Ukraine’s Volunteer ‘IT Army’ Is Hacking in Uncharted Territory
Credit to Author: Matt Burgess| Date: Sun, 27 Feb 2022 20:25:30 +0000
The country has enlisted thousands of cybersecurity professionals in the war effort against Russia.
Read moreMonth: February 2022
Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits
Credit to Author: gallagherseanm| Date: Mon, 28 Feb 2022 12:30:19 +0000
An unpatched Microsoft Exchange Server let both ransomware actors in; Karma just stole data, while Conti encrypted.
Read moreBehavioral Analytics is getting trickier
Credit to Author: Evan Schuman| Date: Mon, 28 Feb 2022 03:00:00 -0800
Behavioral analytics is one of the best authentication methods around — especially when it’s part of continuous authentication. Authentication as a “one-and-done” is something that simply shouldn’t happen anymore. Then again, I’ve argued the same thing about using unencrypted SMS as a form of multi-factor authentication and I sadly still see that being used by lots of Fortune 1000 firms.
Oh well.
Although most enterprise CISOs are fine with behavioral analytics on paper (on a whiteboard? As a message within Microsoft Teams/GoogleMeet/Zoom?), they’re resistant to rapid widespread deployment because it requires creating a profile for every user — including partners, distributors, suppliers, large customers and anyone else who needs system access. Those profiles can take more than a month to create to get an accurate, consistent picture of each person.
TrickBot takes down server infrastructure after months of inactivity
Credit to Author: Pieter Arntz| Date: Mon, 28 Feb 2022 12:15:31 +0000
After months of spam silence, TrickBot has pulled the plug on its server infrastructure. Is this the end of an era?
The post TrickBot takes down server infrastructure after months of inactivity appeared first on Malwarebytes Labs.
Read moreA week in security (February 21 – February 27)
Credit to Author: Malwarebytes Labs| Date: Mon, 28 Feb 2022 11:37:42 +0000
The most important and interesting security stories from the last seven days.
The post A week in security (February 21 – February 27) appeared first on Malwarebytes Labs.
Read moreDDoS Attempts Hit Russia as Ukraine Conflict Intensifies
Credit to Author: Brian Barrett| Date: Sat, 26 Feb 2022 14:00:00 +0000
Plus: Hacker recruits, NFT thefts, and more of the week’s top security news.
Read moreThe Quiet Way Advertisers Are Tracking Your Browsing
Credit to Author: Matt Burgess| Date: Sat, 26 Feb 2022 12:00:00 +0000
Cookies are on the way out—but not enough is being done about browser fingerprinting. So what is it?
Read moreUkraine’s Defense—and Hacktivists—Have Raised Over $4M in Crypto
Credit to Author: Andy Greenberg| Date: Fri, 25 Feb 2022 17:07:00 +0000
Russia’s invasion into the country sparked a surge of crypto donations to resistance groups.
Read moreThe Hunt for the Lost Soul: Unraveling the Evolution of the SoulSearcher Malware
FortiGuard Labs provides a deep analysis of the evolution of SoulSearcher malware focusing on a malicious DLL payload module. With reverse engineering the team analyzes the different components and the progression over time, mapping the evolution of the malware framework. Read more.
Ukraine Crisis Cyber-Readiness Checklist
Fortinet has assembled a readiness checklist focused on standard cyber hygiene and more to help in fighting against destructive cyber threats. Read to learn more.
Read more