Articles Tagged with ''malware''

Cybercriminals exploited pandemic with shift to targeted, sophisticated attacks

February 17, 2021

Malwarebytes announced the findings of its annual “State of Malware” report. The latest report explores how the global pandemic forced many employees to quickly become a remote workforce and confined consumers to their homes. In the wake of this change, cybercriminals ditched many of their old tactics, placing a new emphasis on gathering intelligence, and exploiting and preying upon fears with targeted and sophisticated attacks. As a result, the State of Malware Report found a notable shift in the devices targeted and strategies deployed by cybercriminals.

New TeamTNT malware targeting Kubernetes

February 4, 2021

Palo Alto Unit 42 researchers have detected a new malware campaign targeting Kubernetes clusters. The attackers gained initial access via a misconfigured kubelet that allowed anonymous access.

New malware discovered in SolarWinds investigation

January 20, 2021

Symantec's Threat Hunter Team, a group of security experts, have uncovered an additional piece of malware used in the SolarWinds attacks which was used against a select number of victims that were of interest to the attackers. According to Symantec, the malware, Raindrop is a loader which delivers a payload of Cobalt Strike. Raindrop is very similar to the already documented Teardrop tool, but there are some key differences between the two.

Cybercriminals targeting K-12 distance learning education to cause disruptions and steal data

December 11, 2020

A new Joint Cybersecurity Advisory, coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services.

Top US states least likely to go bankrupt after a cyberattack

December 10, 2020

Verizon cybersecurity leaders evaluated which states’ businesses fare best after cyberattacks. To determine the odds of a business recovering from a cyberattack in any given state, they analyzed a host of factors, including internet privacy laws and the number of cyberattacks businesses within each state suffer each year. Here’s what they found.

CISA releases alert on heightened awareness for Iranian cyber activity

December 4, 2020

Iranian cyber threat actors have been continuously improving their offensive cyber capabilities. They continue to engage in more conventional offensive cyber activities ranging from website defacement, distributed denial of service (DDoS) attacks, and theft of personally identifiable information (PII), to more advanced activities—including social media-driven influence operations, destructive malware, and, potentially, cyber-enabled kinetic attacks, warns the Cybersecurity and Infrastructure Security Agency (CISA).

Lazarus misuses legitimate security software in a supply-chain attack in South Korea

November 17, 2020

ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus since South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.

Malware activity spikes 128% in Q3

November 17, 2020

The Q3 2020 Threat Landscape Report by Nuspire demonstrates threat actors becoming even more ruthless. Throughout Q3, hackers shifted focus from home networks to overburdened public entities, including the education sector and the Election Assistance Commission (EAC). Malware campaigns, like Emotet, utilized these events as phishing lure themes to assist in delivery.

Security 500 Thought Leader Profiles

Leo Simonovich: Thriving in a Digitized Environment

November 5, 2020

In the energy sector, the stakes are high when it comes to cybersecurity. Unlike other fields where malware could cause havoc and delay services, attacks within the energy sector could potentially cut off electricity to millions of customers in the United States and around the world. Leo Simonovich, VP and Global Head of Industrial Cyber and Digital Security at Siemens Energy, is focused on ensuring that doesn’t happen.

Attackers targeting non-governmental organizations in Myanmar with new ‘KilllSomeOne’ backdoor

Operators used four different DLL side-loading scenarios to install and execute new malware after removing a resident PlugX Backdoor

November 4, 2020

Sophos uncovered attackers using DLL side-loading to execute malicious code and install backdoors in the networks of targeted organizations. A report published, “A New APT uses DLL Side-loads to Killl Someone,” outlines the discovery of four different DLL side-loading scenarios, which all share the same program database path and some of which carry a file named “KilllSomeOne.”

Workplace violence remains one of the most complex challenges facing healthcare organizations today. For executive security professionals, the stakes have never been higher: protecting staff, patients, and visitors while preserving a culture of compassion, dignity, and service.