TikTok is fined for a privacy violation, major corporations suffer breaches and Vice Society attacks another school. Here are the latest threats and advisories for the week of January 20, 2023. Threat Advisories and Alerts U.K. School Survey Reveals Surprising Findings A new survey by London Grid for Learning (LGfL) and the National Cyber Security Centre (NCSC) revealed that the uptick in cyberattacks on the U.K. school system may not be as bad as first thought. The survey, of more than 800 schools, revealed that 78% of them had suffered at least one cybersecurity incident. Other interesting findings showed that... Read more →
100 posts categorized "Malware"
20 January 2023
LATEST CYBERTHREATS AND ADVISORIES - JANUARY 20, 2023
Posted by (ISC)² Management on 20 January 2023 at 11:30 AM in Malware, Privacy, Ransomware | Permalink
|
Comments (0)
06 January 2023
Latest Cyberthreats and Advisories - January 6, 2023
The LockBit ransomware gang apologizes, Google settles privacy lawsuits and cybercriminals impersonate brands and the U.K. government. Here are the latest threats and advisories for the week of January 6, 2023. Threat Advisories and Alerts Cybercriminals Impersonate Brands with Search Ads And Fake Sites The U.S. Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are directing internet browsers to malicious sites via search ads. How does the scam work? Bad actors build a fake website that impersonates a legitimate brand and then advertises it to appear at the top of search results. Once browsers click the ad,... Read more →
Posted by (ISC)² Management on 06 January 2023 at 01:00 PM in Government , IT Security, Legal, Malware, Ransomware, Risk | Permalink
|
Comments (0)
18 November 2022
Latest Cyberthreats and Advisories - November 18, 2022
Beware the BatLoader, the NSA calls for more memory-safe programming language use and ransomware causes more trouble in Australia….Here are the latest threats and advisories for the week of November 18, 2022. Threat Advisories and Alerts Researchers Sound Alarm on Dangerous BatLoader Malware Dropper A dangerous new malware loader with features for determining whether it's running on business or home computers has begun rapidly infecting systems worldwide over the past few months. Researchers at VMware Carbon Black claim the threat, dubbed BatLoader, is being used to distribute a variety of malware tools including a banking Trojan, an information stealer, and... Read more →
Posted by (ISC)² Management on 18 November 2022 at 09:50 AM in IT Security, Malware, Network Security, Operations Security, Privacy, Ransomware | Permalink
|
Comments (0)
04 November 2022
LATEST CYBERTHREATS AND ADVISORIES - November 4, 2022
Cyberattacks on Dropbox, Europe’s biggest copper producer and another Australian business make this week’s headlines. Here are the latest threats and advisories for the week of November 4, 2022. Threat Advisories and Alerts Google Chrome Suffers Seventh Zero-Day Vulnerability of the Year Google has released an emergency update for its Chrome web browser to address its seventh zero-day vulnerability (CVE-2022-3723) of the year. If the security flaw is exploited, attackers could perform remote code execution, access memory regions that could crash applications or read sensitive information of other apps. Google Chrome users are advised to update their browsers immediately. Source:... Read more →
Posted by (ISC)² Management on 04 November 2022 at 02:46 PM in Malware, Ransomware, Risk | Permalink
|
Comments (0)
15 July 2022
Latest Cyberthreats and Advisories - July 15, 2022
Callback scams, ransomware, Windows attacks and phishing … here are the latest cybersecurity threats and advisories for the week of July 15, 2022. Threat Advisories and Alerts North Korea State-Sponsored Cybercriminals Target U.S. Healthcare Organizations North Korea state-sponsored cyber actors are infecting the systems of U.S. healthcare organizations with Maui ransomware. The malware encrypts the servers of healthcare services—which can freeze up their electronic health care records, diagnostic services, imaging services and other critical functions—disrupting their operations for prolonged periods. Why are healthcare organizations targets? They are more likely to pay ransoms. According to Sophos' State of Ransomware in Healthcare... Read more →
Posted by (ISC)² Management on 15 July 2022 at 10:15 AM in IT Security, Malware, Risk | Permalink
|
Comments (0)
22 April 2021
Cyber Threats: The Financial System’s Top Risk
With cyber attacks against financial and banking institutions now a daily occurrence, cyber threats have become the biggest risk to the global financial system, according to Federal Reserve Chairman Jerome Powell. During an interview on CBS News’ 60 Minutes, Powell said cyber risks surpass even the types of lending and liquidity risks that led to the Great Recession in 2008. The chances of a financial collapse akin to 2008 are “very low,” he said. “But the world changes, the world evolves, and the risks change as well. The risk we keep our eyes on the most is cyber risk.” If... Read more →
Posted by (ISC)² Management on 22 April 2021 at 07:30 AM in Cybersecurity Training, Cybersecurity Workforce, Malware, Ransomware, Risk | Permalink
|
Comments (0)
25 June 2020
(ISC)2 Costa Rica Chapter: Sharing reflections and lessons learned from Maze Team attack
The original article by Diego Delfino can be found at https://delfino.cr/2020/05/caso-maze-bcr-expertos-comparten-reflexiones-lecciones-y-sugerencias Óscar Monge España, founding member of (ISC)² chapter Costa Rica has 16 years of experience in multiple fields of cybersecurity, such as incident response, threat intelligence, risk management and vulnerability management at the corporate level and in the cloud methodology Agile and ITIL, information security expert and cloud security professional. His work in the field led him to obtain the award as the best security participant for America (America’s ISLA) awarded by the renowned organization ISC2 in 2017. He currently works for RaboBank in The Netherlands as a cybersecurity... Read more →
Posted by (ISC)² Management on 25 June 2020 at 01:19 PM in (ISC)² Chapters, Malware | Permalink
|
Comments (0)
(ISC)2 Costa Rica Chapter: Sharing reflections and lessons learned from Maze Team attack
El artículo original fue publicado por Diego Delfino en: https://delfino.cr/2020/05/caso-maze-bcr-expertos-comparten-reflexiones-lecciones-y-sugerencias Óscar Monge España, miembro fundador de (ISC)² capitulo Costa Rica, tiene 16 años de experiencia en múltiples campos de la ciberseguridad, como lo son la Respuesta de Incidentes, Inteligencia de Amenazas, Manejo de Riesgos y Manejo de vulnerabilidades a nivel corporativo y en la nube, metodologías ágiles e ITIL, experto en seguridad de la información y profesional en seguridad en la nube. Su trabajo en el campo, le llevó a obtener el galardón como el mejor practicante de seguridad para America (America’s ISLA) otorgado por la reconocida organización (ISC)² en... Read more →
Posted by (ISC)² Management on 25 June 2020 at 01:06 PM in (ISC)² Chapters, Malware | Permalink
|
Comments (0)
29 May 2020
Study: Pandemic Boosts Cybersecurity Demand
Demand is up for cybersecurity solutions and services as businesses try to cope with the effects of the COVID-19 pandemic. In a survey of technology firms, industry association CompTIA found that customer inquiries regarding cybersecurity were up by 36% in April -- second only to inquiries about communications, collaboration and A/V technologies. The increased demand for cybersecurity and collaboration technologies makes sense in light of the sudden increase in work-from-home (WFH) numbers. The ranks of remote workers shot up as a result of stay-at-home and lockdown directives issued by governments in efforts to manage the spread of COVID-19. Recent (ISC)2... Read more →
Posted by (ISC)² Management on 29 May 2020 at 08:00 AM in Cybersecurity Workforce, Government , Malware, Network Security, Operations Security, Risk | Permalink
|
Comments (0)
06 April 2020
Cyber Threats Are Spiking as Remote Worker Ranks Soar
The number of people working from home is skyrocketing as the COVID-19 pandemic forces companies to close offices and practice social distancing. The sudden explosion of makeshift home office environments is adding to the burden of already overtaxed cybersecurity workers, who now face the massive task of trying to protect a remote workforce against cyber threats. While cybersecurity professionals put in extra hours to handle the situation, the increasing ranks of remote workers are catching the attention of another group – cyber attackers. Cyber criminals are betting that many of these hastily outfitted work-from-home environments will not have the same... Read more →
Posted by (ISC)² Management on 06 April 2020 at 07:55 AM in Cybersecurity Workforce, Malware, Network Security, Privacy, Risk | Permalink
|
Comments (0)
24 February 2020
Threat Hunting: Is Your Security Operation Ready to Launch Such a Program?
As published in the November/December edition of InfoSecurity Professional Magazine. It could be a blended attack as slick as a multichannel marketing campaign. Or a spontaneous crime of opportunity by a single dis-gruntled employee. It could even be an innocent configuration error. When a threat exists, there will be indicators. The perennial challenge is to hunt for signs in the right places and to isolate the signal from the noise. How best to find—and remove, where possible—such threats remains up for debate. Lance Cottrell, chief scientist at Ntrepid, approaches threat hunting less as a specific set of techniques than as... Read more →
Posted by (ISC)² Management on 24 February 2020 at 08:45 AM in IT Security, Malware, Network Security, Operations Security | Permalink
|
Comments (0)
13 February 2020
Breaches Increased in 2019, but the Number of Exposed Records Declined
The number of U.S. data breaches bumped up 17% in 2019 but despite the increase, the volume of sensitive consumer records that were exposed declined substantially by 65%, according to a newly published report. These statistics are a complete reversal of what happened in 2018, when the number of exposed consumer records soared by 126% and breaches declined by 23%, according to the Identity Theft Resource Center’s (ITRC) End-of-Year Data Breach Report for 2019 Data breaches tracked in 2019 in the United States jumped to 1,473, from 1,257 in the previous year, the report revealed. Meanwhile, 164,683,455 sensitive records were... Read more →
Posted by (ISC)² Management on 13 February 2020 at 08:00 AM in Cloud Security, Cybersecurity Certifications, Cybersecurity Training, Cybersecurity Workforce, Malware, Network Security, Operations Security, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
05 December 2019
Cyber Threats to Healthcare on the Rise
Hospitals are set up to fight infections, but not necessarily the kind that has been plaguing healthcare institutions lately – malware. A new report estimates that cyber threats against healthcare targets increased 60% since January, surpassing the total number of threats identified in all of 2018. The most common threat targeting the healthcare industry is Trojan malware, which increased 82% in the third quarter from Q2, according to the report by Malwarebytes, Cybercrime Tactics and Techniques: The 2019 State of Healthcare. Most of the Trojan attacks involved Emotet and TrickBot, which are the two most dangerous Trojans around since 2018.... Read more →
Posted by (ISC)² Management on 05 December 2019 at 09:00 AM in Cloud Security, Cybersecurity Certifications, Cybersecurity Workforce, Malware, Network Security, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
21 December 2018
Beware of Scams this Holiday Season
By Tony Vizza, CISSP, (ISC)² Director of Cybersecurity Advocacy, APAC Over the past few weeks, I have noticed a marked increase in the number of phishing attempts, both using cyber based methods as well as traditional methods such as phone calls, text messages and even postal service scams. Scammers rely on psychological trigger points to succeed. December, in particular, is a stressful time for many people. Boozy Christmas parties, buying presents for your family (and finding something your partner will like), planning the holiday getaway with the kids and of course wrapping up end-of-quarter and end-of-year and you have a... Read more →
Posted by (ISC)² Management on 21 December 2018 at 08:00 AM in Center for Cyber Safety and Education, Malware, Risk | Permalink
|
Comments (1)
03 December 2018
Report: Cyberattacks Pose Big Business Risks Around the Globe
Cyberattacks rank as the number one risk of doing business in North America, Europe and the East Asia-Pacific region, according to a World Economic Forum report, Regional Risks of Doing Business. While business leaders in other areas of the globe are more concerned about unemployment, unstable governments and oil prices, cyber risks rank as the fifth highest worldwide. The concern about cyberattacks shows just how critical cybersecurity has become, ranking even higher than terrorism in the global top 10. Not surprisingly, cyber risks are a bigger concern among the most industrialized areas of the globe such as North America, where... Read more →
Posted by (ISC)² Management on 03 December 2018 at 09:05 AM in Malware, Risk | Permalink
|
Comments (0)
03 July 2018
Don't be a sitting duck in the next OT cyberattack
By Ravindra Krishna, CISSP In a recent Operational Technology (OT) cyberattack, Monero Crypto-currency mining malware was discovered in the ICS network of a water utility company located in Europe. The company found the malware during a routine monitoring check of their OT network and confirmed that the malware infected five servers including the Human machine interface (HMI), which is used to control and manage physical components of OT networks. This attack provides further evidence that OT networks are not simply vulnerable, but actually easy targets. The Post-Stuxnet OT Cyberattack Era I believe that we can divide OT attacks into two... Read more →
Posted by (ISC)² Management on 03 July 2018 at 08:30 AM in IT Security, Malware, Network Security, Operations Security, Ransomware, Risk | Permalink
|
Comments (2)
26 January 2018
(ISC)² Secure Summit UK Insights: The Future Impact of AI in Cybercrime
(ISC)²’s two-day Secure Summits bring multi-subject sessions from hands on practical workshops to keynotes and panel discussions, featuring local and international industry experts to maximise the learning experience and CPE opportunities. Serving the entire (ISC)² EMEA professional community with regional events, the Summits offer a wealth of educational value, networking opportunities, and a community forum for like-minded professionals, all of which are FREE to (ISC)² members & (ISC)² Chapter members. Read on for insights from one of our popular Secure Summit UK sessions... You’re the CEO of an international oil and gas company. Business risk and risk management planning is... Read more →
Posted by (ISC)² Management on 26 January 2018 at 04:00 AM in (ISC)² Events, Cybersecurity Training, Insider Risk, Malware, Ransomware | Permalink
|
Comments (0)
02 January 2018
Do You Feel What I Feel? Cybersecurity’s Impact of Humans and Machines
Organizations, individuals feel pain of breaches, critics silenced, and China outraged. As analysts and cybersecurity experts make predictions about the future of cyber and the advancements we can expect to see in artificial intelligence (AI), it’s worth taking a moment to think about the power of machines and their impact on human emotions. AI holds the promise that someday computers will possess emotional intelligence, but will computers ever really be able to mimic our natural human emotions? Everything from mere words, names, and numbers evokes strong feelings in people, and few names elicit the strong emotional response as that of... Read more →
Posted by (ISC)² Management on 02 January 2018 at 03:00 PM in Government , Malware, Ransomware | Permalink
|
Comments (1)
10 November 2017
Weekly Security Headlines: Hearings, guidelines and news
New guidelines, increased government oversight, and mounting stress in cybersecurity With the 4th quarter underway, we are starting to see lots of predictions about what the cybersecurity industry can expect to see come 2018. Thinking about the future makes it easy to forget about what is happening right now, though. Let’s take a look back at the news that happened this week to remind us of where we are, before we focus too much on where we’re going. Arguably the biggest industry-wide news of the week was the Senate Commerce Committee hearing, “Protecting Consumers in the Era of Major Breaches.... Read more →
Posted by (ISC)² Management on 10 November 2017 at 02:10 PM in Ethics, Government , IT Security, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (1)
27 October 2017
Security Headlines: Hopping Around
This week’s National Cybersecurity Awareness campaign focused on feeding the pipeline to narrow the skills gap in the cybersecurity workforce. While StaySafeOnline declared “The Internet Wants You: Consider a Career in Cybersecurity,” Ransomware hopped to the headlines. Rabbit on the run ‘Bad Rabbit’, the third global outbreak of the year with similarities to NotPetya, struck companies throughout Russia and Eastern Europe with file-encrypting malware. This strand of ransomware metaphorically knocks on the user’s door by way of a malicious pop-up offering a Flash update. Though the outbreak was first reported, it’s suspected that the group behind the attack has been... Read more →
Posted by (ISC)² Management on 27 October 2017 at 11:10 AM in Malware, Network Security, Ransomware | Permalink
|
Comments (0)
Search
Categories
- (ISC)² Chapters (22)
- (ISC)² Events (150)
- Center for Cyber Safety and Education (50)
- Cloud Security (125)
- Cybersecurity Certifications (368)
- Cybersecurity Training (305)
- Cybersecurity Workforce (224)
- Digital Forensics (27)
- Ethics (49)
- Government (105)
- Insider Risk (55)
- IT Security (359)
- Legal (42)
- Malware (100)
- Network Security (163)
- Operations Security (133)
- Privacy (100)
- Ransomware (60)
- Risk (174)
- Software Development (43)
- Spotlight (68)