In the first of two previews of Infosecurity Europe 2023, we look at our top picks for unmissable keynote sessions across the three days of the conference, held at ExCel in London from June 20-22. By John E. Dunn As the pivotal cybersecurity conference in the region, every Infosecurity Europe conference is oriented to topical themes. This year is no exception, with the speaker lineup covering everything from the on-going anxiety of cyberwar, how zero trust can be made to work once it leaves the drawing board, and the never-ending puzzle of assessing supply chain risk. The following is our... Read more →
112 posts categorized "Malware"
25 May 2023
Infosecurity Europe 2023 Preview – Our Pick of the Keynote Sessions
Posted by (ISC)² Management on 25 May 2023 at 03:00 AM in (ISC)² Events, Cloud Security, Cybersecurity Training, Cybersecurity Workforce, Digital Forensics, Ethics, Government , Insider Risk, IT Security, Legal, Malware, Network Security, Operations Security, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
19 May 2023
Latest Cyberthreats and Advisories - May 19, 2023
WordPress’s Elementor is vulnerable (again), the U.S. Department of Transportation is breached, 5.8 million medical records are posted online after PharMerica incident. Here are the latest threats and advisories for the week of May 19, 2023. By John Weiler Threat Advisories and Alerts Australian and U.S. Governments Release Advisory on BianLian Ransomware Group The Australian Cyber Security Centre (ACSC) has released a joint cybersecurity advisory with the U.S. outlining typical threat vectors and signs of ongoing attacks by the BianLian ransomware group. It is a relatively new group that uses trusted Remote Desktop Protocol (RDP) credentials to gain network access... Read more →
Posted by (ISC)² Management on 19 May 2023 at 07:00 AM in Government , IT Security, Malware, Ransomware, Risk | Permalink
|
Comments (0)
25 April 2023
RSA Conference Day One: Disruption Key to Keeping Bad Actors At Bay
Day One of the RSA Conference opened with keynotes diagnosing a security identity crisis, while offering AI, platforms, and big dose of disruption as the cure for what ails the cybersecurity world. By Joe Fay The 2023 RSA Conference kicked off in San Francisco this week, with human delegates being confronted with speaker after speaker declaring that AI is taking over much of their jobs. Opening the conference, RSA CEO Rohit Ghai said that over the years, the core purpose of security platforms has evolved, but “in the AI era, it is security first, followed by convenience and compliance.” “AI... Read more →
Posted by (ISC)² Management on 25 April 2023 at 01:37 PM in Government , IT Security, Malware, Network Security, Risk | Permalink
|
Comments (0)
Cybersecurity Industry News Review - April 25, 2023
Europe’s Air Traffic Control (ATC) agency under DDoS attack. Eavesdropping police in the U.K. spared massive fine. Numbers emerge after NCR ransomware attack. Hackers hit gold in secondhand routers. By Joe Fay “Pro-Russian” Hackers Dive Bomb European Air Traffic Control Agency Europe’s air traffic control agency, Eurocontrol, has been fighting off a cyberattack by pro-Russian hackers since April 19. The attack appears to have been a DDoS targeting the agency’s website. Pro-Russian group Killnet claimed to have launched a “100 hour” marathon against Eurocontrol. The agency declined to detail the nature of the attack but said its safety operations had... Read more →
Posted by (ISC)² Management on 25 April 2023 at 06:00 AM in Government , IT Security, Malware, Network Security, Ransomware, Risk | Permalink
|
Comments (0)
29 March 2023
Analysis: Hackers Exploit Zero-Day to Siphon $1.5 Million From Bitcoin ATMs
Anxiety about the security of hot wallets grows as General Bytes customers are hit by a zero-day flaw in the company’s Bitcoin ATMs. By John E. Dunn It’s fair to say that crypto has an image problem. What it didn’t need was a Bitcoin ATM (BATM) hack to generate even more bad publicity. Unfortunately, that’s exactly what happened on March 17-18, according to General Bytes, one of the best-known makers of BATMs on the market. Hackers exploited a zero-day flaw in a video interface that’s part of the General Bytes CAS server platform to steal 56 Bitcoins (worth $1.5 million)... Read more →
Posted by (ISC)² Management on 29 March 2023 at 07:00 AM in IT Security, Malware | Permalink
|
Comments (1)
21 March 2023
Cybersecurity Industry News Review – March 21, 2023
KillNet is bad for your health, TikTok facing further bans, ransomware impacts cancer test results, Russia allegedly increasing its cyberwarfare efforts. By Joe Fay Microsoft Demonstrates How KillNet Is Bad for Our Healthcare Sector Microsoft has highlighted a rise in DDoS attacks on healthcare organizations, mapping a three-fold increase in attacks over three months. It said it tracked 10 to 20 attacks per day on healthcare organizations on Azure in November but was seeing 40 to 60 per day in February. The attack mix changed over this time, it added, with over half of attacks now being UDP floods, with... Read more →
Posted by (ISC)² Management on 21 March 2023 at 09:00 AM in Ethics, Government , IT Security, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
17 March 2023
Latest Cyberthreats and Advisories - March 17, 2023
Cybercriminals pounce on SVB collapse, privacy concerns around ChatGPT and the FBI warns of a rise in crypto scams. Here are the latest threats and advisories for the week of March 17, 2023. By John Weiler Threat Advisories and Alerts FBI Warning: Cryptocurrency Investment Schemes on the Rise The U.S. Federal Bureau of Investigation (FBI) is warning internet users of an increase in cryptocurrency investment scam schemes, which defrauded victims of over $2 billion in 2022. Cybercriminals (usually located overseas) use social media platforms, dating apps, professional networking apps and other online means to connect with targets. The criminals then... Read more →
Posted by (ISC)² Management on 17 March 2023 at 05:00 AM in Government , Malware, Network Security, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
14 March 2023
Cybersecurity Industry News Review – March 14, 2023
The U.K. Online Safety Bill triggers a security rebuke from WhatsApp, the Czech Republic concerned about TikTok, an international law enforcement effort shuts down the NetWire RAT infrastructure, while a study suggests workforce malaise towards reporting security incidents. By Joe Fay WhatsApp Would Leave U.K. Rather Than Break Encryption WhatsApp would pull its end-to-end encrypted messaging service in the U.K., rather than submit to any requirement to weaken its privacy stance to comply with the U.K. government’s Online Safety Bill. WhatsApp chief Will Cathcart said that 98 per cent of its users were outside the U.K., and ALL users wanted... Read more →
Posted by (ISC)² Management on 14 March 2023 at 05:00 AM in Digital Forensics, Ethics, Government , IT Security, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
17 February 2023
Analysis: White House Cybersecurity Policy Maker - Secure Open Source Software Even If It Benefits ‘Adversaries’ We Should Do It Anyway
By Joe Fay Resiliency is the endgame of the U.S. approach to internet and software security. The U.S. has a vested interest in creating a secure and resilient internet and software ecosystem, even if it means its “adversaries” also benefit, a White House cybersecurity leader told the State of Open Conference in London late last week. During a panel session on international security policy, Sal Kimmich, director of open source at EscherCloudAI, AI DevSecOps, said researchers uncovering vulnerabilities could face pressure from nation states, and there needs to be a way of protecting them. Microsoft director of open source strategy,... Read more →
Posted by (ISC)² Management on 17 February 2023 at 03:00 AM in Government , Malware, Software Development | Permalink
|
Comments (0)
15 February 2023
Cybersecurity Industry News Review: February 15, 2023
By Joe Fay NHS still recovering from ransomware incidents. Network firm employee confesses to data extortion, as U.S. cyber ambassador admits their Twitter account was hacked as the President turns to industry leaders to advise him. NHS Still Reconnecting After 2022 Lockbit Attack on Supplier Just how disruptive ransomware can be was illustrated this past week, six months after an attack on UK health software supplier Advanced. The attack on Advanced first emerged in August 2022, causing disruption across a range of NHS services. Health and secondary care minister Will Quince said that while most affected NHS organizations were up... Read more →
Posted by (ISC)² Management on 15 February 2023 at 03:00 AM in Malware, Ransomware, Risk | Permalink
|
Comments (0)
07 February 2023
Cybersecurity Industry News Review: February 7, 2023
By Joe Fay Derivatives traders, trainer trainers, and finger lickers all hit by ransomware. Russian hackers lash out after Ukraine tanks deal announced. Apple patches decade old devices. ION Markets Hit by “Cyber Security Event” Dublin-based data and software firm ION Markets has been hit by a “cyber event” which has had a knock-on effect on financial futures and derivatives markets worldwide. The attack is thought to have been ransomware related. ION Markets said the attack on its ION Cleared Derivatives division was “contained to a specific environment”, all the affected servers are disconnected, and remediation of services is ongoing.... Read more →
Posted by (ISC)² Management on 07 February 2023 at 04:21 PM in IT Security, Legal, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
27 January 2023
Latest Cyberthreats and Advisories - January 27, 2023
Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach. Here are the latest threats and advisories for the week of January 27, 2023. Threat Advisories and Alerts CISA Publishes Report to Help Protect Schools from Cyberthreats The recent surge in cyberattacks against the education sector has led the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to release a report addressing the issue. The COVID-19 pandemic made educational institutions increasingly vulnerable to cyberthreats, as virtual learning became widespread and led to the rapid adoption of new and untested technologies. The report titled “Partnering to Safeguard K-12 Organizations from... Read more →
Posted by (ISC)² Management on 27 January 2023 at 08:00 AM in Malware, Network Security, Ransomware | Permalink
|
Comments (0)
20 January 2023
Latest Cyberthreats and Advisories - January 20, 2023
TikTok is fined for a privacy violation, major corporations suffer breaches and Vice Society attacks another school. Here are the latest threats and advisories for the week of January 20, 2023. Threat Advisories and Alerts U.K. School Survey Reveals Surprising Findings A new survey by London Grid for Learning (LGfL) and the National Cyber Security Centre (NCSC) revealed that the uptick in cyberattacks on the U.K. school system may not be as bad as first thought. The survey, of more than 800 schools, revealed that 78% of them had suffered at least one cybersecurity incident. Other interesting findings showed that... Read more →
Posted by (ISC)² Management on 20 January 2023 at 11:30 AM in Malware, Privacy, Ransomware | Permalink
|
Comments (1)
06 January 2023
Latest Cyberthreats and Advisories - January 6, 2023
The LockBit ransomware gang apologizes, Google settles privacy lawsuits and cybercriminals impersonate brands and the U.K. government. Here are the latest threats and advisories for the week of January 6, 2023. Threat Advisories and Alerts Cybercriminals Impersonate Brands with Search Ads And Fake Sites The U.S. Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are directing internet browsers to malicious sites via search ads. How does the scam work? Bad actors build a fake website that impersonates a legitimate brand and then advertises it to appear at the top of search results. Once browsers click the ad,... Read more →
Posted by (ISC)² Management on 06 January 2023 at 01:00 PM in Government , IT Security, Legal, Malware, Ransomware, Risk | Permalink
|
Comments (0)
18 November 2022
Latest Cyberthreats and Advisories - November 18, 2022
Beware the BatLoader, the NSA calls for more memory-safe programming language use and ransomware causes more trouble in Australia….Here are the latest threats and advisories for the week of November 18, 2022. Threat Advisories and Alerts Researchers Sound Alarm on Dangerous BatLoader Malware Dropper A dangerous new malware loader with features for determining whether it's running on business or home computers has begun rapidly infecting systems worldwide over the past few months. Researchers at VMware Carbon Black claim the threat, dubbed BatLoader, is being used to distribute a variety of malware tools including a banking Trojan, an information stealer, and... Read more →
Posted by (ISC)² Management on 18 November 2022 at 09:50 AM in IT Security, Malware, Network Security, Operations Security, Privacy, Ransomware | Permalink
|
Comments (1)
04 November 2022
LATEST CYBERTHREATS AND ADVISORIES - November 4, 2022
Cyberattacks on Dropbox, Europe’s biggest copper producer and another Australian business make this week’s headlines. Here are the latest threats and advisories for the week of November 4, 2022. Threat Advisories and Alerts Google Chrome Suffers Seventh Zero-Day Vulnerability of the Year Google has released an emergency update for its Chrome web browser to address its seventh zero-day vulnerability (CVE-2022-3723) of the year. If the security flaw is exploited, attackers could perform remote code execution, access memory regions that could crash applications or read sensitive information of other apps. Google Chrome users are advised to update their browsers immediately. Source:... Read more →
Posted by (ISC)² Management on 04 November 2022 at 02:46 PM in Malware, Ransomware, Risk | Permalink
|
Comments (0)
15 July 2022
Latest Cyberthreats and Advisories - July 15, 2022
Callback scams, ransomware, Windows attacks and phishing … here are the latest cybersecurity threats and advisories for the week of July 15, 2022. Threat Advisories and Alerts North Korea State-Sponsored Cybercriminals Target U.S. Healthcare Organizations North Korea state-sponsored cyber actors are infecting the systems of U.S. healthcare organizations with Maui ransomware. The malware encrypts the servers of healthcare services—which can freeze up their electronic health care records, diagnostic services, imaging services and other critical functions—disrupting their operations for prolonged periods. Why are healthcare organizations targets? They are more likely to pay ransoms. According to Sophos' State of Ransomware in Healthcare... Read more →
Posted by (ISC)² Management on 15 July 2022 at 10:15 AM in IT Security, Malware, Risk | Permalink
|
Comments (0)
22 April 2021
Cyber Threats: The Financial System’s Top Risk
With cyber attacks against financial and banking institutions now a daily occurrence, cyber threats have become the biggest risk to the global financial system, according to Federal Reserve Chairman Jerome Powell. During an interview on CBS News’ 60 Minutes, Powell said cyber risks surpass even the types of lending and liquidity risks that led to the Great Recession in 2008. The chances of a financial collapse akin to 2008 are “very low,” he said. “But the world changes, the world evolves, and the risks change as well. The risk we keep our eyes on the most is cyber risk.” If... Read more →
Posted by (ISC)² Management on 22 April 2021 at 07:30 AM in Cybersecurity Training, Cybersecurity Workforce, Malware, Ransomware, Risk | Permalink
|
Comments (0)
25 June 2020
(ISC)2 Costa Rica Chapter: Sharing reflections and lessons learned from Maze Team attack
The original article by Diego Delfino can be found at https://delfino.cr/2020/05/caso-maze-bcr-expertos-comparten-reflexiones-lecciones-y-sugerencias Óscar Monge España, founding member of (ISC)² chapter Costa Rica has 16 years of experience in multiple fields of cybersecurity, such as incident response, threat intelligence, risk management and vulnerability management at the corporate level and in the cloud methodology Agile and ITIL, information security expert and cloud security professional. His work in the field led him to obtain the award as the best security participant for America (America’s ISLA) awarded by the renowned organization ISC2 in 2017. He currently works for RaboBank in The Netherlands as a cybersecurity... Read more →
Posted by (ISC)² Management on 25 June 2020 at 01:19 PM in (ISC)² Chapters, Malware | Permalink
|
Comments (0)
(ISC)2 Costa Rica Chapter: Sharing reflections and lessons learned from Maze Team attack
El artículo original fue publicado por Diego Delfino en: https://delfino.cr/2020/05/caso-maze-bcr-expertos-comparten-reflexiones-lecciones-y-sugerencias Óscar Monge España, miembro fundador de (ISC)² capitulo Costa Rica, tiene 16 años de experiencia en múltiples campos de la ciberseguridad, como lo son la Respuesta de Incidentes, Inteligencia de Amenazas, Manejo de Riesgos y Manejo de vulnerabilidades a nivel corporativo y en la nube, metodologías ágiles e ITIL, experto en seguridad de la información y profesional en seguridad en la nube. Su trabajo en el campo, le llevó a obtener el galardón como el mejor practicante de seguridad para America (America’s ISLA) otorgado por la reconocida organización (ISC)² en... Read more →
Posted by (ISC)² Management on 25 June 2020 at 01:06 PM in (ISC)² Chapters, Malware | Permalink
|
Comments (0)
Search
Categories
- (ISC)² Chapters (22)
- (ISC)² Events (158)
- Center for Cyber Safety and Education (52)
- Cloud Security (132)
- Cybersecurity Certifications (375)
- Cybersecurity Training (309)
- Cybersecurity Workforce (242)
- Digital Forensics (29)
- Ethics (52)
- Government (123)
- Insider Risk (56)
- IT Security (371)
- Legal (45)
- Malware (112)
- Network Security (175)
- Operations Security (140)
- Privacy (114)
- Ransomware (82)
- Risk (194)
- Software Development (44)
- Spotlight (71)