IT-Security Trends

2112, 2021

The Path to Desired State Configuration: Where to Focus and Why

December 21st, 2021|

Managing devices has never been a simple task … and organizations’ adoption of “work from anywhere” policies are now making it that much harder for IT and security teams.   As we settle into this new normal, organizations are working on better processes to manage computers, secure the modern enterprise, and elevate end-user experience. Once they reach (or at least ...

1712, 2021

CloudFlare ID’s active exploits of newer log4j vulnerability

December 17th, 2021|

An estimated third of all the websites in the world run Apache server software and remain vulnerable to serious cybersecurity threats, according to cybersecurity experts at Cloudflare reviewing Apache’s log4j vulnerability. Researchers have logged attacks on 44% of all corporate networks globally using log4j, and signs that nation-state and other well-funded threat actors are doubling down on the opportunity to attack unpatched systems are ...

1510, 2021

Bank of America Insider BEC Scam, FontOnLake Malware, New Findings About Ransomware Costs, Python-based ESXi Server Attack, Office365 Password Spraying

October 15th, 2021|

1. Bank of America employee charged with insider BEC scam  A Bank of America employee and two other perpetrators were accused of money laundering, aggravated identity theft, and alleged involvement in Business Email Compromise (BEC) scams. The three actors targeted small and large companies across the globe, but mainly in the United States.   By using phishing techniques and deploying malware, the threat ...

1709, 2021

Malware Samples Target Windows OS from Linux Subsystem, New Findings About Cloud-Based Attacks, AUKUS Pact, U.S. Hacking on Behalf of UAE, Master Decryptor for REvil Victims

September 17th, 2021|

1. Malware samples target Windows operating systems from its Linux subsystem  Security researchers discovered a strain of malware samples developed to compromise the Windows subsystem in Linux and then laterally move to the native Windows enclave. Threat actors created the malware samples using Python code. They run on Debian systems and have a low detection rate for traditional security controls.   The malware developers packaged the samples in ...

1009, 2021

Ransomware Gang Threatens to Leak Stolen Data, REvil Back in Action, New Zero-Day Attack in Microsoft Office, Atlassian Confluence Exploit, Fortinet VPN Password Leak

September 10th, 2021|

1.  Ransomware gang threatens to leak stolen data if victims contact law enforcement During a ransomware attack, one of the most notorious ransomware groups, Ragnar Locker, threatened to leak complete data of victims who seek help from law enforcement agencies, including the Federal Bureau of Investigation (FBI). The ransomware group claims that incident investigators and recovery experts often collaborate with ...

309, 2021

Cybercriminal recruitment, House of Representatives Debate Cybersecurity, Attackers Sale Internet Bandwidth, Dropper-as-a-Service Attacks, Insight into the Conti ransomware

September 3rd, 2021|

1.  Cybercriminals Recruit English Speakers for Business Email Compromise Administrative and technical security controls have helped to reduce the effects of business email compromise (BEC). However, as a result, some BEC threat actors struggle to develop compelling phishing email messages for English corporate audiences. According to security researchers, said threat actors are now recruiting native English speakers in mass to ...

208, 2021

Banning Ransomware Payments, BlackMatter Hackers, Kubernetes Vulnerabilities, Kenetic Warfare, Windows 11 Malware

August 2nd, 2021|

1.  FBI Cautions Congress Against Banning Ransomware Payments Senior FBI officials advised the U.S. Congress not to mitigate ransomware threats by making ransom payments illegal. While the FBI cautioned organizations against sending ransomware payments to cybercriminals, the assistant director of the FBI (cyber division) argues that if Congress were to ban ransom payments, it could create opportunities for further extortion ...

2307, 2021

Printer Vulnerability CVE-2021-3438, China Attacks Microsoft, Pulse Secure VPN Cyberattack, Pegasus Spyware Compromised, Kaseya Ransomware Decryption Key

July 23rd, 2021|

1.  A 16-year-old Printer Vulnerability CVE-2021-3438 (CVSS score: 8.8) Impacts Millions of Infrastructures A 16-year-old vulnerability was discovered in popular corporate printers that allow hackers to gain administrative rights to perform several activities on systems, including the ability to install rogue programs, view, change, encrypt or wipe data. This critical vulnerability is prevalent in HP, Samsung, and Xerox printer software, impacting ...

907, 2021

The Kaseya Ransomware Attack SME Breakdown, DOD Data Left Unprotected, Morgan Stanley Data Breach & Email Exploitation

July 9th, 2021|

1.  Kaseya Ransomware Attackers Demand A $70 Million Ransom An affiliate of the notorious REvil ransomware gang compromised Kaseya’s virtual systems administrator (VSA) software. The Russian-linked attackers compromised the backend architecture of the IT infrastructure management tool. They used its notification capability to send a malicious update to VSA servers running on client environments. Thus, installing a ransomware code onto ...

207, 2021

LinkedIn Data Breach, Ransomware Payment Legislation, US Payment Processing Data Security, Google Compute Engine Vulnerability, NIST Critical Software

July 2nd, 2021|

1.  700 million LinkedIn Users Impacted By a Data Breach The corporate social network, LinkedIn, experienced a significant data breach that affected 92% of its user base. This incident was announced by the malicious actors, who successfully accessed sensitive user data by misusing API functionalities to conduct unauthorized data scraping activities. According to security researchers, this data breach affected over ...

1806, 2021

Double Ransomware Attacks, Carnival Cruise’s Data Breach, REvil Compromises U.S. Nuclear Weapons Contractor, CVS Gets Hacked, G7 Cracks Down On Russia

June 18th, 2021|

1.  After Paying Off The First Ransomware Demand, Most Firms Face A Second Ransomware Attack Security experts discovered that ransomware attackers deploy secondary ransomware attacks against firms that pay off initial ransom demands. After paying off a ransom demand, firms often receive a decryptor for their hijacked systems. However, most attackers corrupt hijacked systems by creating backdoors that allow future ...

1406, 2021

Chinese Threat Actors Target NY MTA, Surge in Brokerage Account Hacks, Fake Encrypted Chat Platform Anom Lures Criminals, Ransomware Attacks Prioritized as Terrorism

June 14th, 2021|

1.  Chinese Threat Actors Target New York’s MTA Chinese-sponsored threat actors leveraged Pulse Secure vulnerabilities to compromise systems belonging to the New York Metropolitan Transportation Authority (MTA). It is unclear why state-sponsored actors targeted the MTA. Still, security experts investigating the case speculate that China may be trying to obtain sensitive information on U.S. transit networks to gain an advantage ...

406, 2021

Antivirus Softwares Vulnerable to ‘Cut and Mouse’, JBS Foods Cyber-Attack, Ransomware Hinders Criminal Prosecutions, US Supreme Court Restricts CFAA, US Nuclear Bunker Secrets Discovered

June 4th, 2021|

1.  Security researchers reveal stealthy techniques to bypass antivirus tools and ransomware defenses Security researchers discovered significant vulnerabilities in popular antivirus tools, which could be exploited to deactivate protective mechanisms to launch ransomware attacks and other malicious operations. According to said researchers, of the 29 antivirus tools evaluated, 14 were found susceptible to the 'Ghost Control' attack technique. In comparison, ...

2105, 2021

Colonial Pipeline ransomware attack fallout, President Biden’s executive cybersecurity order, triple extortion, Truist Bank spear-phishing campaign, AXA Insurance becomes victim

May 21st, 2021|

1.  Congress introduced two bills in the wake of the Colonial Pipeline ransomware attack Following the recent ransomware attack against Colonial Pipeline, which caused gas shortages in several states, the U.S. Congress introduced two bipartisan bills designed to mitigate cybersecurity weaknesses across the nation’s critical infrastructure, including the oil and gas sector. The first congressional bill, the Pipeline Security Act, ...

1405, 2021

TeaBot Wreaks Havoc, New Malware Strains run Wild, Small Business Ransomware, Microsoft Office 365 Insider Threats, CISA Issues Subpoena

May 14th, 2021|

1.  A New and Lethal Banking Trojan, TeaBot, Wreaks Havoc For European Financial Institutions Cybersecurity experts warn users of a new Android Trojan currently being exploited in the wild against banks and other financial institutions in the Netherlands, Spain, Belgium, and Italy. This trojan is called ‘TeaBot’ (or Anatsa), and it is used to hijack users’ credentials via SMS messages. ...

204, 2021

Hackers Target EDR Tools, Nuke Account Spouts Gibberish, Ransomware Labelled National Security Threat

April 2nd, 2021|

Threat actors find ways against common endpoint security tools, US government classifies ransomware as a national security threat, an unattended government agency Twitter account that is responsible for US nuclear arsenal tweeted gibberish, a deluge of tools is actually making it harder for IT teams to assess their network's security and PHP’S ‘Git’ server compromised to add Backdoors to PHP source codes.

503, 2021

Federal Patch Order for Microsoft Exchange, Investment Firms Newly Scammed, Ryuk Ransomware Spreads Laterally – Cybersecurity News

March 5th, 2021|

US Dept. of Homeland Security issues patch order to any federal agencies using Microsoft Exchange, fake "capital call" emails target investors and investment firms, Ryuk ransomware adapts to move laterally through Windows LAN devices, Mobile adware campaigns targeting online banking and crypto-currency wallets sees expansive growth and threat actors game Google's SEO to prioritize payload distribution from fake sites.

2602, 2021

Unpatched Jail Software Forgets to Release Prisoners, Sequoia Venture Capital Hacked, Ransomware Strikes Aerospace Vendor – IT Security News and Trends

February 26th, 2021|

Major venture capital firm Sequoia fell victim to a targeted phishing campaign. Non-violent prisoners were kept after their scheduled release dates in Arizona due to a bug in custom software that failed to update prisoner records accurately. CLOP ransomware gang struck Bombardier, shadow attacks dupe PDF anti-tampering security and NGINX misconfigurations lead to website attacks.

1902, 2021

Kia Motors Hack, California DMV Data Breach, Morse Code Phishing Campaigns – Cybersecurity News and Trends

February 19th, 2021|

1. Kia Motors Suffers a Ransomware Attack, and a $20 million Ransom is Demanded The notorious ransomware gang, DoppelPaymer, has seized critical systems belonging to Kia Motors America. Thus, impacting business continuity within 800 dealerships; the integrity of critical data; and the company’s reputation. According to the attackers, to receive a decryptor and a return back to normalcy, Kia Motors ...

1002, 2021

Poor Patching Put Businesses At Risk, China Has Stolen Your Data, SolarWinds Hack legal changes – Cybersecurity News and Trends

February 10th, 2021|

New data shows slow or ineffective software patching leads to more than a quarter of cybersecurity vulnerabilities, Evanina: Chinese government has stolen 80% of personally identifiable US consumer data, threat actors now targeting supercomputers, US federal, legal agencies told to file paper documents, and new ransomware encrypts virtual disks using VMWare vulnerabilities .

1401, 2021

JetBrains Breach, US Formally Blames Russia for SolarWinds Hack; Babuk Ransomware – Cybersecurity News and Trends

January 14th, 2021|

A Widely Used Software Company, An Entry Point For Huge U.S. Government Compromise State intelligence agencies disclosed that a popular software company (JetBrains), based in the Czech Republic and founded by three Russian engineers, is likely the entry point that Russian-sponsored threat actors used to insert back doors into numerous large technology companies and major U.S. government systems. SolarWinds, one ...

3112, 2020

Cybersecurity in 2020: Year End Review

December 31st, 2020|

The year 2020 definitely made its way into everyone’s ‘naughty list’ for different reasons. Of course, COVID-19 was the chief reason, but we shall highlight more reasons in this article. The world faced an overwhelming number of cybersecurity threats in 2020: ransomware attacks increased by 715%; business email compromises (BECs) and phishing exploits were more sophisticated than ever before; third party and state-sponsored supply ...

1812, 2020

Our Response to the SolarWinds Hack – A Global Cyber Pledge

December 18th, 2020|

Why should I take the #globalcyberpledge? How we're solving cybersecurity by individuals coming together and getting educated? What is the need for continuous improvement? Our privacy and freedom are under attack by foreign, state-sponsored bad actors and we’re standing by letting it happen. Why? Because the answers are right in front of us yet we remain complacent. Back in ...

Search All Resources:

Join the IT-security paradigm shift!

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Get Updates Right In Your Inbox

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Go to Top