Kaspersky is expanding its Digital Footprint Intelligence with a malicious domain removal service. Kaspersky Takedown Service provides end-to-end management of the entire process of removing malicious phishing domains. Along with Kaspersky Digital Footprint. If a company cannot clean up the malicious content,…
Even if the feared mass exploitation of the Log4j / Log4Shell vulnerability has not yet taken place, the bug will be a target for attacks for years to come, according to Chester Wisniewski, Principal Research Scientist at Sophos. So far there has been no big Log4j / Log4Shell earthquake - a forensic status finding. The expert teams at Sophos have forensically analyzed the events surrounding the Log4Shell vulnerability since it was discovered in December 2021 and made an initial assessment - including a future forecast by Principal Research Scientist Chester Wisniewski and various graphics showing the exploitation of the vulnerability. The…
Although the Apache Foundation released a patch shortly after the discovery of Log4j / Log4Shell, this vulnerability continues to pose a major threat to consumers and businesses. Kaspersky products blocked 30.562 attack attempts in the first three weeks of January. The vulnerability is extremely attractive to cyber criminals as it is easy to exploit and allows them to take complete control over the victim's system. Log4j: Kaspersky already blocked over 150.000 attacks Since initial reporting, Kaspersky products have detected and blocked 154.098 attempts to scan and attack devices by targeting…
Cyber criminals are increasingly using phishing campaigns to attack cloud offerings such as Office 365. A compromised account belonging to an insider is worth its weight in gold for them, as it not only allows them to read emails, but also access connected services – and launch further attacks. NTT Ltd. explains how businesses should respond to the threat of phishing. With several million active company users every day, cloud offerings such as Office 365 are becoming increasingly attractive for cybercriminals: They can use the attack techniques and tools developed for several attack targets, i.e. companies. In addition, because of the abundance of data, cloud accounts and the services associated with them are…
Varonis security researchers have discovered a way to bypass multi-factor authentication (MFA) via SMS for Box accounts. Attackers with stolen credentials were able to compromise an organization's Box account and exfiltrate sensitive data without having to access the victim's phone. Security researchers reported this vulnerability to Box on November 3, 2021 via HackerOne, which prompted it to be closed. Just last month, Varonis Thread Labs demonstrated how to bypass Box's TOTP-based MFA. Both gaps make it clear that cloud security, even when using seemingly secure technologies, is never...
Beyond Identity was nominated for membership in the Microsoft Intelligent Security Association - MISA because its platform leverages the device management capabilities of Microsoft's Endpoint Manager to make risk-based authentication decisions. Beyond Identity becomes a member of the Microsoft Intelligent Security Association (MISA). MISA is an association of independent software vendors and managed security service providers who have integrated their solutions with Microsoft's security products to help mutual customers better protect themselves against increasing cyber threats. To be eligible for MISA, companies must be nominated by Microsoft…
Drivelock offers its customers a scanner via the Vulnerability Management Dashboard to check whether they are affected by the Log4j or Log4shell vulnerability at all. All you have to do is add a test string. Log4j has been on everyone's lips for several weeks. DriveLock had already commented on this in a detailed blog post on Log4j and Log4Shell. There are many descriptions of the vulnerability and criticality (CVE-2021-44228 in Apache Log4j 2) on the Internet. Nevertheless, many IT departments are already challenged with the simple question: "Am I affected at all and if so,...
When it comes to IT security, we are in a race against time. Attackers are always one step ahead of us, constantly experimenting with new techniques and tactics, or redesigning and recombining old techniques. If you want to protect yourself, you have to continuously configure and redefine your own threat detection and response capabilities in order to even be able to detect new attack vectors. All of this increases the challenge for the attackers, who are far from discouraged by this, but instead always find new ways...
CrowdStrike Falcon ZTA helps organizations implement a holistic cybersecurity approach to protect data and users from supply chain attacks, ransomware and wormable exploits. CrowdStrike extends Zero Trust support to macOS and Linux, enabling cross-platform protection. CrowdStrike Inc., a leading provider of cloud-based endpoint, workload, identity and data protection, announced that Zero Trust Assessment is now available for macOS and Linux. With this, CrowdStrike extends its comprehensive protection to all platforms with an identity- and data-centric approach. Additionally, CrowdStrike announced new Zero…
Part of the Lazarus group developed complex infrastructure, exploits and malware implants. Threat Actor BlueNoroff Drains Cryptocurrency Startup Accounts. BlueNoroff uses comprehensive attack methodology. Kaspersky security researchers have uncovered a series of attacks by Advanced Persistent Threat (APT) actor BlueNoroff on small and medium-sized businesses worldwide. The victims suffered large cryptocurrency losses in the process. Dubbed 'SnatchCrypto', the campaign targets various companies involved in cryptocurrencies as well as smart contracts, DeFi, blockchain and the FinTech industries. In the recent campaign by threat actor BlueNoroff, attackers subtly leveraged employee trust…
