In 2020, cybersecurity company Mandiant’s computer system was compromised by an intruder exploiting an innocuous crack: routine software updates pushed out by another company, SolarWinds. Mandiant was one of nearly 18,000 organizations to receive the compromised software.
The attack, a supply-chain hack by a Russian intelligence agency, demonstrates the trade-off between system coordination and vulnerability to attack, according to science and technology scholar Rebecca Slayton.[1] “Standards
Cybercriminals have been masquerading as sellers of GlobalProtect,[1] a virtual private network (VPN) software from Palo Alto Networks, and delivering a new variant of WikiLoader malware through search engine optimization (SEO) poisoning.
See: https://redskyalliance.org/xindustry/shifts-in-cyber-attack-tactics
WikiLoader, also known as WailingCrab, is a downloader malware first discovered in 2022 by Proofpoint. It's sold in underground marketplaces by initial access brokers, and hackers typica
As October is winding down, we turn our focus to Training. October 2023 marks the 20th annual Cybersecurity Awareness Month. While it was initially founded as a national movement in the US, Cybersecurity Awareness Month has since grown into a global initiative. And for good reason. Today's cybersecurity market is suffering from a skills gap of 3.4 million trained professionals, with security practitioners being overwhelmed by a continuous onslaught of increasingly sophisticated attacks while
A maritime VSAT (Very Small Aperture Terminal) is a two-way satellite internet terminal which receives and transmits real-time data via satellites. It is vital for many vessels to maintain a high-speed, reliable connection while offshore. In addition to the importance of connectivity for operations, it also serves a key crew welfare role. However, VSAT also presents cyber threats to vessels, due to the value of the data they transmit and their role as attack vectors for other technology on bo
The FBI and CISA issued a joint advisory to warn that the Bl00dy Ransomware gang is now also actively exploiting a PaperCut remote-code execution vulnerability to gain initial access to networks. The US Cybersecurity & Infrastructure Security Agency mentions that the threat actor has focused their attacks on the education sector, which has a significant public exposure of the flaw.
"In early May 2023, according to FBI information, the Bl00dy Ransomware Gang gained access to victim networks acro
Researchers at SentinelLabs have been monitoring a cluster of malicious Office documents that stage Crimson RAT, distributed by APT36 (Transparent Tribe) that target the education sector. Analysts have assessed that this activity is part of the group’s previously reported targeting of the education sector in the Indian subcontinent. Seen was APT36 (also known as Transparent Tribe) introducing OLE embedding to its typically used techniques for staging malware from lure documents and versioned c
This year millions of people have tried and been wowed by artificial-intelligence systems. That is in no small part thanks to OpenAI’s chatbot ChatGPT. When it launched last year, the chatbot became an instant hit among students, many of whom embraced it as a tool to write essays and finish homework. Some media outlets went as far as to declare that the college essay is dead. Alarmed by an influx of AI-generated essays, schools around the world moved swiftly to ban the use of the technology.
Our friends at The Record shared some concerning news for the US. More than 200 local governments, schools and hospitals in the US were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft.
The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year. These figures are based only on public
Vice Society is an intrusion, exfiltration, and extortion hacking group that first appeared in summer 2021 that has alleged ties to Russia who attacks “With Love.” Vice have crossed the line of what many hackers said was off limits – education and health care systems and facilities. This past September, a ransomware attack on the Los Angeles Unified School District crippled its digital operations across their system, which includes more than 1,000 schools and serves roughly 600,000 students.
This joint CISA - Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about
A recent bipartisan report by the US Senate’s Homeland Security and Governmental Affairs Committee shows that key government agencies have made little progress in terms of cybersecurity over the past two years. A report published in 2019 found that eight federal agencies failed to meet even the basic cybersecurity standards and protocols. Two years later, cybersecurity at those agencies was again analyzed and the findings are as described in the new report “stark.”
The new report, titled “Feder
