Microsoft (MS) announced recently that data collected by its network of honeypot servers, that most brute-force attackers primarily attempt to guess short passwords, with very few attacks targeting credentials that are either long or contain complex characters.
“I analyzed the credentials entered from over >25 million brute force attacks against SSH. This is around 30 days of data in Microsoft’s sensor network,” said a security researcher at Microsoft. 77% of attempts used a password between 1
Link to full report: IR-21-328-001_weekl
Phishing Emails are being used with small font size to bypass security filters. Researchers at Avanan have spotted phishing emails that are using a font size of one (1) to fool email security scanners. The emails appear to be password expiration notifications from Microsoft 365. The attackers have inserted benign links that are invisible to the human eye, but trick security scanners into viewing the email as a legitimate marketing email.
“In this attack, hackers utilize a number of obfuscatio
A new Android banking trojan has been discovered targeting international banks and cryptocrrency services from the United Kingdom, Italy and the US. Twenty-two instances have been reported so far. The malware, first detected at the end of October 2021, appears to be new and is still being developed. It was discovered by Cleafy, an Italian fraud detection and prevention firm. Cleafy calls it ‘SharkBot’, named after the frequency of the word ‘sharked’ in its binaries.
SharkBot is not found in
A bipartisan group of state attorneys general said on Thursday they had opened an investigation into Meta, the company formerly known as Facebook, for promoting its social media app Instagram while knowing of mental and emotional harms caused by Instagram.
As of now, 11 US states are involved in the investigation, including California, Florida, Kentucky, Massachusetts, Minnesota, Nebraska, New Jersey, New York, Oregon, Tennessee and Vermont, as well as the District of Columbia. The Massachuset
Link to full report: IR-21-323-001_weekly323.pdf
A new initial access broker named Zebra2104, has been providing entry points to ransomware groups such as MountLocker and Phobos, as well as espionage-related advanced persistent threat group StrongPity, with access prices starting at just $25, according to a new report. Zebra2104 enters a victim’s network and sells that access to the highest bidder on underground forums in the dark web. This process saves threat actor customers the time, effort, and expense of gaining a toehold in an organiza
It is the time of year when that little snitch, “The Elf on the Shelf” returns to the bane of most children. Luckily that tattletale only works for a couple of weeks a year and then is returned to a box in the attic. There is a new “Elf” in town, who will never take a day off. Do you think there are limits to what your employer can see you do online? Some new Microsoft updates may make you think a little more about that. It may be that you think your employer is doing evil, unspeakable, or m
Insurance 101: Income (premiums) must exceed outgoings (claims) by around 30% (operating costs + profit). If claims increase, so must premiums for the insurance model to remain viable. And for the insurance companies to remain solvent and in business.
Cyber Insurance 102: The cost of cybercrime is rising dramatically and has been doing so consistently for many years. Continually increasing premiums to counter continuously increasing claims is ultimately unsustainable. Soon, the cost of insur
Cybersecurity threats, risks and challenges are often different depending on various international locations. Cyber-attack targets vary based on local resources and means to exploit vulnerabilities. Cyber criminals and nation-state attackers zero in on specific nations, companies and organizations for varying incentives. Additionally, the COVID-19 pandemic amplified and intensified cybersecurity threats. Since 2019, attackers have launch remote work-enabled attacks or social engineering att
There was an old 60’s movie called, The Spy who came in from the Cold. Well the FBI could be sidelined in new cybersecurity legislation and left out in the cyber security cold. In the view of America’s most powerful law enforcement agency, that could be a big problem.
In testimony to the US Congress, the current assistant director of the FBI’s Cyber Division, said that the Biden administration is “troubled” by legislation proposed by the US Senate and House Homeland Security committees requiri
US college campus delivery robots are making an impact. Delivery robot vendors are making a play for campuses across the country to establish a new market in a defined and structured environment, free of much of the regulatory complications of municipalities and ordinances. But what about cyber threats and hacking of these new helpers? The robots are no different from anyother cyber challenges.
Starship Technologies is delivering 30 autonomous robots for food service to South Dakota State Un
Link to full repo
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to U.S. Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape including ransomware attacks believed to be regularly carried out from Russian soil.
Readers can see the current state of cyber security for federal agencies HERE
Blinken formally announced the office whi
Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site. A ransomware group tied to Russia claims to have stolen data from the National Rifle Association (NRA) in a ransomware attack on the controversial gun-rights group, which has declined to comment on the situation.
The Grief ransomware gang listed the NRA as a victim of its nefarious activity on its data-leak site. Brett Callow, a threat ana
With the ability to largely secure critical infrastructure from ground level attacks and a current strong focus on cybersecurity, a potential new attack vector from the air is being presented with the wide availability of citizen drones.
Originally reported through Popular Mechanics[1] who obtained reports in a 28 October 2021 US government bulletin, media describes a crashed drone found on the roof of a building next to a Pennsylvania substation in July 2020. Experts believe the drone was like
Ransomware has been a cyber security issue for the past several years and somewhat hits its peak - with the Colonial Pipeline ransomware attack. Ransomware is defined as a form of malicious software that is designed to restrict users from accessing their computers or files stored on computers until they pay a ransom to cybercriminals.
Ransomware typically operates via the cryptovirology methods or using cryptography (encryption) to design powerful malicious software. The software then uses sym
Organizations need to have better plans in place to prevent cyberattacks, but they should be more transparent about when they do fall victim to hackers in order to prevent others from meeting the same fate, according to the former head of the US National Security Agency (NSA). As director of the NSA and Commander of US Cyber Command from 2014 to 2018, Admiral Michael S. Rogers oversaw cybersecurity during a period of time when the threat of cyberattacks from criminals and foreign government-ba
Robinhood was known for “Stealing from the Rich, and Giving to the Poor.” Not so in the last two years. For the second time Robinhood Markets Inc. has been attacked by cyber criminals. Robinhood said personal information of about 7 million people, which is approximately a third of its customers, was compromised in a data breach last week. The bad actors then demanded a ransom payment. The intruder obtained email addresses of about 5 million people as well as full names for a separate group
Area Maritime Security Committees 2020 Annual Report – Challenges, Suggestions, Accomplishments, and Best Practices. The Office of Port and Facility Compliance is pleased to announce the publication of a consolidated report[1] on the status and work completed in 2020 by Area Maritime Security Committees. Area Maritime Security Committees 2020 Annual ReportArea Maritime Security Committees 2020 Annual Report.[2]
Area Maritime Security Committees (AMSCs) provide a valuable forum to discuss and a
