Month: January 2021
Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide
30 January 2021Some 250 servers were apparently breached by the Lebanese Cedar APT group, an organization with suspected links to the Hezbollah Cyber Unit in Lebanon. The target victims include companies from many countries, including the United States, United Kingdom, Saudi Arabia, Egypt, Jordan, Lebanon, Israel and the Palestinian Authority. Many more companies and organizations have been […]
Read More
Firms with exposed IoT have a higher concentration of other security problems
29 January 2021Exposed enterprise IoT devices can be an indicator of security issues to come, with firms sporting exposed devices having a 62% higher density of other security problems, new research shows. For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post […]
Read More
Google uncovers new iOS security feature Apple quietly added after zero-day attacks
29 January 2021Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed “BlastDoor,” the improved sandbox system for iMessage data was disclosed by Samuel Groß, a security researcher with Project […]
Read More
New CISOs Survey Reveals How Small Cybersecurity Teams Can Confront 2021
29 January 2021The pressure on small to medium-sized enterprises to protect their organizations against cyberthreats is astronomical. These businesses face the same threats as the largest enterprises, experience the same (relative) damages and consequences when breaches occur as the largest enterprises but are forced to protect their organizations with a fraction of the resources as the largest […]
Read More
Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide
29 January 2021A “persistent attacker group” with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan (RAT) to break into companies worldwide and extract valuable information. In a new report published by the ClearSky research team on Thursday, the Israeli cybersecurity firm said it identified at least 250 […]
Read More
Cryptojacking malware targeting cloud apps gets new upgrades, worming capability
28 January 2021A piece of cryptojacking malware with a penchant for targeting the cloud has gotten some updates that makes it easier to spread and harder for organizations to detect when their cloud applications have been commandeered. New research from Palo Alto’s Unit 42 details how Pro-Ocean, which was used throughout 2018 and 2019 to illegally mine […]
Read More
European Authorities Disrupt Emotet — World’s Most Dangerous Malware
28 January 2021Law enforcement agencies from as many as eight countries dismantled the infrastructure of Emotet, a notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks over the past decade. The coordinated takedown of the botnet on Tuesday — dubbed “Operation Ladybird” — is the result of a joint effort between authorities in the […]
Read More
Italy CERT Warns of a New Credential Stealing Android Malware
28 January 2021Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video. Dubbed “Oscorp” by Italy’s CERT-AGID, the malware “induce(s) the user to install an accessibility service with which [the attackers] can read what is present and what is typed on the […]
Read More
Authorities Seize Dark-Web Site Linked to the Netwalker Ransomware
28 January 2021U.S. and Bulgarian authorities this week took control of the dark web site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. “We are striking back against the growing threat of ransomware by not only bringing criminal charges against the responsible actors, but also disrupting criminal online infrastructure and, wherever […]
Read More
Even dead employees pose a security risk when their accounts are still active
27 January 2021A recent ransomware attack highlight the dangers of extraneous accounts sitting on your network – particularly those belonging to former employees. Standard cyber hygiene calls for the purging of employees’ credentials accounts from a corporate network once they quit or are fired from their position. And on those occasions in which an employee dies, that […]
Read More