Month: October 2020

KashmirBlack Botnet Membajak Ribuan Situs yang Berjalan Pada Platform CMS

29 October 2020

Aktif botnet terdiri dari ratusan ribu dibajak sistem tersebar di 30 negara mengeksploitasi “puluhan dikenal kerentanan” untuk target secara luas digunakan sistem manajemen konten (CMS). The “KashmirBlack” kampanye, yang diyakini telah dimulai sekitar November 2019, bertujuan untuk populer platform CMS seperti WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, OpenCart, dan Yeager. “Baik-dirancang infrastruktur membuatnya mudah […]

Read More

[Webinar and eBook]: Are You’re Getting The Best Value From Your EDR Solution?

28 October 2020

Many companies rely on Endpoint Detection and Response (EDR) solutions as their primary security tool to protect their organizations against cyber threats. EDR was introduced around eight years ago, and analysts now peg the EDR market size as $1.5 to $2.0 billion in annual revenue globally, expecting it to quadruple over the next five years. […]

Read More

TrickBot Linux Variants Active in the Wild Despite Recent Takedown

28 October 2020

Efforts to disrupt TrickBot may have shut down most of its critical infrastructure, but the operators behind the notorious malware aren’t sitting idle. According to new findings shared by cybersecurity firm Netscout, TrickBot’s authors have moved portions of their code to Linux in an attempt to widen the scope of victims that could be targeted. […]

Read More

Finnish psychotherapy center fires CEO for suppressing breach details

28 October 2020

Finnish psychotherapy center Vastaamo, which was blackmailed after experiencing a ransomware data breach, fired its CEO Ville Tapio for holding back information on the hack for close to 18 months. Based on investigations into the incident, it seems probable that the data breach that led to the theft of the customer database took place in […]

Read More

Threat automation, decentralized architecture among emerging post-COVID cyber trends

24 October 2020

By now, it’s news to approximately no one that the coronavirus pandemic has dramatically and perhaps permanently altered the way companies do business. As COVID-19 has upended our way of life and sent workers home, it has also caused widespread reevaluation of emerging IT and security trends. New research this week sheds new light on […]

Read More

New Framework Released to Protect Machine Learning Systems From Adversarial Attacks

23 October 2020

Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to organize the different techniques employed by malicious adversaries in subverting […]

Read More

Three reasons the ‘moving target defense’ can stop bot attacks

19 October 2020

Defense Secretary Mark Esper speaks at the Department of Homeland Security’s cyber summit held by CISA last year. DHS has pioneered Moving Target Defense, which aims to control change across multiple systems to increase uncertainty and apparent complexity for attackers, reducing their window of opportunity. Today’s columnist, John Briar of BotRx, outlines why MTD stands […]

Read More

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

16 October 2020

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ […]

Read More

State CIOs face same cyber issues as corporate peers, with budget constraints

16 October 2020

States must focus more on digital modernization and improve the role of CISOs, and the cyber issues they face mirror those of broad array of industries. The top barriers state CIOs face sound eerily familiar: lack of sufficient cybersecurity budget; inadequate cybersecurity staffing; legacy infrastructure and solutions to support emerging threats; lack of a dedicated […]

Read More

India Witnessed Spike in Cyber Attacks Amidst Covid-19 – Here’s Why?

15 October 2020

The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity. With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people […]

Read More