Tag Archive for: Primer

Ransomware y malware, las amenazas más importantes del primer semestre de 2023

/in


No es ninguna sorpresa que, en un mundo cada vez más digital, la ciberseguridad se haya convertido en una de las preocupaciones más dominantes. Este estado de ánimo se ve corroborado por el informe Security Mid-Year Report 2023 de Check Point Software, que ofrece una visión detallada de las tendencias y amenazas clave que han dominado en la primera mitad de 2023. Desde ataques a sectores específicos hasta la evolución de las amenazas de malware y ransomware, este informe proporciona información esencial para comprender los desafíos actuales en el ámbito de la seguridad informática.

¿Cuáles son los sectores que hoy están bajo la lupa? Un análisis específico nos muestra que la cantidad promedio de ataques por semana y organización en los sectores de salud y retail fueron muy importantes: muestran un aumento respectivo de 18 y 42% en relación al mismo periodo de 2022. Los sectores de consultoría y venta de hardware también mostraron su cuota de incremento respecto a 2022 con 27 y 18%, respectivamente. En contraste, los sectores de ISP/MSP (empresas de servicios informáticos e internet) y venta de software experimentaron una baja, en el orden del 9 y 6% cada una. Por su parte, los sectores más atacados continúan siendo los de educación, gobierno y salud, pero los datos de ransomware señalan que manufacturas y retail son los sectores más extorsionados en términos absolutos.

Durante la primera mitad de 2023 se observó la circulación de una gran variedad de archivos maliciosos entregados tanto por web como por correo electrónico, aunque con cambios significativos en su prevalencia en comparación con 2022. Los archivos maliciosos distribuidos por la web incluyeron formatos como exe (49%) y sh (20%). Por correo electrónico, los archivos tipo one aumentaron un 3200%, mientras que docm, docx y exe experimentaron disminuciones considerables. Además, se utilizaron formatos como ZIP, RAR e imágenes ISO en los correos electrónicos. Este último sigue siendo el principal vector de ataque: en este semestre 92% de todos los archivos maliciosos fueron entregados por esta vía.

El informe presenta estadísticas globales de malware para la primera mitad de 2023…

Source…

Best Top-5 Websites to learn Cyber-Security & Ethical Hacking || For Free.

/in



History of Infosec: a primer.

/in


“We study history not to be clever in another time, but to be wise always.” ―Marcus Tullius Cicero

Cicero was a famous Roman statesman and orator, a contemporary of Julius Caesar, Pompey, Marc Antony and Octavian. His writings on classical rhetoric and philosophy influenced the great thinkers of the Renaissance and Enlightenment many years later. And he’s absolutely right about history. 

I don’t study infosec history so that I can win at Nerd-Trivial-Pursuit tournaments at security conferences. I study infosec history so that I can understand the day-by-day changes going on in the industry. I believe you can’t understand the current state of the infosec community unless you have some understanding of what has happened in the past. For example, you can’t really have any detailed understanding for what’s going on, and what’s not going on, in the Ukraine war in cyberspace without having a background on Russian cyber operations from the beginning:

  • 1988: Made famous by Dr. Clifford Stoll’s paper “Stalking the Wily Hacker” and subsequent book, “The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage.” The Russians sponsored the first ever public cyber espionage campaign using East German hacker mercenaries that targeted U.S. governmental agencies. 
  • 1991: The collapse of the Soviet Union and the subsequent liberation of Ukraine.
  • 1996: Moonlight Maze: A series of Russian probes and attacks against the Pentagon, NASA (the National Aeronautics and Space Administration), and affiliated academic and laboratory facilities. 
  • 2007: Russia launched DDOS attacks against Estonia. 
  • 2008: Russia launched cyber attacks against the country of Georgia and penetrated the Pentagon’s classified networks. 
  • 2013: General Valery Gerasimov, the Chief of the General Staff of the Russian Federation, established the unofficial Gerasimov doctrine that advocates for asymmetric targets (physical and virtual critical infrastructure including outer space) across the spectrum during war.  
  • 2014: Russia Annexed Crimea, attacked Ukraine’s power grid for the first time, and attempted to change Ukraine’s Election.
  • 2014: The U.S. discovered that Russian cyber forces had…

Source…

Cybersecurity and the NRC: A Primer for Radioactive Materials Licensees | Morgan Lewis – Up & Atom

/in


As is clear from recent news reports, cybersecurity hacks and breaches have been trending upward for some time, and there has been a noticeable uptick over the last several months—including in the energy industry. As a result, President Joseph Biden has committed his administration, in large part through the American Jobs Plan and his executive order of May 12, to strengthen cybersecurity across the nation.

Notably, the American Jobs Plan makes $20 billion in energy infrastructure investments contingent on cybermodernization, and the executive order creates a “playbook” in an effort to harmonize the federal response to cyberincidents. But what controls are in place for the nuclear industry, including commercial users of radioactive materials, and which agency has jurisdiction over such matters? We address these issues briefly here.

EVOLUTION OF THE NRC’S CYBERSECURITY REGULATIONS

The NRC’s jurisdiction over and regulation of cybersecurity for power reactor (nuclear power plant) licensees is well established and well documented. Following the attacks of September 11, 2001, the NRC began evaluating cyberrisks and the need for associated protections at nuclear power plants. These efforts resulted in 10 CFR § 73.54, Protection of Digital Computer and Communication Systems and Networks, finalized in 2009, and the subsequent Regulatory Guide 5.71, designed to advise licensees on how to meet the regulatory requirements. But cybersecurity controls for radioactive material users are less straightforward. Nevertheless, as described below, several federal agencies, including the NRC and the Food and Drug Administration (FDA), have been active in this space over the last several years.

THE WORKING GROUP: FORMATION AND SCOPE

In 2012, the NRC identified a need to evaluate cybersecurity threats for radioactive materials licensees in SECY-12-0088. To accomplish that goal, in July 2013, the NRC established the Byproduct Materials Cyber Security Working Group (the Working Group), whose goal was to identify cybersecurity vulnerabilities among certain users of “risk-significant radioactive materials” to determine if the NRC should initiate any regulatory action to address…

Source…