Iranian Attacks on Industrial Control Systems

New details: At the CyberwarCon conference in Arlington, Virginia, on Thursday, Microsoft security researcher Ned Moran plans to present new findings from the company's threat intelligence group that show a shift in the activity of the Iranian hacker group APT33, also known by the names Holmium,...

‘Tis the Season for Holiday Cyber Heists

‘Tis the season for cyberattacks, particularly when it comes to the retail industry. According to the VMware Carbon Black Threat Analysis Unit TAU, retail organizations may see a noticeable spike in attempted cyberattacks during the holiday season. Click here to download the full report TAU’s...

Email Voted a Weak Link for Election Security, with DMARC Lagging

As the 2020 Presidential election looms closer in the United States, a key focus will be on securing election infrastructure to prevent tampering. In a recent analysis, researchers found that email remains a potential weak link, with most counties failing to implement DMARC protections. DMARC whi...

Feds Offer $5M Reward to Nab 'Evil Corp' Dridex Hacker

U.S. authorities are offering up $5 million for information leading to the arrest of Evil Corp. leader Maksim V. Yakubets, 32, of Russia, who goes under the moniker “aqua.” The U.S. alleges that Yakubets and his company have stolen millions of dollars from victims using the Dridex banking trojan...

VMware Carbon Black Threat Report: One Year Out From the 2020 U.S. Elections, Geopolitical Tension Continues to Spawn Cyberattacks

This morning, VMware Carbon Black released its latest Global Incident Response Threat Report GIRTR. Now in its fourth edition, the GIRTR is written in partnership with VMware Carbon Black's incident response IR partner ecosystem and aggregates input from top IR experts to give you, the reader, a...

Security Firms, Nonprofits Team to Fight Stalkerware

The scourge of so-called “stalkerware” has accelerated as mobile cyberattacks in general have become more common, and it’s something that’s being addressed through a security industry collaboration that launched this week. The term “stalkerware” refers to both surreptitious spyware available on t...

Iran’s APT33 Hackers Are Targeting Industrial Control Systems

The recent focus on ICS raises the possibility that Iran's APT33 is exploring physically disruptive cyberattacks...

Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers

As the holiday season looms, cybercrooks are going after shoppers with more than 100,000 lookalike domains mimicking legitimate retailers. The news comes as a new report shows that in tandem, the retail industry is experiencing more breaches than any other industry in 2019 as criminals consistent...

Lizard Squad Threatens UK's Labour Leader with Cyberattacks Against His Family

Lizard Squad, the well-known hacktivist cybergang, is pledging to mount personal cyberattacks on Britain’s Labour Party leader, Jeremy Corbyn. As the UK continues to be roiled by Brexit debate ahead of a Dec. 12 general election, the Labour Party said on Tuesday that it had been targeted by a...

How to Secure Critical Infrastructure When Patching Isn't Possible

Cyberattacks are on the rise and threatening our digital life and our most intimate information — but also our operational realities. Attacks on critical infrastructure such as power plants, water works, airports and the like transportation ranks among the highest-value targets for cyberattackers...

Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon's Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network...

SMBs lack resources to defend against cyberattacks, plus pay more in the aftermath

Cyberattacks, many have noted, are the fastest growing economic crime not only in the United States, but also around the world. This upward trend has been observed since 2014, according to PricewaterhouseCoopers PwC, and won’t likely be slowing down anytime soon. Cyberattacks—much like the...

ICS Attackers Set To Inflict More Damage With Evolving Tactics

Future attacks on industrial control system ICS networks may inflict even more damage in the long run, according to new research. Analysts expect them to evolve from attacks that have immediate, direct impact to those with multiple stages and attack vectors that are more stealthy. While it remain...

Fancy Bear Targets Sporting, Anti-Doping Orgs As 2020 Olympics Loom

At least 16 anti-doping authorities and sporting organizations around the world have been hit by cyberattacks as the world begins to gear up for the Tokyo Summer Olympic Games, which kick off July 2020. The attacks, which began Sept. 16, have been linked to infamous Russian threat group Fancy Bea...

Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics

As Japan gears up for the upcoming 2020 Summer Olympics in Tokyo for the next year, the country needs to brace itself for sophisticated cyberattacks, especially from state-sponsored hackers. Microsoft has issued a short notice, warning about a new wave of highly targeted cyberattacks by a group o...

Microsoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage Actors

Microsoft publicly released information revealing an uptick in cyberattacks globally targeting anti-doping authorities and sporting organizations. The Microsoft Threat Intelligence Center MSTIC routinely tracks malicious activity originating from the Russian advanced persistent threat APT group 2...

Cynet's Vulnerability Assessment Enables Organizations to Dramatically Reduce their Risk Exposure

Protection from cyberattacks begins way before attackers launch their weapons on an organization. Continuously monitoring the environment for security weaknesses and addressing such, if found, is a proven way to provide organizations with immunity to a large portion of attacks. Among the common...

ACSC Releases Small Business Cybersecurity Guide

The Australian Cyber Security Centre ACSC has released a cybersecurity guide for small businesses. The guide provides checklists to help small businesses protect themselves against common cybersecurity incidents. The Cybersecurity and Infrastructure Security Agency CISA encourages small business...

Microsoft Reports Cyberattacks on Targeted Email Accounts

The Microsoft Threat Intelligence Center MSTIC has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus. These threat actors are exploiting password reset or account recovery features to take control of targeted email accounts. The...

For Cybersecurity and Domestic Violence Awareness months, we pledge to fight stalkerware

Starting today, two hallmark holidays are upon us. No, it’s not Halloween and Thanksgiving. It’s both Cybersecurity Awareness Month and Domestic Violence Awareness Month. It’s no coincidence these two awareness campaigns overlap. What were once seen as separate realities—the physical and the...