Operators used four different DLL side-loading scenarios to install and execute new malware after removing a resident PlugX Backdoor
November 4, 2020
Sophos uncovered attackers using DLL side-loading to execute malicious code and install backdoors in the networks of targeted organizations. A report published, “A New APT uses DLL Side-loads to Killl Someone,” outlines the discovery of four different DLL side-loading scenarios, which all share the same program database path and some of which carry a file named “KilllSomeOne.”
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has awarded $2 million to the Critical Infrastructure Resilience Institute (CIRI), a DHS Center of Excellence (COE) led by the University of Illinois at Urbana-Champaign (UIUC), to develop a plan that CISA can execute to build a national network of cybersecurity technical institutes.
A Russian national was sentenced to eight years in prison for his role in operating a sophisticated scheme to steal and traffic sensitive personal and financial information in the online criminal underground that resulted in an estimated loss of over $100 million.
Ian Pratt, HP’s Global Head of Security for Personal Systems, believes hardware-embedded security paired with a robust cybersecurity education and cyber hygiene protocols for remote employees is core to any organization’s operational resiliency. Below, we speak with Pratt about the long-term security implications of the pandemic, what CISOs should be doing now to prepare for an increasingly uncertain future and where he believes cybersecurity is headed next.
Cybersecurity teams struggle with a lack of visibility into threats, endpoint devices, access privileges, and other essential security controls necessary for a robust cybersecurity posture. Without full visibility into their entire digital ecosystem, infosec teams cannot fully secure the assets on their networks or effectively prioritize the most serious threats. Below, I dive into how security professionals are still fighting the battle between effectively viewing serious threats and communicating cyber risk to company leadership.
Apricorn announced new findings from a Twitter poll exploring the data security and business preparedness for remote working during the pandemic. More than 30% of respondents singled out employee education as being the biggest area companies needed to make changes to improve cybersecurity.
Dell Technologies' third biennial Digital Transformation Index details how organizations are accelerating digital transformation projects amidst unprecedented uncertainty; 4,300 business leaders in 18 countries weigh in
November 4, 2020
Dell Technologies released results from a global study that shows organizations are shifting their digital transformation programs into high gear and are on the path to accomplish in a few months what would normally have taken them years. The findings, updated biennially in the Dell Technologies' Digital Transformation Index (DT Index), indicate organizations are accelerating transformational technology programs during the global COVID-19 pandemic.
The ongoing COVID-19 pandemic has taken work out of the office and into the home for most people. This means workers are using their home networks and personal devices to connect to the office more than ever before. This shift in work patterns brings with it new network connectivity and security challenges for IT teams to tackle.
Potentially disruptive, and possibly violent, protests are likely in multiple U.S. cities amid the presidential election slated for today regardless of the outcome, according to WorldAware, a GardaWorld company. Due to the complexity of the electoral system and the consequences of the coronavirus disease (COVID-19) pandemic, it is highly likely that the winner of the election will not be legally recognized on election night and that major protests by activists supportive of both major parties will occur for an indeterminate period, with the possibility of clashes, arson, looting, and other violence, reaching unprecedented levels, says WorldAware.
Besides civil unrest and other physical security threats, the 2020 election also faces significant digital threats that could wreck havoc on U.S. election infrastructure and the legitimacy of the results.
The Maze ransomware group announced that they have officially closed down their ransomware operation and will no longer be leaking new companies' data on their site.