Tag: cybersecurity | Page 141

New ransomware attacks by Russian hackers highlight cybersecurity challenges

August 6, 2021/in Internet Security

Image showing Colonial Pipeline Houston Station facility in Pasadena, Texas (Eastern Houston) … [+] Taken on May 10, 2021. -US President Joe Biden said Russia-based groups are behind a ransomware attack that forced the closure of the largest oil pipeline in the eastern United States. The FBI identifies the group behind the Colonial Pipeline hack as Dark Side, a shadowy operation that surfaced last year, locking corporate computer systems and forcing businesses to pay to unfreeze them. It was made. (Photo courtesy of Francois PICARD / AFP) (Photo courtesy of FRANCOIS PICARD / AFP, via Getty Images)

AFP via Getty Images

NBC News reported On Friday, “According to cybersecurity firm Huntress Labs, successful ransomware attacks on a single company have spread to at least 200 organizations, making them one of the largest criminal ransomware ever.” NS Washington post Later, he said the attack affected more than 1,000 companies.

according to Forbes, A group of Russian-speaking hackers Claim Responsible for a major ransomware attack and demanded $ 70 million in Bitcoin to recover corporate data.

Faced with these Increase in cyber attacksBusiness leaders continue to face major challenges that make it difficult for businesses to respond to cyber-related crises.

Cyber vulnerabilities and trends

on Wednesday, cobalt Their release Annual report We investigated corporate cyber vulnerabilities and identified trends and risks affecting the cyber security community.Data was collected from the company’s own platform to connect to Ethical hacker According to organizations that need security testing and need to help find and fix security vulnerabilities. Caroline Wong, Cobalt Chief Strategy Officer.

“Unfortunately, the hottest cyberattacks that have occurred in the last few years—Equifax, Solar wind, Colonial pipeline, JBS — It’s not fundamentally different from the types of attacks observed over the last few decades, ”says Wong.

She states: “The first ransomware attack occurred in 1999. The cybersecurity industry knows how to discover, fix, and prevent the occurrence of this type of problem. NS National Vulnerability DatabaseWas created in 2000 and contains over 150,000…

Source…

What Is a Threat In Cybersecurity

August 5, 2021/in Internet Security

What is a threat in cybersecurity?; Cybersecurity threats refer to any possible attack that seeks to unlawfully access data, disrupt digital operations, or damage information. These can originate from corporate spies, hacktivists, terrorist groups, and other malicious actors.

The Infrastructure Security Agency (CISA) and cybersecurity describe Emotet as “a banking Trojan of the most destructive kind. It continues to be one of the costliest malware on earth.”

A denial of service is a type of cyber attack that floods the computer or network so it can’t respond to requests. A distributed DoS does the same thing but originates from an internet connection instead. Cyber attackers usually use a flood attack to disrupt the processes and carry out DDoS attacks. Several other techniques may be used, including time-based attacks on networks when they are disabled for extended periods due to another malicious mission launch by these hackers.

Botnets are a type of DDoS in which systems can be infected with malware and controlled by hackers, according to Jeff Melnick, the CEO of Netwrix. Botnets often use zombie-like computers that target large processing capabilities, but they’re hard to trace due to their geographic spread across numerous locations.

A man-in-the-middle (MITM) attack happens when a hacker interrupts and captures data in the middle of two parties during communication. MITMs are often successful because most people rely on public Wi-Fi networks, which are unsecured by default. If you’re not careful while using these services, attackers can use malware to install software and steal your personal information!

Phishing attacks are the worst, and they’re a lot more common than you might think. They use fake communication like emails to trick receivers into opening them up, giving hackers your credit card number, or putting malware on their machines!

A Structured Query Language (SQL) injection is a cyber-attack type that happens from inserting malicious code into a server. When infected, the server releases information and can be exploited by submitting something like “SELECT * FROM userinfo” to one vulnerable website’s search box.

Password…

Source…

New cybersecurity tech protects computer networks in vehicles

August 1, 2021/in Computer Security

Representational Image

Representational Image&nbsp

New York: A team of US researchers has developed a new machine learning-based framework to enhance the security of computer networks inside vehicles without undermining performance.

In collaboration with experts from Virginia Tech, the University of Queensland and Gwangju Institute of Science and Technology, researchers at the US Army Research Laboratory devised a technique called ‘DESOLATOR’ to help optimise a well-known cybersecurity strategy known as the moving target defense.

DESOLATOR, which stands for deep reinforcement learning-based resource allocation and moving target defense deployment framework, helps the in-vehicle network identify the optimal IP shuffling frequency and bandwidth allocation to deliver effective, long-term moving target defense.

“The idea is that it’s hard to hit a moving target,” said Dr Terrence Moore, a US Army mathematician.

“If everything is static, the adversary can take their time looking at everything and choosing their targets. But if you shuffle the IP addresses fast enough, then the information assigned to the IP quickly becomes lost, and the adversary has to look for it again,” he explained in a statement.

The research team used deep reinforcement learning to gradually shape the behaviour of the algorithm based on various reward functions, such as exposure time and the number of dropped packets, to ensure that DESOLATOR took both security and efficiency into equal consideration.

“Existing legacy in-vehicle networks are very efficient, but they weren’t really designed with security in mind,” Moore said. “Nowadays, there’s a lot of research out there that looks solely at either enhancing performance or enhancing security. Looking at both performance and security is in itself a little rare, especially for in-vehicle networks.”

In addition, DESOLATOR is not limited to identifying the optimal IP shuffling frequency and bandwidth allocation.

Since this approach exists as a machine learning-based framework, other researchers can modify the technique to pursue different goals within the problem space.

According to Army computer scientist…

Source…