May 2022 – PossibleThreat Articles

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

May 31, 2022 0 Comments A Little Sunshine, advintel, conti, costa rica, crprensa.com, cyberscoop, Data Breaches, data ransom, hive, Ne'er-Do-Well News, Ransomware, russia's war on ukraine, unc1756

Credit to Author: BrianKrebs| Date: Tue, 31 May 2022 19:57:58 +0000

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.

MalwareBytes Security

Threat profile: RansomHouse makes extortion work without ransomware

May 31, 2022 0 Comments Cybercrime, cyberint, hagar margolin, hive, ransomhouse, Ransomware, saskatchewan liquor and gaming authority, shmuel gihon, slga, webz.io, white rabbit

Credit to Author: Jovi Umawing| Date: Tue, 31 May 2022 20:53:40 +0000

RansomHouse, a new extortion group, distances itself from ransomware. However, it seems like it had ties to ransomware groups in the past.

The post Threat profile: RansomHouse makes extortion work without ransomware appeared first on Malwarebytes Labs.

MalwareBytes Security

Runescape phish claims your email has been changed

May 31, 2022 0 Comments authenticator, automated, bank pin, discord, free, jagex, mmorpg, phish, phishing, runescape, scams, Server, webhook, webhooks

Credit to Author: Christopher Boyd| Date: Tue, 31 May 2022 20:08:04 +0000

We take a look at a Runescape-themed phishing mail targeting players of the smash MMORPG title, and explain how they steal the data.

The post Runescape phish claims your email has been changed appeared first on Malwarebytes Labs.

ComputerWorld Independent

Windows 11: Should you bypass the hardware block?

May 31, 2022 0 Comments small and medium business, Windows, Windows 10, windows 11, Windows Security

Credit to Author: Susan Bradley| Date: Tue, 31 May 2022 12:55:00 -0700

If you’re like most PC users, your current computer can’t run Windows 11. Microsoft has placed a line in the hardware sand to ensure that only modern machines with certain specifications that harden security can run Windows 11.

Well, sort of. The company provides a workaround, as I’ll discuss in a moment. Whether you should take advantage of this loophole to upgrade PCs (whether yours or your users’) to Windows 11 is the question.

First, if you want to know if a computer can run Windows 11, you can use the PC Health Check app, Microsoft’s diagnostic tool. But if your PC doesn’t support Windows 11, Microsoft’s app doesn’t do a great job of explaining why. Instead, I recommend using either the Windows 11 Requirements Check Tool from ByteJams.com or WhyNotWin11, available on Github. Both tools provide granular detail about why a machine won’t run Windows 11. On my personal laptop at home, for instance, the processor can’t support hardware for hypervisor enforced code integrity, nor does Windows 11 like the graphics display.

To read this article in full, please click here

ComputerWorld Independent

Why Industry 4.0 must think more like Apple

May 31, 2022 0 Comments Apple, industry, Internet of Things, iot security, Security

Credit to Author: Jonny Evans| Date: Tue, 31 May 2022 12:16:00 -0700

For industrial applications, the Internet of Things risks becoming the Internet of Thieves. Perhaps industries making use of connected solutions should take a leaf out the Apple book and lock down their infrastructure.

What the ethical hackers say

As digital processes become deeply embedded across every industry, it makes sense that industrial control systems were tested at this year’s Pwn2Own contest. Hackers were asked to seek out vulnerabilities in industrial software and systems.

Contest winners Daan Keuper and Thijs Alkemade found that once they managed to break into the IT networks used at these companies, it was “relatively easy” to then cause havoc with systems and equipment.

To read this article in full, please click here

MalwareBytes Security

FBI warns of education sector credentials on dark web forums

May 31, 2022 0 Comments bitcoin, breach, credentials, dark web, education, phish, Privacy, sale, university

Credit to Author: Christopher Boyd| Date: Tue, 31 May 2022 17:24:50 +0000

The FBI warns of education sector credentials being placed for sale on the dark web. We take a look at the risks involved.

The post FBI warns of education sector credentials on dark web forums appeared first on Malwarebytes Labs.

Security Wired

You Need to Update iOS, Chrome, Windows, and Zoom ASAP

May 31, 2022 0 Comments Security, Security / Privacy, Security / Security Advice

Credit to Author: Kate O’Flaherty| Date: Tue, 31 May 2022 11:00:00 +0000

Plus: Google patches 36 Android vulnerabilities, Cisco fixes three high-severity issues, and VMWare closes two “serious” flaws.

Microsoft Security

Streamlining employee onboarding: Microsoft’s response to the Great Reshuffle

May 31, 2022 0 Comments cybersecurity, Identity and access management, identity and access management series

Credit to Author: Emma Jones| Date: Tue, 31 May 2022 13:00:00 +0000

Verifiable credentials may help improve employee experience, an important factor HR and IT business leaders must pay attention to as expectations evolve.

The post Streamlining employee onboarding: Microsoft’s response to the Great Reshuffle appeared first on Microsoft Security Blog.

Microsoft Security

Secure access for a connected world—meet Microsoft Entra

May 31, 2022 0 Comments cybersecurity, Identity and access management, identity and access management series

Credit to Author: Emma Jones| Date: Tue, 31 May 2022 13:00:00 +0000

Identity is not just about directories, and access is not just about the network. Security challenges have become much broader, so we need broader solutions. We need to secure access for every customer, partner, and employee—and for every microservice, sensor, network, device, and database.

The post Secure access for a connected world—meet Microsoft Entra appeared first on Microsoft Security Blog.

Fortinet Security

Paying Ransomware? Should You Really Pay Ransom Settlements?

May 31, 2022 0 Comments

Ransomware is one of the top threats facing organizations and individuals today. While often organizations may feel compelled to pay ransom settlements, it is a decision that should be considered very carefully. Read more.

← Previous