Archive for the ‘Cyber Threats’ Category

Alarming Cybersecurity Stats: What You Need To Know For 2021

The year 2020 broke all records when it came to data lost in breaches and sheer numbers of cyber-attacks on companies, government, and individuals. In addition, the sophistication of threats increased from the application of emerging technologies such as machine learning, artificial intelligence, and 5G,  and especially from greater tactical cooperation among hacker groups and […]

Leave a Comment

The FBI Is Now Securing Networks Without Their Owners’ Permission

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that would give them subsequent remote access. Even if the vulnerabilities […]

Leave a Comment

FireEye: 650 new threat groups were tracked in 2020

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 […]

Leave a Comment

FCC Boots Chinese Telecom Companies, Citing Security

he Federal Communications Commission’s (FCC) Public Safety and Homeland Security Bureau on March 12 identified five Chinese companies they said posed a threat to U.S. national security. These companies are: Huawei Technologies Co., ZTE Corp., Hytera Communications Corp., Hangzhou Hikvision Digital Technology Co. and Dahua Technology Co. The declaration, according to the FCC, is in accordance […]

Leave a Comment

How to stay ahead of the rise of synthetic fraud

There are a number of reasons why synthetic fraud is on the rise, but there are also actions banks and other financial institutions can take to prevent this growing trend from doing damage. Synthetic fraud on the rise Banks around the world have faced difficulty in recognizing this type of complex fraud. Synthetic identity fraudsters […]

Leave a Comment

Npower shuts down app after hackers steal customer bank info

Leave a Comment

Microsoft releases open-source CodeQL queries to assess Solorigate compromise

Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack In early 2021, the US agencies FBI, CISA, ODNI, and the NSA released a joint statement that blames Russia for the SolarWinds supply chain attack. The four agencies were part of the task force Cyber Unified Coordination Group (UCG) […]

Leave a Comment

FBI: Hackers stole source code from US government agencies and private companies

FBI blames intrusions on improperly configured SonarQube source code management tools. FBI officials say that threat actors have abused these misconfigurations to access SonarQube instances, pivot to the connected source code repositories, and then access and steal proprietary or private/sensitive applications. Officials provided two examples of past incidents: “In August 2020, unknown threat actors leaked […]

Leave a Comment

Spotting a Common Scam

Spotting a Common Scam  These scams seek to collect personal information about you, often appearing to come from a real business or agency. Someone may pose as an official disaster aid worker, or send you a fraudulent COVID contact tracing email. If you receive a message with a link, you should not click it as it may download malware to your device to […]

Leave a Comment

Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found

The publication of ‘Vault 7’ cyber tools by WikiLeaks marked the largest data loss in agency history, a task force concluded. The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency’s elite computer hackers “prioritized building cyber weapons at the expense of […]

Leave a Comment

Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet

Academics record light variations in a light bulb to recover the sound waves (speech, conversations, songs) from a room 25 meters (80 feet) away. Source: Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet Download a Security Risk Assessment steps paper! Download a vCISO template Subscribe to DISC InfoSec blog by […]

Leave a Comment

Threat Simulation Overview and Setup – Active Countermeasures

Intro: No software project is complete without testing. In this blog series, we’ll cover how to test if your Threat Hunting platform can detect common threats.[…] Source: Threat Simulation Overview and Setup – Active Countermeasures Why You Need Threat Hunting! Cyber Threat Hunting: Identify and Hunt Down Intruders Real-Time Threat Hunting – SANS Threat Hunting […]

Leave a Comment

Global Threat Detection Report

2019 Global Threat Detection Report 2019 Global Threat Detection Report via CrowdStrike The best practice guide for an effective infoSec function Practice Guide Open a PDF file 2019 Global Threat Detection Report. 2019 Global Threat Report- The 1-10-60 Rule World Economic Forum Global Risks Report 2019 “Threat Detection & Prevention” appliances Subscribe to DISC InfoSec […]

Leave a Comment

What is Cyber Threat Intelligence

What is Cyber Threat Intelligence and How is it used?     Threat Intelligence At Microsoft: A Look Inside – Cyber Threat Intelligence Summit   Security Threat Tables Threat Table Threats List Security Alert Security Exploits Cyber Alert Security Risks Security Vulnerability WebApp Vulnerability Symantec Security Response Microsoft Security Response   Live Cyber Attack Threat Map World’s […]

Leave a Comment

Microsoft renewed its Attack Surface Analyzer, version 2.0 is online

Microsoft has renewed its Attack Surface Analyzer tool (version 2.0) to take advantage of modern, cross-platform technologies. Source: Microsoft renewed its Attack Surface Analyzer, version 2.0 is online  Subscribe in a reader

Leave a Comment