Tag Archive for: constant

Cybersecurity Pros Preach Constant ID Challenging, Attack Readiness To Defeat Threats


A recent gathering of global cybersecurity pros explored the latest attack scenarios hackers use to infiltrate corporate networks. But unlike the hopes of misguided potential victims, no silver bullet or software guarantee will fully protect them.

The RSA Conference (RSAC) presenters focused on the surge in demand for implementing a Zero-Trust philosophy. Presenters urged network managers to educate their employees to spot digital identity proofing. This involves securing the data points needed to feasibly proliferate digital ID proofing solutions.

Another leading cause of network breaches is organizations integrating their on-premises environments into their cloud environment. That makes the cloud prone to various on-premises originated attacks.

“RSA Conference plays a critical role in bringing the cybersecurity industry together. As cyberattacks grow in frequency and sophistication, it is imperative that practitioners and experts across the public and private sector convene to hear unique perspectives to help address today’s biggest challenges,” remarked Linda Gray Martin, vice president, RSA Conference.

The RSAC provides a year-round platform for the community to engage, learn, and access cybersecurity content. That process is available online and at in-person events.

Better cyber protections will only happen with a heightened focus on authentication, identity, and access management along with threat hunting activities, according to the RSAC.

Leading the Charge

Kevin Orr, president of RSA Federal, oversees the deployment of security, especially identity access management tools, to federal and commercial customers. His company has roots in the early days of cybersecurity defenses.

At this year’s RSA Conference and the corresponding Public Sector Day, he had the opportunity to speak with leaders in the government and enterprise cybersecurity space. He discussed his observations on the state of cybersecurity with TechNewsWorld.

RSA Federal is an identity and access management (IAM) solutions firm that began as a cybersecurity section within the Dell computer company. Today, it has contracts with some of the world’s most security-sensitive organizations.

The connection…

Source…

Watch now: Cybersecurity admin says ransomware constant threat for ISU – The Pantagraph



Watch now: Cybersecurity admin says ransomware constant threat for ISU  The Pantagraph

Source…

Constant but Camouflaged, Flurry of Cyberattacks Offers Glimpse of New Era


The world woke up on Monday to revelations of a sort that have become disconcertingly routine.

Chinese hackers had breached governments and universities in a yearslong campaign to steal scientific research, according to a U.S. Justice Department indictment.

Separately, several governments, including the Biden administration, accused Beijing of hiring criminal hackers to infiltrate the world’s largest companies and governments for profit.

Only hours before, a consortium of news agencies reported that governments worldwide have used spyware sold by an Israeli company to monitor journalists, rights workers, opposition politicians and foreign heads of state.

The rush of allegations represent what cybersecurity and foreign policy experts say is a new normal of continuous, government-linked hacking that may now be a permanent feature of the global order.

Governments have become cannier at exploiting the connectivity of the digital era to advance their interests and weaken their enemies. So have freelance hackers who often sell their services to states, blurring the line between international cyberconflict and everyday crime.

Hacking has become a widely used tool of statecraft, oppression and raw economic gain. It is cheap, powerful, easy to outsource and difficult to trace. Anyone with a computer or smartphone is vulnerable.

And hacking bears a trait common to the most destabilizing weapons in history, from medieval siege devices to nuclear arms: It is far more effective for offensive than defensive use.

Still, after a decade in which military planners worried that cyberconflict might lead to the real thing, the emerging dangers of this new era are somewhat different than once imagined.

Rather than resembling a new kind of war, hacking is coming to play a role in the 21st century much like espionage did in the 20th, analysts and former officials believe. It is a never-ending cat-and-mouse game played by small states and great powers alike. Adversarial, even hostile, but tolerated within limits. Sometimes punished or prevented, but assumed to be constant.

But there is one important difference, experts say. The tools of espionage are mostly wielded by governments against other governments. The…

Source…

REvil’s Ransomware Success Formula: Constant Innovation


Cybercrime
,
Cybercrime as-a-service
,
Fraud Management & Cybercrime

Affiliate-Driven Approach and Regular Malware Refinements Are Key, Experts Say

REvil's Ransomware Success Formula: Constant Innovation
Sodinokibi/REvil ransom note (Source: Malwarebytes)

Just as cloud services have taken the business world by storm, the same can be said for ransomware, including one of today’s most notorious strains: REvil. Also known as Sodinokibi and Sodin, REvil is a ransomware-as-a-service offering, which means a core group develops and maintains the ransomware code and makes it available to affiliates via a portal.

See Also: Live Panel | Zero Trusts Given- Harnessing the Value of the Strategy


Those affiliates and the core group of operators share in any profits that result from victims paying a ransom. Recent victims that have made payments include meat processor JBS, which paid $11 million in bitcoins.


Many security experts rank REvil among the most damaging and prevalent RaaS operations, alongside Conti, DoppelPaymer (aka DopplePaymer), Maze offshoot Egregor, and Ryuk.


A key to REvil’s success has been its use of skilled affiliates and their ability to successfully access and traverse increasingly large victims’ networks, infect endpoints – now including both Windows and Linux systems – and demand larger ransoms. REvil’s operators also maintain a data leak portal and can assist affiliates with ransomware negotiations. All of this has one goal: to get victims to pay.




Affiliate…

Source…