21 Jun 2019

Iranian Hackers Launch a New US-Targeted Campaign as Tensions Mount

In the midst of rising US-Iran tensions, security researchers with Crowdstrike and Dragos have uncovered a new Iranian cyber campaign targeting organizations in the United States. The state-backed Iranian hacking group APT33 (aka Magnallium, or Refined Kitten) is behind the phishing campaign that has targeted around half a dozen organizations

Read More
21 Jun 2019

Millions of Dell PCs Vulnerable to Attack: Patch Now

A new report by SafeBreach warns that millions of Dell computers are at risk of being remotely compromised by threat actors due to a critical vulnerability in SupportAssist, a hardware-diagnostics tool that comes preinstalled on all Dell machines. The flaw affects a SupportAssist component made by PC-Doctor. As many as 100

Read More
21 Jun 2019

California experienced more data breaches than any other state in the past decade: report

Over the past decade, California experienced close to 1,500 data breaches in which a total of 5.6 billion personal records were exposed, more than in any other state, a new report by Comparitech shows. When it comes to the number of exposed records, California is followed at a distance by

Read More
21 Jun 2019

Ransomware gang hacks MSPs to deploy ransomware on customer systems

Threat actors recently obtained unauthorized access to the networks of three managed service providers (MSPs) and subsequently targeted customers of the compromised firms with ransomware using SecureAnywhere, an MSP tool by Webroot designed for the remote monitoring and management of client machines. The ransomware used in the attack is dubbed

Read More
21 Jun 2019

Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group

A new Symantec report sheds light on the recent activity of Turla (aka Waterbug, KRYPTON, Venomous Bear), a Russia-linked cyber-espionage group. Since early 2018 the group has launched at least three distinct campaigns that all relied on different tools. The attacks have targeted 13 organizations, including government agencies, across 10

Read More
21 Jun 2019

Insured losses from a cyber catastrophe could reach billions

New figures[pdf] released by Kovrr show that a “cyber catastrophe” involving a disruptive cyberattack on a UK email service provider could result in around $3.25 billion in losses to be covered by insurance companies. Kovrr believes that insurance and reinsurance companies aren’t prepared for this scenario even though it is

Read More
21 Jun 2019

Small Businesses May Not Be Security’s Weak Link

A new report by (ISC)² indicates that the poor reputation of small businesses when it comes to security isn’t entirely justified. Small firms are often considered to be a supply-chain risk for larger corporations, but (ISC)² found that security breaches resulting from cooperation with a large company are slightly more

Read More
21 Jun 2019

Desjardins, Canada’s largest credit union, announces security breach

A recent security breach at Desjardins, the largest credit union in Canada and one of the world’s biggest banks, highlights how insiders can put organizations and their data at risk. Last week, Quebec police informed the bank that one of its employees had taken advantage of their access to a

Read More
20 Jun 2019

Florida City Pays $600,000 Ransom to Save Computer Records

In an incident that should serve as a warning for government entities and corporations alike, Riviera Beach, Florida this week decided to pay $600,000 in ransom to threat actors that infected the city network with ransomware three weeks ago. All the city’s records were encrypted as a result of the

Read More
20 Jun 2019

CISOs Struggling With 50+ Separate Security Tools

A new study by Panaseer found that 87% of enterprise CISOs are having a hard time keeping track of sensitive data, with 31% of respondents worrying that this complicates their firm’s compliance efforts. A common problem seems to be reliance on a great number of different security tools. The average

Read More