New Wave of Cyber Attacks Target Palestine with Political Bait and Malware

Cybersecurity researchers have turned the spotlight on a new wave of offensive cyberattacks targeting Palestinian activists and entities starting around October 2021 using politically-themed phishing emails and decoy documents. The intrusions are part of what Cisco Talos calls a longstanding...

Unpatched Security Bugs in Medical Wearables Allow Patient Tracking, Data Theft

Telehealth care is on the rise as medical service providers cope with the strain of a pandemic and rising costs. But the rush to roll out remote healthcare has also unleashed a universe of wearable medical devices to collect sensitive data, which researchers say are widely vulnerable to attack...

Ukraine Continues to Face Cyber Espionage Attacks from Russian Hackers

Cybersecurity researchers on Monday said they uncovered evidence of attempted attacks by a Russia-linked hacking operation targeting a Ukrainian entity in July 2021. Broadcom-owned Symantec, in a new report published Monday, attributed the attacks to an actor tracked as Gamaredon aka Shuckworm or...

Penetration tester Guide – Job Description and How to Become

What is a penetration tester? In the realm of data security, pentesters are the specialists. The reason, likewise with other PI works out, is to recognize hazards before any potential meddling bosses get an opportunity to set up their framework. Helpless entertainers will endeavor to take advanta...

Measure the effectiveness of your Microsoft security with AttackIQ

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. To improve an organization’s cybersecurity readiness, you need to test that your detection and prevention technologies work as intended and that your security program is performing a...

Best cyber security jobs in 2022 – Highest paying

Web protection is a worthwhile and quickly extending field that spotlights on shielding organizations from current attacks and guarding their information and frameworks. Specialists in network security distinguish blemishes, give programming and gear answers for diminish hazards, and foster plans...

MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists

Malicious files doctored up to look like legitimate content related to the Israeli-Palestine conflict are being used to target prominent Palestinians, as well as activists and journalists in Turkey, with spyware. That’s according to a disclosure from Zscaler, which attributes the cyberattacks to...

Merck Awarded $1.4B Insurance Payout over NotPetya Attack

Unsealed court records show pharmaceutical giant Merck was awarded a $1.4 billion payout last month on its property insurance policy, for losses the company suffered because of the 2017 NotPetya cyberattacks. Merck’s cyber-insurance company, International Indemnity, was claiming the losses fell...

Destructive Wiper Targeting Ukraine Aimed at Eroding Trust

Russia is positioned for a hot-war attack on Ukraine that the Biden administration warned could come “at any point” — but the country is already suffering an attack of a different kind. A sweeping malware campaign remains ongoing, which experts agree is intended to permanently disrupt organizatio...

Organizations Face a ‘Losing Battle’ Against Vulnerabilities

After a banner year for vulnerabilities and cyberattacks in 2021, organizations believe they are fighting a “losing battle” against security vulnerabilities and threats, “despite the billions of dollars spent collectively on cybersecurity technology,” according to an annual security report from...

Ukrainian Government Officially Accuses Russia of Recent Cyberattacks

The government of Ukraine on Sunday formally accused Russia of masterminding the attacks that targeted websites of public institutions and government agencies this past week. "All the evidence points to the fact that Russia is behind the cyber attack," the Ministry of Digital Transformation said ...

North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide

Operators associated with the Lazarus sub-group BlueNoroff have been linked to a series of cyberattacks targeting small and medium-sized companies worldwide with an aim to drain their cryptocurrency funds, in what's yet another financially motivated operation mounted by the prolific North Korean...

Learn about 4 approaches to comprehensive security that help leaders be fearless

The last 18 months have put unprecedented pressure on organizations to speed up their digital transformation as remote and hybrid work continue to become the new normal. Yet even with all the change and uncertainty, having the right security support system in place means your organization can sti...

GootLoader Hackers Targeting Employees of Law and Accounting Firms

Operators of the GootLoader campaign are setting their sights on employees of accounting and law firms as part of a fresh onslaught of widespread cyberattacks to deploy malware on infected systems, an indication that the adversary is expanding its focus to other high-value targets. "GootLoader is...

FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure

Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecuri...

Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time High

2021 dragged itself to a close under a Log4Shell-induced blitzkrieg. With millions of Log4j-targeted attacks clocking in per hour since the flaw’s discovery last month, there’s been a record-breaking peak of 925 cyberattacks a week per organization, globally. The number comes out of a Monday repo...

BADNEWS! Patchwork APT Hackers Score Own Goal in Recent Malware Attacks

Threat hunters have shed light on the tactics, techniques, and procedures embraced by an Indian-origin hacking group called Patchwork as part of a renewed campaign that commenced in late November 2021, targeting Pakistani government entities and individuals with a research focus on molecular...

CISA Adds 15 Known Exploited Vulnerabilities to Catalog

CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...

What angered us most about cybersecurity in 2021: Lock and Code S03E01

We are just three days into 2022, which means what better time for a 2021 retrospective? But rather than looking at the biggest cyberattacks of last year—which we already did—or the most surprising—like we did a couple of years ago—we wanted to offer something different for readers and listeners...

The three most significant cyberattacks of 2021

People that predict tomorrow’s weather by looking at today’s are often right. Cloudy today? Itll probably be cloudy tomorrow. The same is often true for cybersecurity threats. Looking back at 2021 it looks a lot like 2020: A lot of ransomware attacks. So, when I was asked to write about the three...