News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

What is the goal of ransomware attacks on cities and towns?
What is the goal of ransomware attacks on cities and towns?

There are more and more reports in the media about cyber attacks with ransomware on cities, municipalities and their administrations. However, no administration pays the ransom. So who benefits from all this? Richard Werner, business consultant at Trend Micro, gives very interesting answers to B2B CYBER SECURITY in an interview. The list of cities and communities attacked is now really long. Just recently, 12 Bavarian communities were paralyzed and blackmailed. Before that, there was a cyber attack with ransomware on the IT service provider Südwestfalen-IT by the Akira ransomware group. The provider supplies, among other things, 72 municipalities with IT services. All…

Read more

Whaling: AI-supported attacks on the big fish!
Whaling: AI-supported attacks on the big fish! - Image by istvangyal on Pixabay

The attackers try to catch the big fish in the company: In cybersecurity, this is called “whaling”. AI-powered whaling attacks threaten CEOs, lawmakers and the military. “Harpoon Whaling” is the refined method with VIP service. “Whaling” is about catching big fish. The targets of cybercriminals are executives of successful companies, high-ranking officials and military personnel. It's about stealing information or siphoning off large sums of money. The Harpoon Whaling in particular - a subspecies of Whaling - is perfidious because the attackers automatically collect extensive information about their victims and organize it using nested…

Read more

Forensics of real cyber attacks reveals attackers' tactics
SophosNews

Detailed investigation of the cases taken over by the Sophos Incident Response Team shows that attackers spend less and less time in the infiltrated network before launching their attack. This is the analysis of the Sophos Active Adversary Report for Tech Leaders 2023. They also need less than a day to access the Active Directory. The majority of ransomware attacks take place outside of business hours. Sophos today releases its Active Adversary Report for Tech Leaders 2023. The report provides a detailed look at attacker behavior and tools in the first half of 2023. On…

Read more

CosmicBeetle attacks European organizations 
B2B Cyber ​​Security ShortNews

The hacker group CosmicBeetle attacks organizations worldwide, especially European ones. The group uses the Spacecolon toolset to spread ransomware among its victims and extort ransoms. The attackers exploit the zero-logon vulnerability in web servers for their attacks. Alternatively, hackers resort to classic brute force attacks on RDP credentials to break into organizations. Spacecolon has been active since at least May 2020 to date. CosmicBeetle also operates globally The specialists at ESET were able to track CosmicBeetle and its tools worldwide. Countries in the European Union such as Spain, France, Belgium, etc. are particularly affected.

Read more

APT41: Chinese Android Monitoring Software Detected
B2B Cyber ​​Security ShortNews

Android surveillance software attributed to Chinese group APT41 has recently been discovered, according to experts at Lookout. Attacks by hacker groups like APT41, which focus on mobile devices, show that mobile endpoints are high-value targets with coveted data. WyrmSpy and DragonEgg are the two new dangerous variants of Android surveillance software discovered by Lookout. These spy apps are attributed to the well-known Chinese threat group APT41. Although the US government has filed multiple indictments over the group's attacks on more than 100 private and public companies in the US and around the world...

Read more

Dangerous Sleeper: Emotet explores new attack vectors
B2B Cyber ​​Security ShortNews

In 2021, the network around Emotet was broken up. But that doesn't mean that Emotet has completely disappeared from the web. On the contrary: there are always signs that the group around Emotet is looking for new avenues of attack. Since its return, Emotet has appeared in several spam campaigns. Mealybug, the hacker group behind the botnet, has developed numerous new modules and revised existing ones. The masterminds behind Emotet learned a lot from the takedown two years ago and invested a lot of time in preventing their botnet from being discovered. Emotet's infrastructure is dead - the...

Read more

Bad bots provide the most traffic in Germany
B2B Cyber ​​Security ShortNews

In 2022, 68,6 percent of all internet traffic in Germany came from bots, a significant increase compared to the previous year (39,6 percent). In an analysis, Imperva examined the number of bots on the Internet over the past ten years. The 68,6 percent of bot traffic is offset by the proportion of traffic generated by human users at 25,2 percent, which is a rapid decrease compared to 2021 (57,4 percent). When it comes to the performance of the bots, Germany is exactly in line with the global average at 51,2 percent. Malicious bots pose a significant risk to businesses: they compromise accounts, steal data…

Read more

Cybercrime: The end goal is always clear – money!
Cybercrime: The end goal is always clear: money!

Cybercrime is a money-making business. It is subject to trends, picks up on current developments and is constantly changing. So the insight and outlook is always just a snapshot or a trend, such as the adoption of vulnerable signed drivers and tactics of state groups. The reuse of existing attack techniques and the emergence of new attacks are common in the threat landscape. Cyber ​​criminals often continue to use successful tools and techniques and will continue to do so until they no longer work. Says John Shier, Field CTO Commercial at Sophos. Cyber ​​criminals are extremely…

Read more

Blocked macros: Attackers find new ways
Blocked macros: Attackers find new ways

Since Microsoft has now blocked all macros by default, cyber attackers have been looking for new ways - and they find them. Security researchers from Proofpoint observed this and were able to gain insights into the behavior of cybercriminals. These warps are largely due to Microsoft now blocking macros by default. All players in the cybercriminal food chain - from the small, inexperienced hacker to the most experienced cybercriminals executing large-scale ransomware attacks - are therefore forced to adapt the way they work. No macros? There are other ways! Proofpoint's security researchers were able to gain valuable insights into the changing behavior of cybercriminals...

Read more

The most dangerous attack method: social engineering
The most dangerous attack method: social engineering

According to Verizon's Data Breach Investigations Report, 74% of security breaches are the result of successful social engineering attacks, bugs, abuse, and other human weaknesses. Also in many companies. A little good news: In the previous year, 82 percent of security breaches were recorded. But 74 percent remain social engineering attacks, according to Verizon's Data Breach Investigations report. The most successful attack method with 50 percent is pretexting, i.e. a social engineering activity with a specific pretext as the trigger. This is a double increase compared to last year. Phishing, phishing, phishing pretexting is...

Read more