taskforce disables NetWalker, Windows 7 TCP/IP hijacks and Trickbot ransomware returns with added intelligence
DDoS Attacks Hijack Windows RDP, SonicWall, 7-Zip, Google Forms, Airline Data Stolen– Cybersecurity News and Trends
As the cybersecurity industry is still dealing with the fallout of the SolarWinds hack, more discoveries were made this week about its scope and vectors of attack. Significant exploits of popular software (Google Forms) and network-level hardware (SonicWall) also came to light.
Linux Under Cyberattack, New Phishing Attacks, MFA Pass The Cookie Hack – Cybersecurity News and Trends
File-less malware used in linux cyberattack, phishing attacks use remotely hosted images to bypass email filters, MFA PassTheCookie Hack among other cybersecurity news
JetBrains Breach, US Formally Blames Russia for SolarWinds Hack; Babuk Ransomware – Cybersecurity News and Trends
A Widely Used Software Company, An Entry Point For Huge U.S. Government Compromise State intelligence agencies disclosed that a popular software company (JetBrains), based in the Czech Republic and founded by three Russian engineers, is likely the entry point that Russian-sponsored threat actors used to insert back doors into numerous large technology companies and major U.S. government systems. SolarWinds, one ...
Cybersecurity in 2020: Year End Review
The year 2020 definitely made its way into everyone’s ‘naughty list’ for different reasons. Of course, COVID-19 was the chief reason, but we shall highlight more reasons in this article. The world faced an overwhelming number of cyber threats in 2020: ransomware attacks increased by 715%; business email compromises (BECs) and phishing exploits were more sophisticated than ever before; third party and state-sponsored supply chain attacks shook ...
Our Response to the SolarWinds Hack – A Global Cyber Pledge
Why should I take the #globalcyberpledge? How we're solving cybersecurity by individuals coming together and getting educated? What is the need for continuous improvement? Our privacy and freedom are under attack by foreign, state-sponsored bad actors and we’re standing by letting it happen. Why? Because the answers are right in front of us yet we remain complacent. Back in ...
How Intelligent Automation Drives Digital Transformation
Digital transformation with the help of intelligent automation is a necessary next step in driving business growth and helps to overcome transitional obstacles.
Why a Vulnerability Scan is Not Enough to Keep Business Running Smoothly
A vulnerability scan is good for identifying weaknesses in your cybersecurity posture, but they're not the answer to securing your network...here's why.
How & Why Intelligent Automation Delivers Sustainable Cybersecurity
Adding intelligent automation like artificial intelligence & robotic process automation to your cybersecurity arsenal will help you to achieve sustained security across your technology environment.
Why Cyber Hygiene Automation is Key to Mitigating Risk
3 ways to maintain cyber hygiene and mitigate risk using automation in an ever-expanding virtual working environment, which isn't going anywhere any time soon.
The Seven Post-COVID-19 Healthcare IT Trends That Matter for CIOs
From remote work to vendor selection, these are the 7 post-covid healthcare IT trends that matter most for CIOs and technology leaders.
Get Updates Right In Your Inbox
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.