Month: September 2020

Building an intelligent cybersecurity strategy

30 September 2020

Today’s columnist, Marc Rogers of Okta, writes that security pros need to understand the motivations of their adversaries. Rogers points out that financially-motivated hackers operate like businesses ecosystems, with suppliers providing different parts of the operational needs and steps taken to offset costs to maximize profits. (CREDIT: Getty Images) “If you know the enemy and […]

Read More

Chinese APT Group Targets Media, Finance, and Electronics Sectors

30 September 2020

Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China. Linking the attacks to Palmerworm (aka BlackTech) — likely a China-based advanced persistent threat (APT) — Symantec’s Threat Hunter Team said the first wave of activity associated with this campaign began last year in August […]

Read More

LIVE Webinar on Zerologon Vulnerability: Technical Analysis and Detection

29 September 2020

I am sure that many of you have by now heard of a recently disclosed critical Windows server vulnerability—called Zerologon—that could let hackers completely take over enterprise networks. For those unaware, in brief, all supported versions of the Windows Server operating systems are vulnerable to a critical privilege escalation bug that resides in the Netlogon Remote Control Protocol […]

Read More

UHS confirms hospitals hit by cyberattack, some systems down

28 September 2020

Universal Health Services confirmed Monday that some of its hospitals are dealing with an ongoing, unspecified cyberattack. “We implement extensive IT security protocols and are working diligently with our IT security partners to restore IT operations as quickly as possible,” the company said in a public statement. “In the meantime, our facilities are using their […]

Read More

Researchers Uncover Cyber Espionage Operation Aimed At Indian Army

28 September 2020

Cybersecurity researchers uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information. Dubbed “Operation SideCopy” by Indian cybersecurity firm Quick Heal, the attacks have been attributed to an advanced persistent threat (APT) group that has successfully managed to stay […]

Read More

Red Team — Automation or Simulation?

28 September 2020

What is the difference between a penetration test and a red team exercise? The common understanding is that a red team exercise is a pen-test on steroids, but what does that mean? While both programs are performed by ethical hackers, whether they are in-house residents or contracted externally, the difference runs deeper. In a nutshell, […]

Read More

Microsoft Windows XP Source Code Reportedly Leaked Online

26 September 2020

Microsoft’s long-lived operating system Windows XP—that still powers over 1% of all laptops and desktop computers worldwide—has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft’s 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan, and […]

Read More

FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations

25 September 2020

Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. Developed by a German company, FinSpy is extremely powerful spying software that is being sold as a legal law enforcement tool to governments around the […]

Read More

Phishing attack targeted top financial pro at large company

12 September 2020

Attackers using a novel credential phishing attack that leverages Active Directory to verify a victim’s password and gain access to an Office 365 account targeted a top financial person in a division of a large American corporation. Once inside a victim’s account, bad actors could access sensitive financial documents, emails, calendar items and contact lists, […]

Read More

New Linux Malware Steals Call Details from VoIP Softswitch Systems

11 September 2020

Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed “CDRThief” that targets voice over IP (VoIP) softswitches in an attempt to steal phone call metadata. “The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records (CDR),” ESET researchers said in a Thursday […]

Read More