This Week in Security News - February 25, 2022

Recent cyberattacks increasingly target open-source web servers, and US officials tell businesses to watch for potential ransomware attacks after Biden announces Russia sanctions...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types a...

The Harsh Truths of Cybersecurity in 2022, Part Two

In part one of this series, I outlined some harsh truths of cybersecurity in 2022 and the first three of the top six steps you should take to ensure resiliency against today’s most pervasive threat—ransomware. Here, I’ll cover the remaining three: But first, let’s take a quick step back. It used ...

Cyclops Blink malware: US and UK authorities issue alert

According to a joint security advisory published yesterday by US and UK cybersecurity and law enforcement agencies, a new malware called Cyclops Blink has surfaced to replace the VPNFilter malware attributed to the Sandworm group, which has always been seen as a Russian state-sponsored group...

Global Cyberattacks Tied to the Russian Invasion of Ukraine

Cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices to manage your cyber risk...

Global Cyberattacks Tied to the Russian Invasion of Ukraine

Cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices to manage your cyber risk...

Global Cyberattacks: Managing Risk in Chaotic Times

As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience...

News Corp’s software supply chain attack proves the need for enhanced security posture

By Waqas Journalists from News Corp have been targeted in a recent series of cyberattacks, which underscores the need to… This is a post from HackRead.com Read the original post: News Corps software supply chain attack proves the need for enhanced security posture...

Recent Cyberattacks Target Open-source Web Servers

Malicious actors take advantage of people’s reliance on web servers to perform attacks like remote code execution, access control bypass, denial of service, or even cyberjacking the victim servers to mine cryptocurrencies...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types an...

Information Security Consultant – Job Description and How to Become

Introduction As per Centrify, a forerunner in the Privileged Access Management PAM market that forms programming to forestall cyberattacks, the huge ascent of people working from a distance during the COVID-19 pandemic has raised the probability of a digital break. Therefore, network protection h...

Justice Department Appoints First Director of National Cryptocurrency Enforcement Team

The U.S. Department of Justice DoJ earlier this week appointed Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team NCET it established last year. The NCET was created to tackle the criminal misuse of cryptocurrencies and digital assets," with a focus on...

Ukrainian DDoS Attacks Should Put US on Notice–Researchers

On Tuesday, institutions central to Ukraine’s military and economy were hit with a wave of denial-of-service DoS attacks, which sparked an avalanche of headlines around the world. The strike itself had limited impact — but the larger implications for critical infrastructure beyond the Ukraine are...

[Webinar] When More Is Not Better: Solving Alert Overload

The increasing volume and sophistication of cyberattacks have naturally led many companies to invest in additional cybersecurity technologies. We know that expanded threat detection capabilities are necessary for protection, but they have also led to several unintended consequences. The "more is...

Prudent Cybersecurity Preparation for the Potential Russia-Ukraine Conflict

Update Feb 24, 2022: The situation in Ukraine has worsened since this blog post was first published, though our preparation advice remains the same. We will update the Rapid7 blog with a new post as events warrant. Tensions between Russia and Ukraine remain elevated, with a high degree of...

CISA Adds Nine Known Exploited Vulnerabilities to Catalog

CISA has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types a...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerability listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and po...

CISA Adds 15 Known Exploited Vulnerabilities to Catalog

CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...

Beware of the Attacks of Zombie Botnet

By Owais Sultan Cyberattacks and security threats can take many forms, but zombie botnets are particularly malicious and can often go… This is a post from HackRead.com Read the original post: Beware of the Attacks of Zombie Botnet...

Cyber Signals: Defending against cyber threats with the latest research, insights, and trends

We’re excited to introduce Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research. This content, which will be released quarterly, offers an expert perspective into the current threat landscape, discussing trending tactics, techniques, and...