Tag Archive for: Scariest

The scariest cyber security horror stories of 2022


In a year of upheavals that saw the death of Queen Elizabeth II, three changes of UK prime minister, and Russia’s invasion of Ukraine, one thing that has remained unfortunately consistent is cyber criminals ramping up attacks.

Some trends prevail: Ransomware remains popular, fuelled by the sheer volume of revenue available to the gangs and criminals involved in the lucrative market. The Lapsus$ group has been particularly active in 2022, allegedly breaching the likes of Microsoft, Uber, and Nvidia.

The supply chain is still a common vector of attack, with the Okta breach at the beginning of the year showing the damage that can be done to a firm’s reputation if it fails to act quickly in disclosing an incident.

Cyber criminals have also started to broaden their horizons to focus on digital currencies, with cryptocurrency exchanges, platforms, and personal wallets increasingly targeted over the course of the year.

We’ve rounded up the scariest security horror stories of 2022.

Log4Shell vulnerability wreaks havoc throughout 2022

The Log4Shell vulnerability continues to wreak havoc on businesses a year after it first sent shockwaves through the security industry. Discovered in December 2021, the zero-day remote code execution (RCE) flaw in Java logger Log4j was so impactful because of the sheer number of applications and services it powers: Log4j is used by millions of computers across many organisations and underpins multiple internet services and applications, including Twitter, Microsoft, and Amazon.

With a 10/10 critical rating, the Log4Shell flaw – which has the NIST National Vulnerability Database designation CVE-2021-44228 – is relatively easy to exploit, because it doesn’t require privileged access to be used in attacks. It’s therefore no surprise that just 24 hours after it was disclosed, researchers at security firm Checkpoint recorded almost 200,000 attempts to exploit the issue. A week after Log4Shell went public, cyber criminals and other malicious actors had used the flaw as part of over 1.2 million attacks globally. 

The Log4Shell issue persisted well into 2022. In February, the flaw was used by Iranian state sponsored attackers targeting the US government….

Source…

Ransomware and Phishing and Malware, Oh My! Combatting 2021’s Scariest Security Threats


It’s the end of 2021, so I’d like to take some time to reflect on the significant security-related stories of the past year.

In 2021 we learned a great deal about the SolarWinds attacks, which were detected in December of 2020. The suspected Russian hackers behind the attack targeted multiple government agencies, thousands of private businesses, and other organizations that used SolarWinds Orion software.

Earlier this year, Microsoft warned that the hacking group, known as Nobelium or Cozy Bear, returned. This time, Microsoft says the group was trying to disrupt the global IT supply chain by attacking resellers and technology providers that help customers manage and deploy Microsoft’s cloud services.

Ransomware was a problem for United States government agencies, and businesses across various industries, from water systems in the United States to payroll companies. At the end of the year, Microsoft even warned that an exploit paved the way for state-sponsored hackers from China, Iran, North Korea, and Turkey to launch ransomware attacks.

Phishing was another headache for security personnel. With many employees working from home, the environment was ripe for people to click on nefarious links in emails and spread malware. 

To avoid getting caught in phishing, hacking, and other attacks, we recommend using any of our top picks among antivirus solutions. Some of you pushed back pretty hard against using third-party antivirus in the comments of this article, going as far as accusing me of taking kickbacks from Norton. I can assure you that’s not the case—our tests showed the built-in antivirus Microsoft Defender Antivirus does not provide the total protection found with many third-party options, even the free ones.

The best antivirus has excellent phishing protection. PCMag’s lead security analyst Neil J. Rubenking noted Defender received poor scores for phishing protection but also remarked that Defender was an adequate fallback. 

Whatever you choose to do regarding antivirus protection, make sure to stay vigilant. Having excellent antivirus protection does not give you carte blanche to click on links from emails residing in your spam folder or visit unsecured websites. Common…

Source…

The scariest hacks and vulnerabilities of 2019

Thunderclap vulnerability – The security flaw impacts how Windows, Mac, Linux handle Thunderbolt peripherals. They allow the creation of highly dangerous malicious peripherals that can steal data from …
mac hacker – read more

These are the 3 scariest alleged Darkode hackers arrested during the FBI’s … – Business Insider


Business Insider

These are the 3 scariest alleged Darkode hackers arrested during the FBI's
Business Insider
He is believed to be one of the masterminds behind Darkode and acted as the forum's administrator. He is also suspected of running a criminal botnet that had enslaved over 50,000 computers. Botnets, also known as “zombie armies” within hacking culture, …
Malware And Hacking Forum Darkode Is Shut Down; Dozens ArrestedNPR
Police around the world bust huge hacker black market, Glendale man among fox6now.com
FBI: Global Criminal Hacker Forum Darkode Shut DownInsurance Journal
Engadget –WMUR Manchester
all 410 news articles »

android botnet – read more