Tag: Record | Page 3

Cyber Security Today: Ransomware attacks hit a record in September, and more

October 25, 2023/in Internet Security

Ransomware attacks hit a record in September, and more.

Welcome to Cyber Security Today. It’s Wednesday, October 25th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

The number of successful ransomware attacks keeps climbing. NCC Group says criminal data leak sites listed 514 victims last month. It breaks the record set in July, when gangs listed 502 victim organizations. The claims of these sites are usually reliable. The U.S. continued to be the most attacked country.

And if that’s not bad enough there’s a new ransomware gang. Rhysida. It runs as a ransomware-as-a-service operation, say researchers at Kaspersky. It has a unique self-deletion mechanism. It also works on Windows 7 and 8.

On Monday I told listeners about the compromise of files sent to Okta’s support system. Since then several technology companies have acknowledged being victims. They include Cloudflare and 1Password, which makes a password manager. 1Password’s CTO says no user data was compromised.

A former IT member of the U.S. National Security Agency has pleaded guilty to six counts of attempting to transmit classified defence information last year to what he believed to be was a Russian agent. He was actually sending the stuff to an undercover FBI agent. He’ll be sentenced next April.

VMware has updated its warning to administrators running Aria Operations for Logs. Last week it urged the software be patched to fix multiple vulnerabilities. This week that notice was updated to that warn threat actors now have exploit code to take advantage of an unpatched server.

Worried about how much data the apps you like are collecting? Here’s something to think about: According to researchers at The Money Mongers, Threads is the most invasive of the 100 apps it studied. They include Instagram, Facebook, Messenger, LinkedIn, Uber Eats and more. Threads, you may recall, is trying to challenge the platform called X and its tweets. By the researchers’ standard, Threats collects 86 per cent of its users’ personal data. That may be OK if the users realize this. But also note that 51 per cent of the apps studied share their user data…

Source…

Ransomware attacks register record speeds thanks to success of infosec industry • The Register

October 10, 2023/in Internet Security

The time taken by cyber attackers between gaining an initial foothold in a victim’s environment and deploying ransomware has fallen to 24 hours, according to a study.

In nearly two-thirds of cases analysed by Secureworks’ researchers, cybercriminals were deploying ransomware within a day, and in more than 10 percent of incidents it was deployed within five hours.

This average dwell time has dropped significantly in 2023, down from 4.5 days in 2022 and 5.5 days the year before that.

The findings remained consistent across the year’s incidents, researchers noted, not being influenced by specific ransomware variants of cybercrime groups.

Dwell times in some cases were longer when data exfiltration occurred before ransomware was deployed – a double extortion scenario.

However, this wasn’t true in every case, and as Microsoft revealed last week in its annual threat intelligence report, double extortion events accounted for just 13 percent of ransomware incidents in the past year.

Secureworks said that ransomware attacks are being carried out with less complexity than in years gone by, with the days of organization-wide encryption incidents becoming increasingly more difficult to pull off.

“The cybersecurity industry is undoubtedly getting better at detecting the activity that has historically preceded ransomware, such as the use of offensive security toolkits like Cobalt Strike,” Secureworks said in its “State of The Threat Report.”

“This may be a factor in forcing ransomware operators to work more quickly.”

As detection technologies become more effective, cybercriminals are naturally forced to adapt to a changing defensive landscape, having to complete their attacks faster.

Secureworks’ experts also said the popularity of the ransomware-as-a-service (RaaS) model could also provide an explanation for shorter attacks.

With effective ransomware payloads, complete with easy-to-follow instructions for affiliates to use them, the RaaS model makes executing attacks possible for even the least-skilled criminals.

This lowering of the barrier to enter the ransomware market as an affiliate has led to an increase in attacks overall, and June broke the single-month record for…

Source…

Hackers exploited flaw in Eden Prairie firm’s software in record year for ransomware attacks

September 24, 2023/in Computer Security

…

Source…

Grooming cases at record high amid online safety laws delay

August 14, 2023/in Internet Security

Rani Govender, senior policy officer at the NSPCC, said: “We don’t think there’s a trade-off between safety and privacy, we think it’s about investing in those technical solutions which we know are out there, that can deliver for the privacy and safety of all users on these services.”

Source…

Tag Archive for: Record