News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: attack

Fileless Malware: Malicious code in Windows Event Logs
7 May 2022
| No comments
| Kaspersky, Short news
Kaspersky_news

Kaspersky experts have uncovered a new targeted fileless malware campaign. It is characterized by an innovative use of Windows Event Logs for storing malware and a variety of techniques used by the attackers. Commercial pentesting suites and anti-detection wrappers are used, including those compiled with Go. Several latest-generation Trojans were also deployed as part of the campaign. New Paths of Fileless Malware Attack Kaspersky experts have discovered a targeted malware operation using a unique technique: Fileless Malware is embedded in Windows Event…

Read more

Cybercrime trainees preparing for an attack?
2 May 2022
| No comments
| PR News, Sophos
Cybercrime trainees preparing for an attack?

Effective division of labor or breeding of cybercrime trainees? After a rather bumbling network infiltration, the professionals finally take over with Lockbit Ransomware. An interesting cyber case has caught the attention of the Sophos researchers. Sophos has uncovered a particular cyber attack: Cyber ​​criminals broke into a regional government server in the United States and stayed there for five months. During this time, they used the server to search online for a mix of hacking and IT administration tools that could help them deploy an attack. The attackers also installed a cryptominer before exfiltrating data and deploying Lockbit ransomware. Attack…

Read more

Cyber ​​criminals are targeting backups
28. February 2022
| No comments
| Short news
Trend Micro News

New study shows increased cyber attacks on Network Attached Storage (NAS) devices. A study by Trend Micro shows. that backups are increasingly being targeted by cybercriminals and gives recommendations for defense. Trend Micro, one of the world's leading providers of cybersecurity solutions, publishes a detailed study that reveals emerging threats to Network Attached Storage (NAS) devices. Cybercriminals take advantage of the fact that insufficiently protected devices are connected to the Internet, making them easier to find. Backups on it are a target. Targeting web-connected devices Users and businesses are increasingly aware of the…

Read more

Double attack via vulnerable Exchange servers 
24. February 2022
| No comments
| PR News, Sophos
Double attack via vulnerable Exchange servers

SophosLabs is investigating the use of the Squirrelwaffle malware "distribution station" in combination with social engineering. There was a double attack: malware droppers and financial fraud ran through the same vulnerable Exchange Server. An incident guide for security teams at organizations impacted by Squirrelwaffle. In a recent article, the Sophos Rapid Response Team describes a case where Squirrelwaffle malware exploited a vulnerable Exchange server to distribute malicious spam through hijacked email threads. At the same time, an email thread was stolen by the attackers in order to trick unsuspecting users into transferring money. Combination of Squirrelwaffle, ProxyLogon and ProxyShell The…

Read more

Chronology of a Midas ransomware attack
18. February 2022
| No comments
| Stories

The problem of unused and forgotten tools - chronology of a Midas ransomware attack. The Sophos Rapid Response Team describes how cybercriminals proceeded in a real Midas attack case and how they moved in the network via commercial tools from October to December 2021 before finally launching the ransomware attack. With an integrated security ecosystem and Zero Trust, attackers would have had little chance of infiltrating the network and the attacked organization would have had greater control over unauthorized network access. Major attack with Midas ransomware After a ransomware attack on a technology provider in December 2021…

Read more

DazzleSpy attacks visitors from pro-democracy news site 
9. February 2022
| No comments
| ESET, Short news
B2B Cyber ​​Security ShortNews

ESET researchers analyze special macOS spy software: DazzleSpy attacks visitors of pro-democracy news site in Hong Kong by executing itself as an exploit and implanting itself in the site visitor. Hong Kong radio station D100's website was compromised. A Safari exploit runs that installs spyware on the Macs of news portal visitors. The "watering hole" operations carried out by the attackers indicate that the targets are likely politically active, pro-democracy figures in Hong Kong. The ESET researchers have named the spy program DazzleSpy and examined it in more detail. The malware is capable of a variety of…

Read more

DDoS: Attacks in Q3 2021 - IT infrastructure providers in their sights
1 December 2021
| No comments
| Stories
DDoS: Attacks in Q3 2021 - IT infrastructure providers in their sights

DDoS attacks were more dangerous than ever in the 3rd quarter of 2021. The flood of attacks was unbroken, the attacks were broad and complex. Operators of digital infrastructures were particularly targeted. Link11, the leading European IT security provider in the field of cyber resilience, has published new figures from its network on the development of the DDoS risk: The number of DDoS attacks is still at a very high level in the 3rd quarter of 2021. After an increase of 2% compared to the same period of the previous year had already shown in Q2021 19, the number of attacks rose ...

Read more

DDoS extortion campaign targets VoIP providers
26 November 2021
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Since the beginning of September 2021, several Voice-over-IP (VoIP) communication providers have been attacked by a highly effective DDoS extortion campaign. The attacks resulted in failures and disruptions in VoIP operations and services around the world. In early October, the number of DDoS extortion attacks increased worldwide, affecting both wholesale and retail VoIP providers. In these attacks, the attackers tried to put the targeted organizations under massive pressure so that they would make extortion payments in cryptocurrency in return for stopping the attacks. At this point it should be pointed out again that paying ransom is no guarantee that the attacks will stop ...

Read more

1 in 10 ransomware victims pays the ransom
8 November 2021
| No comments
| PR News
1 in 10 ransomware victims pays the ransom

A recent survey by the cybersecurity experts at Hornetsecurity among more than 820 companies found that 21% of those surveyed have already been victims of a ransomware attack. Every 10th company paid the ransom. Ransomware is one of the most common and effective forms of cybercrime. Attackers encrypt a company's data and make it unusable until a ransom is paid. Over 9% of ransomware victims surveyed paid the ransom Of the 21% of companies that reported a ransomware attack, 9,2% were able to recover their data by paying the required ransom. The other respondents ...

Read more

Attacks with Conti ransomware on Exchange Server
8 October 2021
| No comments
| Short news, Sophos
SophosNews

Attacks with Conti ransomware on Exchange servers continue - and are becoming more and more efficient. SophosLabs discovered that the cybercriminals had introduced seven backdoors in an attack. Investigations into the latest attacks on Exchange servers with Conti ransomware have shown that the cyber criminals access the systems via ProxyShell. Various critical updates have been released over the past few months for the vulnerabilities in Microsoft Exchange. ProxyShell is a further development of the ProxyLogon attack method. In recent months, the exploit has become one of the most important tools for ransomware attackers - even for those who use the new ...

Read more

© 2024 MedPressIT GbR
Cookie Settings