Ransomware has become way more than a nuisance. It can bring a company to its knees or even put it out of business. Ransomware attacks are growing in frequency and in the amount demanded. What can be done to protect against ransomware attacks?
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Many companies pay a “bug-bounty” to researchers for discovering bugs in their software. Sadly, the bug hunters find they can make significantly more money selling access to systems using the bugs they discovered. They can also sell the access as a service so they retain the “secret” of the bug they discovered but monetize it to many buyers who are out to do harm.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Parler gained prominence as the “Free-Speech” social network. But they made a mistake in configuring the service that allowed all their data to be stolen.
https://www.wired.com/story/parler-hack-data-public-posts-images-video/
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
EDR, End Point Detection and Response is a well-established protection approach. It looks at what is happening on a company’s end points, analyzes that, and takes automated action. But EDR doesn’t look at the servers, cloud, applications, or the network. XDR covers all of it.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
The double threat of ransomware is encrypting your data to prevent you from getting to it and stealing the data first with the threat of releasing it if you do not pay the ransom. The second part of this threat has come true for many companies with an activist group called Distributed Denial of Secrets publishing over 1 terabyte of data stolen in multiple ransomware attacks.
https://www.darkreading.com/risk/ransomware-victims-data-published-via-ddosecrets/d/d-id/1339848
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
With the end of the holidays comes a welcome rest from the stress. And the pandemic added to the stress. But cybercrime doesn’t end after the holidays. It’s expected to increase this year, so it is essential to remain vigilant.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
A backdoor account provides access to the administration of a device or application. In the case of Zyxel the backdoor was of the worst type, hard coded. This means it is not changeable by an administrator. And this one provides access at the highest administrative levels. Zyxel makes security products intended to keep networks and devices safe.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Source code is the human readable programming of a product or service. It is highly protected as it represents the intellectual property of a company. Having their source code exposed represents multiple risks for Microsoft and all its customers. The first is that others can then copy the software to compete with Microsoft and the second is that evil actors can determine better ways to attack it.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Much has been written about the SolarWinds attack because it achieved a new level of penetration. Malware was installed in a SolarWinds software module that went undetected and was distributed to customers of that software. The malware then invaded all those companies. The initial reports said few companies had received the compromised software. Now it is coming out that many companies received it and had their own systems compromised.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Healthcare has been a cyber target for a while. But the rate of cyberattacks against healthcare organizations rose 45% in the last two months. And this is more than double the rate in other industries. The intent is to shut down healthcare organizations or at least hamper efforts to provide care during the pandemic.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
The holidays are a time when we are rushed and looking for that last present or pandemic news, or even the latest weather report. Cybercriminals seek to take advantage of that by sending phishing emails and other techniques hoping you will let you guard down and click their links. Don’t fall for their scams.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Sometimes cyber news all seems to be bad. Here is some positive news. The named companies are working together to create ways to combat ransomware. Their ideas will be presented to the new administration in Spring 2021. This is good news as ransomware is a major source of problems earning $11.5 billion for cyber criminals in 2019 with the total expected to be higher in 2020 .
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Last week we heard about the devastating breach that installed malware in a SolarWinds IT management product that was then distributed as a product update to all their clients. IT has now come to light that there was a second unrelated group that used SolarWinds to distribute another form of malware.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
VPNs are tools used by companies and individuals to secure their network traffic. But they are also used by cybercriminals and other disreputable types to keep their information encrypted and away from the eyes of law enforcement. This article describes a coordinated effort by law enforcement to take over the servers of VPNs that cater to criminals.
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Virtual Private Networks, VPNs, are designed to provide a secure network path when people are out of the office. With the pandemic shift to working from home the VPNs became a necessary tool for many. VPNs require substantial infrastructure to work. So if they are free where is the money for that infrastructure coming from?
https://www.zdnet.com/article/why-even-the-best-free-vpns-are-not-a-risk-worth-taking/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=13210876&cid=2201587059
If clicking the link does not take you to the proper page, copy and paste the link into your browser.