Feb 01 2021
List of data breaches and cyber attacks in January 2021
878 million records breached
By Luke Irwin
Thankfully, January was relatively quiet on the data breach front, following a chaotic end to 2020 in which we surpassed a thousand security incidents and 20 billion breached records.
So far this year, we’ve recorded 82 incidents and 878,168,975 breached records. That’s not great – particularly when you factor in that January is generally a quiet month across most sectors – but it’s progress.
You can find the full list of incidents that we recorded below, with those affecting UK incidents listed in bold.
Source: https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-january-2021?
Jan 31 2021
SIM National Unpacking the Hack
In this SIM DigiRisk Town Hall this panel of seasoned CIOs will share some of their valuable tips and advice for approaching this for your company.
Jan 30 2021
Penetration Testing
Penetration Testing is a method that many companies follow in order to minimize their security breaches. This is a controlled way of hiring a professional who will try to hack your system and show you the loopholes that you should fix.
Before doing a penetration test, it is mandatory to have an agreement that will explicitly mention the following parameters −
>what will be the time of penetration test,
>where will be the IP source of the attack, and
>what will be the penetration fields of the system.
Penetration testing is conducted by professional ethical hackers who mainly use commercial, open-source tools, automate tools and manual checks. There are no restrictions; the most important objective here is to uncover as many security flaws as possible.
Source: to download a pdf copy of Burp Suite Cookbook
Jan 30 2021
The Security Mirage
The feeling of security and the reality of security don’t always match, says computer-security expert Bruce Schneier. In his talk, he explains why we spend billions addressing news story risks, like the “security theater” now playing at your local airport, while neglecting more probable risks — and how we can break this pattern.
Jan 29 2021
Vovalex is likely the first ransomware written in D
A new ransomware called Vovalex is being distributed through fake pirated software that impersonates popular Windows utilities, such as CCleaner.
When it comes down to it, all ransomware infections boil down to the same function – encrypt a device’s files and then drop a ransom note demanding payment in some form.
While Vovalex is no different, what stands out to Advanced Intel’s Vitali Kremez and MalwareHunterTeam, who found the ransomware, is that it may be the first ransomware written in D.
Source: Vovalex is likely the first ransomware written in D
Jan 29 2021
Lebanese Cedar APT group broke into telco and ISPs worldwide
Clearsky researchers linked the Lebanese Cedar APT group to a cyber espionage campaign that targeted companies around the world.
Clearsky researchers linked the Lebanese Cedar group (aka Volatile Cedar) to a cyber espionage campaign that targeted companies around the world.
The APT group has been active since 2012, experts linked the group to the Hezbollah militant group.
The activities of the group were first spotted by Check-Point and Kaspersky labs in 2015.
ClearSky experts linked the Lebanese Cedar group to intrusions at telco companies, internet service providers, hosting providers, and managed hosting and applications companies.
The attacks began in early 2020 and threat actors breached internet service providers in the US, the UK, Egypt, Israel, Lebanon, Jordan, the Palestinian Authority, Saudi Arabia, and the UAE.
“Based on a modified JSP file browser with a unique string that the adversary used to deploy ‘Explosive RAT’ into the victims’ network, we found some 250 servers that were apparently breached by Lebanese Cedar” reads the report published by the ClearSky. “We assess that there are many more companies that have been hacked and that valuable information was stolen from these companies over periods of months and years.”
Jan 28 2021
Privacy as a Service
The simplest, fastest, and most affordable way to comply with privacy legislation like the EU’s GDPR (General Data Protection Regulation), the CPRA (California Privacy Rights Act), New York’s SHIELD Act, and others. With Privacy as a Service, you can:
* Achieve scaled privacy compliance quickly
* Remain one step ahead of legislative developments with affordable advice and support
* Reduce privacy risks with one simple subscription service
* Enjoy peace of mind with your own dedicated data privacy manager
Jan 28 2021
TeamTNT group adds new detection evasion tool to its Linux miner
The TeamTNT cybercrime group has upgraded their Linux cryptocurrency miner by adding open-source detection evasion capabilities, AT&T Alien Labs researchers warn.
Early this year, researchers from Trend Micro discovered that the TeamTNT botnet was improved with the ability to steal Docker credentials.
The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August experts from Cado Security discovered that that botnet is also able to target misconfigured Kubernetes installations.
“The group is using a new detection evasion tool, copied from open source repositories,” reads the analysis published by AT&T Alien Labs.
The threat actor behind the botnet used the new tool to hide the malicious process from process information programs such as `ps` and `lsof`and evading the detection.
The libprocesshider open-source tool is available on Github since 2014 and is able to “hide a process under Linux using the ld preloader.” The “preloading” technique allows the system to load a custom shared library before other system libraries are loaded. If the custom shared library exports a function with the same signature of a library that is located in the system libraries, the custom version will override it.
« Previous Page — Next Page »
