Tag Archive for: Modern

‘Call of Duty: Modern Warfare 2’ Players Hit With Worm Malware

/in


According to TechCrunch it is unclear why the malware is spreading or what exactly the impact is on gamers. Valve, the owner of Steam, did not comment on the issue, according to the news website.

Public companies in the United States will soon have to report data breaches and hacking incidents four days after they deem an incident to have a “material” impact on their business. On Wednesday, the US Securities and Exchange Commission voted to introduce the regulations that require firms to disclose cyberattacks once they have determined it will disrupt its operations or finances. The disclosures must detail the “nature, scope, and timing” of the attack, as well as the potential impact it will have on the firm.

Former SEC rules required companies to disclose cyber incidents but did not impose any strict timeline on doing so. This can lead to firms waiting weeks or months to notify customers and lawmakers about data breaches and cyberattacks. A separate part of the new SEC rules also requires companies to detail their processes for “assessing, identifying, and managing material risks,” heaping extra public accountability on firms to make sure they’re taking security issues seriously. The rules will go into effect by no later than December.

Since Vladimir Putin started his full-scale invasion of Ukraine in February 2022, Russia’s internet censorship has become even more expansive. A new report this week from researchers at Citizen Lab, a research facility at the University of Toronto, shows how the country’s censors have clamped down on the social network VK, which is similar to Facebook. Russia’s government has been ordering VK to remove posts, videos, and accounts almost every day since the start of the war, the researchers found after reviewing court orders issued by the government.

There’s been a thirtyfold increase in censorship since the start of the war, Citizen Lab researchers found. In total, 94,942 videos, 1,569 community accounts, and 787 personal accounts are blocked in Russia, which has clamped down on independent media and blocked social media such as Facebook and YouTube as it looks to control the information people read and access within its borders.

At the end of May,…

Source…

A Deep Dive into Modern Ransomware Attacks – CryptoMode

/in


In a world where data is valuable, ransomware attacks have become a formidable threat to organizations worldwide. This concern continues to escalate with time, making it imperative for businesses to understand and address it effectively. The recent investigation by Microsoft’s Incident Response team into the relentless BlackByte 2.0 ransomware attacks has underscored these cyber onslaughts’ alarming rapidity and destructive capacity.

The Threatening Velocity of Ransomware Attacks

These cyber adversaries operate with astounding speed. The entire process can be alarmingly wrapped up in five days, from infiltrating systems to inflicting considerable damage. With such agility, these hackers can penetrate systems, encrypt valuable data, and demand a ransom for its release, leaving organizations scrambling to keep up.

In these attacks, the BlackByte ransomware surfaces in the final stage, employing an 8-digit number key to encrypt the data. The dynamics of these attacks underscore the use of a potent mix of tools and techniques, contributing to the high success rates of these malicious endeavors.

The investigation uncovered the troubling practice of exploiting unpatched Microsoft Exchange Servers. This tactic facilitates initial access to the target networks, setting the stage for further malevolent actions.

Blackbyte 2.0: Deceptive Strategies and Sophisticated Tools

Apart from using process hollowing and antivirus evasion techniques to ensure successful encryption, hackers also employ web shells. These allow remote access and control, enabling them to persist within the compromised systems, undetected. Additionally, the deployment of Cobalt Strike beacons furthers their command and control operations, arming them with various skills and making defense efforts more challenging for organizations.

To further avoid detection, cybercriminals cleverly use ‘living-off-the-land’ tools to camouflage their activities as legitimate processes. The BlackByte ransomware also manipulates volume shadow copies on infected machines to obstruct data recovery through system restore points. Specially crafted backdoors are deployed, allowing attackers to maintain access even…

Source…

Capabilities Of Modern DLP Systems

/in


The Data Loss Prevention (DLP) technology, as its name would suggest, is geared toward forestalling data leaks. While the essence and purposes of such systems seem self-evident, they have assumed extra conceptual undertones over the years. Besides thwarting deliberate or unintended leaks, modern DLP tools allow organizations to dodge a series of additional security roadblocks.

Any present-day DLP system falls under one of the following categories:

  • Classic DLPs that deliver a full range of features to identify and prevent the illicit transfer and analysis of an organization’s proprietary information.
  • Solutions with limited functionality that monitor data movements but don’t foil leaks automatically.
  • Comprehensive protection systems that come with a DLP component.

The objectives of these different tools overlap partially but aren’t the same. To give you the bigger picture, let’s first cover the stages of DLP evolution.

Driving forces for DLP emergence and advancements

This market niche debuted to fill the void in organizations’ data protection practices in light of increasingly rigid legal regulations. The compliance challenge escalated when lawmakers became highly concerned with data leaks in the enterprise ecosystem and proposed legislation as well as industry standards to safeguard customers’ sensitive information. At that point, providers of cybersecurity services introduced DLP in response to these initiatives.

The second milestone fits the context of securing companies’ trade secrets in addition to the financial details and personally identifiable information (PII) of their clients. This paradigm shift made DLP vendors incorporate extra features for better control over the movements of proprietary commercial data.

The onset of DLP systems that inhibited a wide spectrum of internal threats was another turning point. While averting data leaks as before, these tools facilitate the analysis of security events and help identify incidents. The feature stacks of such systems are typically enhanced by incident management platforms, security operations center (SOC) functions, and other defensive solutions. This form of…

Source…

Google Cloud and Palo Alto Networks Team to Protect the Modern Workforce

/in


Enterprises can now adopt the industry’s most comprehensive Zero Trust Network Access 2.0 to secure access to all applications from any device

SANTA CLARA, Calif., Dec. 13, 2022 /PRNewswire/ — In a world where work is now an activity not a place, organizations need to connect a distributed workforce without compromising on security and user experience. Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced an expanded partnership that brings together BeyondCorp Enterprise from Google Cloud and Prisma® Access from Palo Alto Networks to provide hybrid users secure and seamless access to applications – SaaS, cloud or on-premise – from managed or unmanaged devices.

Built on the backbone of the Google Cloud network, this comprehensive cloud-delivered Zero Trust Network Access (ZTNA) 2.0 solution enables all users to work securely from anywhere regardless of device type. With Prisma Access, customers get superior ZTNA 2.0 security for all devices, branch offices and applications. BeyondCorp Enterprise Essentials enables secure access to applications and resources for unmanaged devices. Combined threat intelligence and machine learning (ML) automatically detects and remediates threats to users, applications or enterprise data; all powered by the superior performance, planetary reach, and low-latency connections of Google Cloud.

“Legacy VPN and Zero Trust Network Access (ZTNA) 1.0 solutions provide access to users that is too broad and lacks continuous security inspection, putting cloud-first and hybrid organizations at risk,” said Kumar Ramchandran, SVP, Products for Palo Alto Networks. “ZTNA 2.0 by Palo Alto Networks secures the modern hybrid enterprise. This partnership will allow organizations to benefit from the performance, scale, and reliability offered by Google Cloud’s global network, coupled with the security expertise of Palo Alto Networks” 

“Together with Prisma Access and BeyondCorp, customers will now have seamless access to a Zero Trust security solution built for today’s workforce, powered by Google Cloud’s innovation, scale, and trusted cloud infrastructure,” said Sunil Potti, VP/GM, Cloud Security at Google Cloud. “At Google Cloud, we…

Source…