Microsoft Alerts Cryptocurrency Industry of Targeted Cyberattacks

Cryptocurrency investment companies are the target of a developing threat cluster that uses Telegram groups to seek out potential victims. Microsoft's Security Threat Intelligence Center MSTIC is tracking the activity under the name DEV-0139, and builds upon a recent report from Volexity that...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...

Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations

Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities wer...

How DevOps can protect cloud applications from cyberattacks

Many organizations today are moving away from centralized on-prem operations and towards highly scalable cloud solutions such as Amazon’s AWS Lambda functionality. This provides cost-saving benefits and reduces the overall management of an enterprise tech stack. Cloud computing architecture also...

Global Cyber Risk at Elevated Level

North America Least Prepared for Cyberattacks...

Email Cyberattacks on Arab Countries Rise in Lead to Global Football Tournament

Email Cyberattacks on Arab Countries Rise in Lead to Global Football Tournament By Daksh Kapur · November 17, 2022 This story was also written by Sparsh Jain. Figure 1 Global eyes are soon to be turned to the first global football tournament to be held in the Arab world kicking off on November 20...

Email Cyberattacks on Arab Countries Rise in Lead to Global Football Tournament

Email Cyberattacks on Arab Countries Rise in Lead to Global Football Tournament By Daksh Kapur · November 17, 2022 This story was also written by Sparsh Jain. Figure 1 Global eyes are soon to be turned to the first global football tournament to be held in the Arab world kicking off on November 20...

Advanced threat predictions for 2023

It is fair to say that since last years predictions, the world has dramatically changed. While the geopolitical landscape has durably shifted, cyberattacks remain a constant threat and show no signs of receding – quite the contrary. No matter where they are, people around the world should be...

Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless

Security researchers see updated tactics and tools—and a tempo change—in the cyberattacks Russia’s GRU military intelligence agency is inflicting on Ukraine...

Cloud Security: Buyer Be Critical

Tailoring solutions to challenges It takes a toolbox with different, well, tools to secure an ever-expanding operational perimeter in the cloud. Think about what’s under the general daily purview of cloud security teams: preventing misconfigurations, taming threats and vulnerabilities, and so muc...

Security Advisory 0081

Security Advisory 0081 PDF Date: November 1, 2022 Revision | Date | Changes ---|---|--- 1.0 | Nov 1, 2022 | Initial release Description Arista Networks is providing this security update in response to the following related security vulnerabilities: CVE-2022-3602 - An attacker can craft a maliciou...

Securing IoT devices against attacks that target critical infrastructure

South Staffordshire PLC, a company that supplies water to over one million customers in the United Kingdom, notified its customers in August of being a target of a criminal cyberattack. This incident highlights the sophisticated threats that critical industries face today. According to South...

CISA Adds Two Known Exploited Vulnerabilities to Catalog   

CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Prevent Ransomware Attacks on Critical Infrastructure

Cyberattacks against critical infrastructure can cause massive societal disruption and take an enormous financial toll. Discover how to protect six key OT domains to help prevent ransomware and other threats to essential operations...

Omnicell Healthcare Company Confirms Ransomware Incident

In a US SEC Securities and Exchange Commission 8-K filing, Omnicell, the healthcare technology provider, revealed that some of its products, services, and internal systems were affected by ransomware. Upon detecting the incident, the medication management systems provider took immediate action to...

CISA Has Added One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...

Evolution of BazarCall Social Engineering Tactics

Evolution of BazarCall Social Engineering Tactics By Daksh Kapur · October 6, 2022 What is BazarCall? As nicely defined in this article by Microsoft: BazarCall campaigns forgo malicious links or attachments in email messages in favor of phone numbers that recipients are misled into calling. It’s ...

Why Organisations Need Both EDR and NDR for Complete Network Protection

Endpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and use their resources for their day-to-day work. However, they also expand the attack surface and make the organisation vulnerable to malicious cyberattacks and data breaches. Why Modern...

Ukraine Says Russia Planning Massive Cyberattacks on its Critical Infrastructures

The Ukrainian government on Monday warned of "massive cyberattacks" by Russia targeting critical infrastructure facilities located in the country and that of its allies. The attacks are said to be targeting the energy sector, the Main Directorate of Intelligence of the Ministry of Defense of...

CISA Has Added One Known Exploited Vulnerability to Catalog 

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...