Organizations are generating and storing an increasing amount of digital data. Protecting this information from unauthorized access, theft, or damage is critical. The Chief Information Security Officer (CISO) is responsible for ensuring that an organization’s sensitive data is appropriately secured and protected from potential threats. In the below analysis, we see the various types of data that CISOs and other business leaders need to protect while working together to do so, along with tangib
All Articles (2242)
Sort by
The current Ukraine crisis has revealed the willingness of state and non-state actors to involve themselves in conducting attacks of various degrees of severity and frequency. Notably, hacktivists and cybercriminal groups have joined the conflict extending beyond the borders of the two primary combatants, with cyberattacks targeting those governments and private sector organizations perceived to be supporting the other side. Patriotic hacktivism is not necessarily new, especially in troubled a
The economic downturn predicted for 2023 will lead to layoffs but cybersecurity workers will be least affected, says the latest (ISC)² report. Also, as soon as things get better, they will likely be the first ones to get (re)hired. Execs have finally realized the importance of cyber security.
There have been massive layoffs by tech and other companies in the last few months. In December 2022, (ISC)² polled 1,000 C-suite executives from Germany, Japan, Singapore, the UK and the US about whether
Back in the late 1960’s there was a film called, The Good, the Bad and the Ugly. It was a story of three outlaw cowboys who exhibited these three moral traits. Sentinel Labs are now sharing a story of the modern day The Good, the Bad and the Ugly.
The Good - The man behind the development and sale of the NLBrute password-hacking tool was extradited to the United States this week. Known by his alias, dpxaker, US officials charged Russian national Dariy Pankov with computer and access device fr
The US Marshals Service (USMS) is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a "major incident" by officials, impacting a "stand-alone" system (meaning it is not connected to a larger federal network) within the service, an agency spokesperson said Monday. The attack was discovere
Technology has long been seen as a source of disruption to our lives, communities, and civilizations, provoking disruptive change at all scales, from individuals' routine daily activities to dramatic competition between global superpowers. This disruption can have positive and negative effects, although often unevenly distributed across different groups. New technologies, including Artificial Intelligence, Quantum computing, ChatGPT, and social media, have transformed the intelligence communit
Remote working brings benefits for employees, but by working from outside the company's internal network, there's also the added threat that employees are left more vulnerable to cyberattacks. And if hackers can compromise a remote employee by stealing their corporate username and password, or infecting their computer with malware, it could become a costly network security risk for the entire organization.[1]
Data breaches, phishing campaigns, ransomware attacks, and business email compromise
The Canadian military has discovered Chinese spy buoys in the Arctic which allegedly are monitoring US submarines and melting ice sheets. Such "activity is not new,” Canadian defense minister said in recent televised remarks, implying that China has been engaging in surveillance efforts in the region for some time.[1] Russia has long sought an Arctic trade route to create shorter vessel travel to Europe. Seems the Chinese may have the same idea, and oh; spy on its adversaries.
Officials descr
A 28-year-old Russian malware developer was extradited to the US where he could face up to 47 years in federal prison for allegedly creating and selling a malicious password-cracking tool. Dariy Pankov, also known as “dpxaker,” developed what the US Department of Justice (DOJ) called “powerful” password-cracking program that he marketed and sold to other cyber criminals for a small bitcoin fee. This case as reported by Recorded Future.
The tool called NLBrute, is a so-called brute-forcing tool
Russia-linked ransomware group Clop reportedly took responsibility for a mass attack on more than 130 organizations, including those in the healthcare industry, using a zero-day vulnerability in secure file transfer software GoAnywhere MFT.[1] Cybersecurity & Infrastructure Security Agency (CISA) added the GoAnywhere flaw (CVE-2023-0669) to its public catalog of Known Exploited Vulnerabilities. This Sector
Alert follows previous HC3 Analyst Notes on Clop (CLOP Poses Ongoing Risk to HPH Organiz
- A new threat cluster we track as WIP26 has been targeting telecommunication providers in the Middle East.
- Sentinel assess it is likely that WIP26 is espionage-related.
- WIP26 relies heavily on public Cloud infrastructure to evade detection by making malicious traffic look legitimate.
- WIP26 involves the use of backdoors, titled CMD365 and CMDEmber, which abuse Microsoft 365 Mail and Google Firebase services for C2 purposes.
- WIP26 also involves the use of Microsoft Azure and Dropbox instances as
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associa
A few years ago, Red Sky Alliance announced a new service named “Rocket Jot.” The service allowed a user to enter some/any topic terms, and in less than a minute, a complete written report was delivered in Word format to the user. The report often sounded a little like “robot speech” but was still complete and could be the basis for a “better” report with some grammar checking and additional sentences. It also delivered a complete list of sources used for the report. We offered the service
In 2015, ISIS conducted a series of coordinated attacks around Paris that killed 130 people and wounded nearly 500 more. Two years later, 39 people were killed in an ISIS attack on an Istanbul nightclub during the early hours of New Year’s Day. This week, the US Supreme Court will hear oral arguments in a pair of cases arising from those attacks. The justices’ decisions in Gonzalez v. Google and Twitter v. Taamneh could reshape legal liability for some of the nation’s largest technology compan
Vulnerability management comprises the entirety of workflows geared toward maintaining an up-to-date inventory of a company's digital assets, checking them for imperfections, and addressing the detected security loopholes. It revolves around the principle of monitoring and hardening the security condition of a corporate IT infrastructure continuously to ensure proactive defenses against different forms of exploitation.
There is a difference between the use of garden-variety vulnerability scanne
US banks are backing away from crypto companies, concerned by a regulatory crackdown that threatens to sever digital currencies from the real-world financial system. Banking regulators are raising concerns about banks’ involvement with crypto clients following last year’s blowup of Sam Bankman-Fried’s FTX. The Securities and Exchange Commission is aggressively pursuing the industry’s bigger players in a crackdown that threatens to narrow their reach. That move has alarmed bankers who don’t wan
A new financially motivated campaign that began in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Investigators said it "observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP) port 3389." The attacks primarily focus on individuals, small businesses, and large organizations located in the US, and to a lesser extent in the UK, Turkey,
There seems to be a current trend of attacking the airline industry. In Germany, seven airports were hit by a suspected cyber-attack on 16 February. Düsseldorf, Nuremberg, and Dortmund airports were among those impacted, but the websites for Germany’s three busiest airports: Frankfurt, Munich, and Berlin—were all functioning normally. These airports were victim to large-scale DDoS attacks. Currently, other airport systems were not affected. From Reuters, the chief executive also added that
Cyber threat researchers have identified a set of 38 security vulnerabilities in the wireless industrial internet of things (IIoT) devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology (OT) environments. Threat actors can exploit vulnerabilities in Wireless IIoT devices to gain initial access to internal OT networks. They can use these vulnerabilities to bypass security layers and infiltrate target networks,
Oakland California officials declared a state of emergency on 14 February after a cyberattack that first hit city technology systems last week, which continues to make it impossible to pay parking fees, fines and taxes online or connect by phone with most city departments. “The Office of the Mayor at Oakland City Hall. Oakland officials declared a state of emergency over a recent cyberattack that hobbled critical government technology systems.” Calls to 911 and city emergency services are stil
