News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: attack

Exchange hackers surrender to Office 365
2 April 2021
| No comments
| Barracuda, Stories
Exchange hackers surrender to Office 365

Attackers use SSRF vulnerability for extremely large-scale Exchange server takeovers. However: Exchange hackers capitulate to Office 365. A comment from Dr. Klaus Gheri, General Manager Network Security at Barracuda Networks. An outcry has raged through the Exchange email server community since last week after Microsoft announced that a cybercrime group known as Hafnium was launching its attack campaign to target vulnerabilities around Microsoft Exchange's Outlook Web Access interface exploits. And there are many weak points. The headlines that have been produced since then are correspondingly drastic. In general, companies across Germany are affected, in particular several federal authorities, including the Federal Environment Agency, which ...

Read more

Conti ransomware attack in the live report
March 8, 2021
| No comments
| Sophos, Stories
Conti ransomware in a live report

Five days in close contact with Conti ransomware: Sophos describes in three reports in detail the procedure of a real Conti ransomware attack and how it was stopped. Also included: attack behavior, technical background and practical tips for IT administrators. Conti ransomware attacks, which have been wreaking havoc since the middle of last year, are an impressive example of how cybercriminals use modern and sophisticated technology to plan their attacks in a targeted manner and thus greatly improve their chances of successfully penetrating company networks. In three detailed reports, the Sophos Rapid Response team describes a real attack and the course over five days: "This was a very fast ...

Read more

Emotet takedown is having an impact
26. February 2021
| No comments
| GData, Stories
Emotet takedown is having an impact

The internationally concerted takedown of the Emotet botnet is having an effect: G DATA CyberDefense's Emotet tracking is quieter than before. How companies should take advantage of the breather now. Emotet has temporarily paralyzed the command and control server of the cybercrime's all-purpose weapon since the internationally coordinated takedown - this is shown by a current analysis by G DATA CyberDefense. The action by law enforcement agencies two weeks ago caused a stir around the world. G DATA has been closely monitoring Emotet for years in order to protect its customers as best as possible. "The Emotet takedown is a great success against organized crime, it shows ...

Read more

Backdoor Kobalos targets supercomputers
24. February 2021
| No comments
| ESET, Short news
Eset_News

As reported by ESET, supercomputers around the world are threatened by the Kobalos backdoor. Remote access gives cybercriminals unimagined opportunities. With their enormous computing power, supercomputers shouldn't get into the hands of criminals - the consequences would be fatal. But that's exactly what happened after discoveries by ESET researchers. Strangers use the Kobalos backdoor to successfully attack so-called performance computer (HPC) clusters and gain extensive access. The victims include a large Asian ISP, a North American endpoint security provider, and several corporate and government servers. Attack against Linux, BSD and Solaris Kobalos was launched for Linux, BSD and Solaris ...

Read more

Agent Tesla tricked IT security
22. February 2021
| No comments
| PR News
Agent Tesla tricked IT security

Sophos today released a new report on the malware Agent Tesla: “Agent Tesla Amps Up Information Stealing Attacks”. In it, the IT security specialists describe how attackers use new techniques to disable endpoint protection before injecting the malware into the system. Agent Tesla is a widely used Remote Access Tool (RAT) known since 2014 and used by attackers for data theft - now new updates on details about the attacks have come to light. The creators offer it for sale on dark web forums and update it continuously. Cybercriminals…

Read more

Detect device ID attacks
10. February 2021
| No comments
| Stories
Device ID attack

Every mobile device has a unique identification number. This device ID can be used for various purposes. Website operators can use it to track and analyze the activities of individual users. This is not only used to identify usage problems or to display personalized advertisements, but also to protect the company from attacks, attempted fraud and espionage. Ultimately, device identification tools can increase security in 9 different ways. Roman Borovits, Senior Systems Engineer at F5, explains how companies can expose fraud, cyberattacks and other suspicious activity. 1. Recognize attackers, fraudsters and bots With the help of ...

Read more

Second wave of DDoS blackmailers
9. February 2021
| No comments
| PR News

The security company Radware warns of a second wave of ransomware attacks by a group that was already active in August 2020. In the last week of December 2020 and the first week of January 2021, Radware customers became targets of this global DDoS campaign for the second time. These received new emails that began with the words: “You may have forgotten us, but we have not forgotten you. We've been busy working on more profitable projects, but now we're back." The second wave, only to non-payer companies that received these emails, had already in August and September...

Read more

APT group attacks Mongolian authorities
9 January 2021
| No comments
| Short news
Eset_News

ESET announces: Operation StealthyTrident: espionage attack on Mongolian government agencies. Installation programs and the update system of frequently used software were provided with malicious code. Around 430 authorities in the Mongolian government have fallen victim to an APT group. ESET researchers found that the hackers compromised a chat software called Able Desktop, which is used in a business management suite popular in Mongolia. In a first step, the cyber criminals manipulated the installation program and later also the update system and used it to spread malware. The attacker's goal was to target sensitive ...

Read more

DDoS attacks are decreasing again
16 November 2020
| No comments
| Short news
Kaspersky_news

Kaspersky announces: the number of DDoS attacks in Q3 2020 will decrease by 73 percent after an increase during the corona pandemic. The number of attacks blocked by Kaspersky DDoS Protection and the commands received from the command and control servers fell significantly in the third quarter of 2020. Despite the decline, Kaspersky has not given the all-clear: Compared to the same period last year, there was still an overall increase in DDoS attacks. Many attacks during the lockdown The lockdown led to increased use of online services - and correlated with the interest of cyber criminals. There were educational and ...

Read more

QakBot malware poses a high security risk
3 November 2020
| No comments
| PR News
QakBot attack XML

The QakBot malware harbors a high security risk due to the often low detection rate. QakBot is distributed through XLSB files, making it difficult to spot. Qakbot is not new to malware, but the Hornetsecurity Security Lab is now warning of a new type of distribution: IT security experts have discovered that XLM macros are used in XLSB documents to distribute QakBot malware. Since both XLM macros and the XLSB document format are uncommon, these new malicious documents have a very low detection rate by current anti-virus solutions. What is QakBot? QakBot (also known as QBot, QuakBot, Pinkslipbot) has been around since ...

Read more

© 2024 MedPressIT GbR
Cookie Settings