December 5, 2024 at 10:41AM Latrodectus is a sophisticated malware family targeting corporate networks and financial institutions, leveraging advanced tactics like phishing and dynamic API resolution for data theft while evading detection. It utilizes a modular design for adaptability and persistence. Effective defenses include employee training, endpoint security, network segmentation, and regular updates. ### Meeting … Read more
October 16, 2024 at 04:09PM EDRSilencer, an open-source tool used in red-team operations, is being exploited by threat actors to disable security alerts and evade detection by blocking 16 common EDR tools. This shift enhances stealth for malicious activities, prompting researchers to advise organizations to adopt advanced detection and threat-hunting strategies. ### Meeting Takeaways: 1. … Read more
October 13, 2024 at 09:09AM The education sector is increasingly targeted by cyber attackers due to its sensitive data and vulnerable IT environments. Schools face average weekly attacks and require robust security measures, including user education on best practices like multifactor authentication, to mitigate risks from hacking, phishing, and other threats from groups like Iran … Read more
July 31, 2024 at 10:09AM According to Netwrix’s “2024 Hybrid Security Trends Report,” ransomware and other malware attacks are major security incidents. There’s debate about making ransomware payments illegal. While banning payments might eliminate cybercriminals’ incentive, it could lead to complex ethical and legal issues, including underreporting and disproportionate impact on small businesses. A multifaceted … Read more
July 18, 2024 at 04:03PM Ransomware Awareness Month in July raises awareness of ransomware as a top cyber threat. The recent attacks on CDK Global by the BlackSuit group demonstrate the severity, impacting 15,000 auto retailers. There’s been a 29% increase in ransomware attacks in Q1 2024, emphasizing the urgency for organizations to prioritize good … Read more
June 20, 2024 at 05:32PM RansomHub ransomware has a Linux encryptor tailored for VMware ESXi environments. Launched in February 2024, RansomHub has affected over 45 victims across 18 countries. An ESXi variant was detected in April 2024, presenting a bug that defenders can exploit. Additionally, the encryptor has specific commands and a unique encryption scheme. … Read more
May 30, 2024 at 07:45AM Europol conducted Operation Endgame, shutting down infrastructure linked to malware loaders like IcedID and TrickBot. The action led to the dismantling of over 100 servers globally and the arrest of four individuals. This resulted in the confiscation of more than 2,000 domains, with one suspect allegedly making €69 million from … Read more
May 29, 2024 at 08:12AM Cigent Technology introduces new endpoint data protection platform focusing on preventing ransomware by safeguarding customer data from encryption and exfiltration. The approach prioritizes data protection to prevent the need for response post-detection. The solution provides user-friendly, automatic encryption and MFA authentication, with flexibility in protecting files and integrating with existing … Read more
February 29, 2024 at 04:24PM Morphisec’s endpoint security system (MTD) appoints Ron Reinfeld as the new CEO, succeeding Ronen Yehoshua, who remains the President. Reinfeld’s CFO experience at IntSights and Zooz, along with advisory roles at tech startups, positions him to lead Morphisec’s continued growth and profitability. The company’s positive shift includes plans for ongoing … Read more
February 2, 2024 at 05:31PM Welcome to CISO Corner, a weekly digest presented by Dark Reading catering to security operations readers and leaders. In this issue, discussions include the evolving role of the Chief Information Security Officer, tailored cybersecurity education for younger users, the adoption of Secure Access Service Edge (SASE) by airlines, recognizing security … Read more