The myth of Mac’s malware invincibility, ransomware attacks skyrocketed in June and North Korean actors found to be behind the JumpCloud breach. Here are the latest threats and advisories for the week of July 28, 2023. Threat Advisories and Alerts Vulnerability Leaves 900,000 MikroTik Routers Open to Attack An estimated 900,000 MikroTik routers may be vulnerable to attack due to a new security flaw. The vulnerability (CVE-2023-30788) can provide cybercriminals entry into an organization’s network. "The worst-case scenario is that an attacker can install and execute arbitrary tools on the underlying Linux operating system," said security researcher Jacob Baines. Considering... Read more →
116 posts categorized "Malware"
28 July 2023
Latest Cyberthreats and Advisories - July 28, 2023
Posted by ISC2 Management on 28 July 2023 at 07:00 AM in Cybersecurity Workforce, IT Security, Malware, Ransomware, Risk | Permalink
|
Comments (0)
21 July 2023
Latest Cyberthreats and Advisories - July 21, 2023
The cybercriminal version of ChatGPT, BreachForums’ founder pleads guilty and FBI warns of tech support scam. Here are the latest threats and advisories for the week of July 21, 2023. By John Weiler Threat Advisories and Alerts CISA Factsheet Offers Security Advice for Companies Transitioning to the Cloud The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published the Free Tools for Cloud Environments factsheet to help protect companies migrating to the cloud. The factsheet provides cloud security guidance on how organizations can safeguard their data and critical assets from vulnerabilities, anomalies and other cyberthreats. CISA has encouraged organizations to... Read more →
Posted by ISC2 Management on 21 July 2023 at 06:00 AM in Cloud Security, Digital Forensics, Ethics, Government , Insider Risk, IT Security, Malware, Risk | Permalink
|
Comments (0)
14 July 2023
Latest Cyberthreats and Advisories - July 14, 2023
Cybersecurity agencies warn of Truebot malware, ransomware and phishing attacks surge in 2023 and the rise of Clop ransomware gang. Here are the latest threats and advisories for the week of July 14, 2023. By John Weiler Threat Advisories and Alerts Cybersecurity Agencies Warn of New Truebot Malware Variants The U.S. Cybersecurity and Infrastructure Security Agency (CISA) in conjunction with other domestic agencies and the Canadian Centre for Cyber Security (CCCS) have released a joint advisory that warns of Truebot malware variants. Truebot, which has been utilized by groups like Clop Ransomware, is a botnet used for data exfiltration. While... Read more →
Posted by ISC2 Management on 14 July 2023 at 06:00 AM in IT Security, Malware, Ransomware, Risk | Permalink
|
Comments (0)
09 June 2023
Latest Cyberthreats and Advisories - June 9, 2023
Verizon releases annual data breach report, more than 90,000 people impacted in U.S. university breach and the BBC, British Airways and Boots compromised in MOVEit Transfer incident. Here are the latest threats and advisories for the week of June 9, 2023. By John Weiler Threat Advisories and Alerts Sextortion Schemes Transform Innocent Photos Into Explicit Content The U.S. Federal Bureau of Investigation (FBI) has issued a warning to the public of an uptick in sextortion crimes. Likely due to the explosion of AI technology, malicious actors can transform innocent photos from a victim’s social media accounts into explicit, sexually-themed images.... Read more →
Posted by ISC2 Management on 09 June 2023 at 06:00 AM in IT Security, Malware, Risk | Permalink
|
Comments (0)
25 May 2023
Infosecurity Europe 2023 Preview – Our Pick of the Keynote Sessions
In the first of two previews of Infosecurity Europe 2023, we look at our top picks for unmissable keynote sessions across the three days of the conference, held at ExCel in London from June 20-22. By John E. Dunn As the pivotal cybersecurity conference in the region, every Infosecurity Europe conference is oriented to topical themes. This year is no exception, with the speaker lineup covering everything from the on-going anxiety of cyberwar, how zero trust can be made to work once it leaves the drawing board, and the never-ending puzzle of assessing supply chain risk. The following is our... Read more →
Posted by ISC2 Management on 25 May 2023 at 03:00 AM in Cloud Security, Cybersecurity Training, Cybersecurity Workforce, Digital Forensics, Ethics, Government , Insider Risk, ISC2 Events, IT Security, Legal, Malware, Network Security, Operations Security, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
19 May 2023
Latest Cyberthreats and Advisories - May 19, 2023
WordPress’s Elementor is vulnerable (again), the U.S. Department of Transportation is breached, 5.8 million medical records are posted online after PharMerica incident. Here are the latest threats and advisories for the week of May 19, 2023. By John Weiler Threat Advisories and Alerts Australian and U.S. Governments Release Advisory on BianLian Ransomware Group The Australian Cyber Security Centre (ACSC) has released a joint cybersecurity advisory with the U.S. outlining typical threat vectors and signs of ongoing attacks by the BianLian ransomware group. It is a relatively new group that uses trusted Remote Desktop Protocol (RDP) credentials to gain network access... Read more →
Posted by ISC2 Management on 19 May 2023 at 07:00 AM in Government , IT Security, Malware, Ransomware, Risk | Permalink
|
Comments (0)
25 April 2023
RSA Conference Day One: Disruption Key to Keeping Bad Actors At Bay
Day One of the RSA Conference opened with keynotes diagnosing a security identity crisis, while offering AI, platforms, and big dose of disruption as the cure for what ails the cybersecurity world. By Joe Fay The 2023 RSA Conference kicked off in San Francisco this week, with human delegates being confronted with speaker after speaker declaring that AI is taking over much of their jobs. Opening the conference, RSA CEO Rohit Ghai said that over the years, the core purpose of security platforms has evolved, but “in the AI era, it is security first, followed by convenience and compliance.” “AI... Read more →
Posted by ISC2 Management on 25 April 2023 at 01:37 PM in Government , IT Security, Malware, Network Security, Risk | Permalink
|
Comments (0)
Cybersecurity Industry News Review - April 25, 2023
Europe’s Air Traffic Control (ATC) agency under DDoS attack. Eavesdropping police in the U.K. spared massive fine. Numbers emerge after NCR ransomware attack. Hackers hit gold in secondhand routers. By Joe Fay “Pro-Russian” Hackers Dive Bomb European Air Traffic Control Agency Europe’s air traffic control agency, Eurocontrol, has been fighting off a cyberattack by pro-Russian hackers since April 19. The attack appears to have been a DDoS targeting the agency’s website. Pro-Russian group Killnet claimed to have launched a “100 hour” marathon against Eurocontrol. The agency declined to detail the nature of the attack but said its safety operations had... Read more →
Posted by ISC2 Management on 25 April 2023 at 06:00 AM in Government , IT Security, Malware, Network Security, Ransomware, Risk | Permalink
|
Comments (0)
29 March 2023
Analysis: Hackers Exploit Zero-Day to Siphon $1.5 Million From Bitcoin ATMs
Anxiety about the security of hot wallets grows as General Bytes customers are hit by a zero-day flaw in the company’s Bitcoin ATMs. By John E. Dunn It’s fair to say that crypto has an image problem. What it didn’t need was a Bitcoin ATM (BATM) hack to generate even more bad publicity. Unfortunately, that’s exactly what happened on March 17-18, according to General Bytes, one of the best-known makers of BATMs on the market. Hackers exploited a zero-day flaw in a video interface that’s part of the General Bytes CAS server platform to steal 56 Bitcoins (worth $1.5 million)... Read more →
Posted by ISC2 Management on 29 March 2023 at 07:00 AM in IT Security, Malware | Permalink
|
Comments (1)
21 March 2023
Cybersecurity Industry News Review – March 21, 2023
KillNet is bad for your health, TikTok facing further bans, ransomware impacts cancer test results, Russia allegedly increasing its cyberwarfare efforts. By Joe Fay Microsoft Demonstrates How KillNet Is Bad for Our Healthcare Sector Microsoft has highlighted a rise in DDoS attacks on healthcare organizations, mapping a three-fold increase in attacks over three months. It said it tracked 10 to 20 attacks per day on healthcare organizations on Azure in November but was seeing 40 to 60 per day in February. The attack mix changed over this time, it added, with over half of attacks now being UDP floods, with... Read more →
Posted by ISC2 Management on 21 March 2023 at 09:00 AM in Ethics, Government , IT Security, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
17 March 2023
Latest Cyberthreats and Advisories - March 17, 2023
Cybercriminals pounce on SVB collapse, privacy concerns around ChatGPT and the FBI warns of a rise in crypto scams. Here are the latest threats and advisories for the week of March 17, 2023. By John Weiler Threat Advisories and Alerts FBI Warning: Cryptocurrency Investment Schemes on the Rise The U.S. Federal Bureau of Investigation (FBI) is warning internet users of an increase in cryptocurrency investment scam schemes, which defrauded victims of over $2 billion in 2022. Cybercriminals (usually located overseas) use social media platforms, dating apps, professional networking apps and other online means to connect with targets. The criminals then... Read more →
Posted by ISC2 Management on 17 March 2023 at 05:00 AM in Government , Malware, Network Security, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
14 March 2023
Cybersecurity Industry News Review – March 14, 2023
The U.K. Online Safety Bill triggers a security rebuke from WhatsApp, the Czech Republic concerned about TikTok, an international law enforcement effort shuts down the NetWire RAT infrastructure, while a study suggests workforce malaise towards reporting security incidents. By Joe Fay WhatsApp Would Leave U.K. Rather Than Break Encryption WhatsApp would pull its end-to-end encrypted messaging service in the U.K., rather than submit to any requirement to weaken its privacy stance to comply with the U.K. government’s Online Safety Bill. WhatsApp chief Will Cathcart said that 98 per cent of its users were outside the U.K., and ALL users wanted... Read more →
Posted by ISC2 Management on 14 March 2023 at 05:00 AM in Digital Forensics, Ethics, Government , IT Security, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
17 February 2023
Analysis: White House Cybersecurity Policy Maker - Secure Open Source Software Even If It Benefits ‘Adversaries’ We Should Do It Anyway
By Joe Fay Resiliency is the endgame of the U.S. approach to internet and software security. The U.S. has a vested interest in creating a secure and resilient internet and software ecosystem, even if it means its “adversaries” also benefit, a White House cybersecurity leader told the State of Open Conference in London late last week. During a panel session on international security policy, Sal Kimmich, director of open source at EscherCloudAI, AI DevSecOps, said researchers uncovering vulnerabilities could face pressure from nation states, and there needs to be a way of protecting them. Microsoft director of open source strategy,... Read more →
Posted by ISC2 Management on 17 February 2023 at 03:00 AM in Government , Malware, Software Development | Permalink
|
Comments (0)
15 February 2023
Cybersecurity Industry News Review: February 15, 2023
By Joe Fay NHS still recovering from ransomware incidents. Network firm employee confesses to data extortion, as U.S. cyber ambassador admits their Twitter account was hacked as the President turns to industry leaders to advise him. NHS Still Reconnecting After 2022 Lockbit Attack on Supplier Just how disruptive ransomware can be was illustrated this past week, six months after an attack on UK health software supplier Advanced. The attack on Advanced first emerged in August 2022, causing disruption across a range of NHS services. Health and secondary care minister Will Quince said that while most affected NHS organizations were up... Read more →
Posted by ISC2 Management on 15 February 2023 at 03:00 AM in Malware, Ransomware, Risk | Permalink
|
Comments (0)
07 February 2023
Cybersecurity Industry News Review: February 7, 2023
By Joe Fay Derivatives traders, trainer trainers, and finger lickers all hit by ransomware. Russian hackers lash out after Ukraine tanks deal announced. Apple patches decade old devices. ION Markets Hit by “Cyber Security Event” Dublin-based data and software firm ION Markets has been hit by a “cyber event” which has had a knock-on effect on financial futures and derivatives markets worldwide. The attack is thought to have been ransomware related. ION Markets said the attack on its ION Cleared Derivatives division was “contained to a specific environment”, all the affected servers are disconnected, and remediation of services is ongoing.... Read more →
Posted by ISC2 Management on 07 February 2023 at 04:21 PM in IT Security, Legal, Malware, Privacy, Ransomware, Risk | Permalink
|
Comments (0)
27 January 2023
Latest Cyberthreats and Advisories - January 27, 2023
Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach. Here are the latest threats and advisories for the week of January 27, 2023. Threat Advisories and Alerts CISA Publishes Report to Help Protect Schools from Cyberthreats The recent surge in cyberattacks against the education sector has led the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to release a report addressing the issue. The COVID-19 pandemic made educational institutions increasingly vulnerable to cyberthreats, as virtual learning became widespread and led to the rapid adoption of new and untested technologies. The report titled “Partnering to Safeguard K-12 Organizations from... Read more →
Posted by ISC2 Management on 27 January 2023 at 08:00 AM in Malware, Network Security, Ransomware | Permalink
|
Comments (0)
20 January 2023
Latest Cyberthreats and Advisories - January 20, 2023
TikTok is fined for a privacy violation, major corporations suffer breaches and Vice Society attacks another school. Here are the latest threats and advisories for the week of January 20, 2023. Threat Advisories and Alerts U.K. School Survey Reveals Surprising Findings A new survey by London Grid for Learning (LGfL) and the National Cyber Security Centre (NCSC) revealed that the uptick in cyberattacks on the U.K. school system may not be as bad as first thought. The survey, of more than 800 schools, revealed that 78% of them had suffered at least one cybersecurity incident. Other interesting findings showed that... Read more →
Posted by ISC2 Management on 20 January 2023 at 11:30 AM in Malware, Privacy, Ransomware | Permalink
|
Comments (1)
06 January 2023
Latest Cyberthreats and Advisories - January 6, 2023
The LockBit ransomware gang apologizes, Google settles privacy lawsuits and cybercriminals impersonate brands and the U.K. government. Here are the latest threats and advisories for the week of January 6, 2023. Threat Advisories and Alerts Cybercriminals Impersonate Brands with Search Ads And Fake Sites The U.S. Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are directing internet browsers to malicious sites via search ads. How does the scam work? Bad actors build a fake website that impersonates a legitimate brand and then advertises it to appear at the top of search results. Once browsers click the ad,... Read more →
Posted by ISC2 Management on 06 January 2023 at 01:00 PM in Government , IT Security, Legal, Malware, Ransomware, Risk | Permalink
|
Comments (0)
18 November 2022
Latest Cyberthreats and Advisories - November 18, 2022
Beware the BatLoader, the NSA calls for more memory-safe programming language use and ransomware causes more trouble in Australia….Here are the latest threats and advisories for the week of November 18, 2022. Threat Advisories and Alerts Researchers Sound Alarm on Dangerous BatLoader Malware Dropper A dangerous new malware loader with features for determining whether it's running on business or home computers has begun rapidly infecting systems worldwide over the past few months. Researchers at VMware Carbon Black claim the threat, dubbed BatLoader, is being used to distribute a variety of malware tools including a banking Trojan, an information stealer, and... Read more →
Posted by ISC2 Management on 18 November 2022 at 09:50 AM in IT Security, Malware, Network Security, Operations Security, Privacy, Ransomware | Permalink
|
Comments (1)
04 November 2022
LATEST CYBERTHREATS AND ADVISORIES - November 4, 2022
Cyberattacks on Dropbox, Europe’s biggest copper producer and another Australian business make this week’s headlines. Here are the latest threats and advisories for the week of November 4, 2022. Threat Advisories and Alerts Google Chrome Suffers Seventh Zero-Day Vulnerability of the Year Google has released an emergency update for its Chrome web browser to address its seventh zero-day vulnerability (CVE-2022-3723) of the year. If the security flaw is exploited, attackers could perform remote code execution, access memory regions that could crash applications or read sensitive information of other apps. Google Chrome users are advised to update their browsers immediately. Source:... Read more →
Posted by ISC2 Management on 04 November 2022 at 02:46 PM in Malware, Ransomware, Risk | Permalink
|
Comments (0)
Search
Categories
- Center for Cyber Safety and Education (52)
- Cloud Security (137)
- Cybersecurity Certifications (387)
- Cybersecurity Training (315)
- Cybersecurity Workforce (254)
- Digital Forensics (30)
- Ethics (53)
- Government (127)
- Insider Risk (57)
- ISC2 Chapters (22)
- ISC2 Events (166)
- IT Security (389)
- Legal (46)
- Malware (116)
- Network Security (178)
- Operations Security (144)
- Privacy (117)
- Ransomware (90)
- Risk (204)
- Software Development (46)
- Spotlight (71)