The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning that cyber actors affiliated with the Russian military are targeting critical infrastructure, government services, financial services, transportation systems, energy, and healthcare sectors of NATO
TechRadar’s Cyber Predictions for 2024 are Spot On
Because technology develops so rapidly, and “trends” are fast and furious, it is always hard to predict what the big issues will be for the next year. A year is a long time in the tech field. Just look at how fast ChatGPT became a sensation, with consumers and businesses falling quickly behind in analyzing…
Chinese Hackers Allegedly Use ChatGPT to Write Ransomware
Chinese authorities have arrested alleged hackers in what appears to be the first-ever reported case of hackers using AI to develop ransomware. These alleged hackers reportedly used ChatGPT to refine the code for their home-grown ransomware encryption tool. ChatGPT has been banned in China in favor of Chinese tools such as Baidu’s Ernie Bot. However…
CISA Issues Three Advisories for Industrial Control Systems
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell ArmorStart, and Rockwell Automation Factory Talk Vantagepoint.
The Snap One vulnerabilities, if exploited, “could allow an attacker to impersonate and claim devices, execute arbitrary…
Joint Cyber Alert Urges Organizations to Patch Known Vulnerabilities
As we have pointed out before, it is cumbersome yet critical, to patch vulnerabilities on a timely basis. Cyber-attackers move swiftly to take advantage of known vulnerabilities and are aware of the challenges organizations have in closing those doors.
The Cybersecurity and Infrastructure Security Agency (CISA), along with its counterparts in other countries, issued a…
Privacy Tip #315 – Redline Malware Used to Steal Saved Credentials
Passwords are so difficult to remember. We all know we shouldn’t use the same or similar passwords across platforms. Stolen password credentials are dumped on the dark web and criminals use the stolen passwords to steal other data from victims, including frequent flyer miles, online banking credentials, cryptocurrency and other digital assets, and to get…
DeepBlueMagic Ransomware Appears on the Scene
Researchers at Heimdal Security have detected a new ransomware dubbed DeepBlueMagic. According to Heimdal, it is particularly concerning because it is able to disable security tools that companies have employed in order to avoid detection. After the security tools are disabled, the ransomware is deployed and encrypts entire hard drives, except for the system drive.…
CISA Issues Alert on Top Exploited Vulnerabilities
On July 28, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) issued a cybersecurity alert entitled “Top Routinely Exploited Vulnerabilities” in collaboration with the Australian Cyber Security Centre, the United Kingdom’s National Cyber Security Centre, and the FBI.
The Alert concludes that cyber criminals are exploiting vulnerabilities in unpatched systems, but that many of the…
Phishing, Vishing, and Smishing—Your Employees Need to Know the Newest Schemes
New dictionary words have been formed to describe online scams. Phishing, one that everyone knows by now, is when a scammer uses a pretext in an email to get someone to click on a link or attachment in the email to deploy malicious malware and ransomware.
Social engineering is when criminals conduct online search of…
Coveware Q1 2021 Report Shows Increase in Ransomware Payments Over Q4 2020
Coveware issued its Q1 2021 Ransomware Report on April 26, 2021, which concludes that “[D]ata exfiltration extortion continues to be prevalent and we have reached an inflection point where the vast majority of ransomware attacks now include the theft of corporate data.”
The Report states that the average ransom payment increased 43 percent from $154,108…