October 3, 2024 at 10:45AM Linux servers are under attack by a persistent campaign delivering perfctl malware, aiming to run a cryptocurrency miner and proxyjacking software. The elusive and stealthy malware employs sophisticated techniques including exploiting a security flaw in Polkit. It’s recommended to keep systems updated, restrict file execution, and enforce network segmentation to … Read more
August 22, 2024 at 05:43PM Qilin ransomware group deployed a custom stealer to harvest Google Chrome credentials, constituting a concerning shift in ransomware tactics. The attack involved gaining network access, 18 days of reconnaissance, credential theft via PowerShell script, event logs deletion, and ransomware deployment. Organizations are advised to prohibit browser secret storage, implement multi-factor … Read more
August 9, 2024 at 10:01AM Verizon’s latest report shows a threefold increase in hacker exploitation of vulnerabilities, raising concerns for cybersecurity leaders. Organizations face challenges in managing vulnerabilities, with the expanding attack surfaces and difficulties in patching. The report also highlights the growing risks posed by software and partner ecosystems, emphasizing the need for proactive … Read more
July 23, 2024 at 05:05AM A new malware called FrostyGoop has been linked to an attack in January 2024 that disrupted heating services in 600 apartments in Lviv, Ukraine. This malware allows attackers to interact with industrial control systems using the Modbus protocol. The attack involved sending unauthorized commands to heating system controllers, resulting in … Read more
May 2, 2024 at 10:05AM The corporate IT landscape is shifting due to SaaS adoption and BYOD practices, providing flexible work options. However, integrating personal devices into corporate systems brings security challenges. Mobile device management and secure remote access are key solutions, along with implementing extra controls like antivirus protection and network access control to … Read more
April 11, 2024 at 12:42PM Zscaler announced the planned acquisition of Airgap Networks, a startup focusing on network segmentation and secure access technologies. Financial details were not disclosed. Zscaler intends to combine Airgap’s technology with its Zero Trust SD-WAN suite to protect east-west traffic in various environments without the need for additional hardware or disruption. … Read more
April 10, 2024 at 04:32PM The National Security Agency has issued new guidance for implementing a zero-trust cybersecurity framework, emphasizing the prevention of unauthorized data access. Recommendations include encryption, data labeling, loss prevention strategies, and data rights management tools. These align with zero-trust concepts to counter sophisticated cyberattacks. The agency urges a proactive approach based … Read more
March 13, 2024 at 10:45AM Ransomware attacks on the healthcare sector continue and are unlikely to decrease due to the industry’s susceptibility to exploitation. The sector’s reliance on diverse OT devices controlled by IT systems over WiFi, coupled with challenges in patching and device management, poses a significant security risk. Segmentation is recommended to mitigate … Read more
March 8, 2024 at 08:07AM The NSA released guidelines for zero-trust network security, aiming to bridge the gap between desire and implementation. As businesses increasingly adopt zero trust in the cloud era, the approach to network security is evolving. The document emphasizes network segmentation as a fundamental practice and recommends a methodical approach in implementation … Read more
December 12, 2023 at 02:44PM Security vulnerabilities in Google Cloud’s “Dataproc” service could allow hackers to access sensitive data and execute unauthorized operations due to default open firewall ports without authentication. Despite researchers’ efforts, Google has not addressed the issue. They recommend proper network segmentation and vulnerability management to mitigate the risk until a fix … Read more