vpnversed.com

In second attack DDoS group demands 5 bitcoin payment

Five Radware customers received extortion letters in December and January threatening a DDoS attack if they did not pay five bitcoin (worth about $200,000) from a group that wanted the victims to believe they were from Fancy Bear, Lazarus Group and the Armada Collective. The threat group first attacked late last summer and in the…

The post In second attack DDoS group demands 5 bitcoin payment appeared first on SC Media.

Continue reading

Posted in DDoS, Security News, Threat intelligence | Comments Off on In second attack DDoS group demands 5 bitcoin payment

Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs

Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.

The post Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs appeared first on SC Media.

Continue reading

Posted in APT, APTs/cyberespionage, Featured, Network Security, Security News, SolarWinds hack, Threat intelligence | Comments Off on Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs

2021 to bring ‘phase two’ of remote access investment for enterprises

As work from home extends into 2021, remote access performance and security will continue to dominate enterprise budgets and priorities. Accommodating remote users “long-term will lead to phase two of remote access investment,” according to a report from Cato Networks that surveyed 2,376 IT leaders about budgets, purchase plans, future of remote work and secure…

The post 2021 to bring ‘phase two’ of remote access investment for enterprises appeared first on SC Media.

Continue reading

Posted in Remote Access, Security News | Comments Off on 2021 to bring ‘phase two’ of remote access investment for enterprises

New cyber council tackles infosec challenges from a tech perspective

Cybercrime is a plague on all industries, but a technology-borne problem at its core. So it makes sense that leading IT experts and infosec solution providers would step up to provide key advice to the tech community on how to protect customers from prevalent cyberthreats. To that end, the nonprofit IT trade association CompTIA this month officially…

The post New cyber council tackles infosec challenges from a tech perspective appeared first on SC Media.

Continue reading

Posted in Compliance, Network Security, Security awareness, Security News, Security strategy, Women in IT Security | Comments Off on New cyber council tackles infosec challenges from a tech perspective

Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years

The effectiveness of this operation serves as a reminder of the risks of openly sharing and storing plain-text network credentials or sensitive network access instructions on internet-accessible apps or servers.

The post Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years appeared first on SC Media.

Continue reading

Posted in APTs/cyberespionage, Cloud, Cloud Security, Cyberespionage, Featured, Network Security, Security News | Comments Off on Hackers hijacked cloud accounts of high-tech and aviation firms, hid in systems for years

Thousands of BEC lures use Google Forms in recon campaign

Researchers say they have observed thousands of messages using Google Forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to launch future business email compromises (BECs). The attackers used Google Forms to bypass email security content filters based on keywords, according to a blog released Wednesday by Proofpoint Threat…

The post Thousands of BEC lures use Google Forms in recon campaign appeared first on SC Media.

Continue reading

Posted in Email Security, Phishing, Security News, Social engineering | Comments Off on Thousands of BEC lures use Google Forms in recon campaign

70% of apps for the manufacturing sector spent all of 2020 with at least one security flaw

With public administration apps, the number that went a year with an unpatched security flaw dropped to 67 percent, and nine other sectors ranged between 50 and 60 percent, according to research from WhiteHat Security.

The post 70% of apps for the manufacturing sector spent all of 2020 with at least one security flaw appeared first on SC Media.

Continue reading

Posted in Application Security, Manufacturing, Mobile, Security News | Comments Off on 70% of apps for the manufacturing sector spent all of 2020 with at least one security flaw

CISA launches ransomware education program

The effort encourages governments, schools and private companies to take steps to protect their systems and data from ransomware.

The post CISA launches ransomware education program appeared first on SC Media.

Continue reading

Posted in Government, Ransomware, Security News | Comments Off on CISA launches ransomware education program

Look for GDPR fines to increase, extend beyond breaches

So far, U.S. companies have felt the brunt of regulators’ displeasure. The highest GDPR fine so far – $57 million – was imposed on Google by French regulators, though Marriott may have to pony up $123 million.

The post Look for GDPR fines to increase, extend beyond breaches appeared first on SC Media.

Continue reading

Posted in Compliance, Data Breach, Featured, Privacy, Privacy & Compliance, Security News | Comments Off on Look for GDPR fines to increase, extend beyond breaches