#RansomwareProtection

Akira ransomware is encrypting victims again following pure extortion fling

by

October 22, 2024 at 11:36AM Akira ransomware is returning to traditional encryption tactics after a hiatus from double extortion. Researchers note a shift towards operational efficiency and tactical adaptability, suspecting the development of a new encryptor. Akira targets vulnerabilities, particularly on ESXi and Linux systems, leveraging compromised credentials and phishing techniques to exploit networks. ### … Read more

SolarWinds Web Help Desk flaw is now exploited in attacks

by

October 16, 2024 at 03:57PM CISA added three vulnerabilities to its ‘Known Exploited Vulnerabilities’ catalog, including a critical SolarWinds flaw (CVE-2024-28987) due to hardcoded credentials, actively exploited by attackers. Federal agencies must update by November 5, 2024. Additional flaws in Windows and Mozilla Firefox are also noted, with active exploitation confirmed. ### Meeting Takeaways 1. … Read more

Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity

by

October 15, 2024 at 10:55AM Cyber threats targeting the 2024 US elections are escalating, with phishing kits, malicious domains, and ransomware attacks on the rise. Cybercriminals are leveraging AI and personal data to spread misinformation and undermine public trust. Vigilance and strong cybersecurity measures are crucial for stakeholders to protect the election process. **Meeting Takeaways … Read more

Microsoft: Schools Grapple With Thousands of Cyberattacks Weekly

by

October 14, 2024 at 04:15PM Microsoft’s report highlights the rising cybersecurity risks faced by K-12 and higher education institutions, often targeted due to their valuable private data. Challenges include limited security staffing, vulnerable IT systems, and young users’ lack of cybersecurity awareness. Effective protective measures include enhancing cyber hygiene and centralized technology monitoring. ### Meeting … Read more

Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?

by

September 19, 2024 at 02:33PM Service accounts have emerged as prime targets for attackers, with over 70% of ransomware attacks leveraging compromised service accounts for lateral movement. They possess high access privileges, low visibility, and lack adequate security controls. However, a unified identity security platform like Silverfort provides automated discovery, behavioral analysis, and virtual fencing … Read more

Google Introduces ‘Air-Gapped’ Backup Vault to Thwart Ransomware

by

September 11, 2024 at 02:06PM Google has introduced a new backup storage vault feature in its cloud service to defend against ransomware attacks. The feature offers immutable and indelible backups, safeguarding data from tampering and unauthorized deletion. It aims to protect backed-up data during encryption and extortion cyberattacks, providing secure storage and reliable recovery options … Read more

Strengthening enterprise storage against cyber threats

by

September 9, 2024 at 11:18AM Infinidat experts will present a webinar on September 16th, addressing the need for robust and resilient enterprise storage systems in the face of sophisticated cyber threats like ransomware and malware. Topics include reducing threat window, data immutability, and rapid recovery strategies. Register to gain insights into safeguarding your organization’s data. … Read more

Veeam warns of critical RCE flaw in Backup & Replication software

by

September 5, 2024 at 10:23AM Veeam has released a security bulletin addressing 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and ONE. The most severe is a remote code execution vulnerability on Veeam Backup & Replication, posing a high risk of ransomware exploitation. Multiple critical vulnerabilities have also been … Read more

Next-Generation Attacks, Same Targets – How to Protect Your Users’ Identities

by

September 2, 2024 at 03:24AM FBI and CISA issued a joint advisory on new ransomware threats, describing a cybercriminal group and methods. The rapid growth in attacks calls for urgent adjustments in cyber defense strategies. Phishing-resistant MFA is crucial, with next-generation solutions and targeted deployments recommended. Organizations need to upgrade defense strategies to protect against … Read more

SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024

by

August 29, 2024 at 04:49PM The SANS Institute has released a critical strategy guide, “ICS Is the Business,” in response to a 50% increase in ransomware attacks on ICS in 2023. Authored by Dean Parsons, the guide emphasizes the growing threat landscape, the impact of high-frequency attacks, ICS cybersecurity controls, and the role of AI, … Read more