Posts

‘Ransomware attacks on pharma sector to increase’ – News Today


Chennai: Quick Heal Technologies Limited, has released its threat predictions that will share the future of cybersecurity in 2021 and beyond.

In a statement, it said, “Previously, advanced ransomware attacks like WannaCry, Petya, Ryuk, Grandcrab etc. used to only encrypt disks or files and demand a ransom payment in return for a decryption key. Now a new ransomware trend is observed which not only encrypts user files but also exfiltrates private and sensitive information. On denial of ransom, adversaries threaten to release hijacked information in public.”

Numerous hospitals, Covid-19 research firms, and pharma companies have fallen victim to ransomware in the last quarter of ‘20, making it necessary for them to adopt or deploy a comprehensive set of security solutions.

Cobalt Strike is a threat emulation toolkit that is often being used for post-exploitation, covert communication, and browser pivoting, among other malicious purposes.

With the Covid-19 pandemic, almost all organisations have rolled out a remote working model, businesses have introduced tools to facilitate employees to connect to office networks from home and collaborate.

This new infrastructure must be managed and configured with great precision.

The booming cryptocurrency values will invite even more threat actors towards developing stealthier crypto-miners and generate higher revenues in 2021.

Himanshu Dubey, director, Quick Heal Security Labs, said, “The pandemic acted as a huge opportunity for cyber criminals to innovate their attack strategies further, and steal sensitive data for their personal gain. These advancements are likely to continue in the coming year as well. For instance, new tactics like double extortion, crypto-mining, ethical hacking, etc. are expected to be widely adopted by threat actors in 2021”.

 

Source…

RTL Today – Computer security test: GoDaddy apologises for fake Christmas bonus email security test


US web company GoDaddy apologized Thursday after an email that promised employees a Christmas bonus in the midst of the economic crisis turned out to be a computer security test.

“GoDaddy takes the security of our platform extremely seriously. We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologized,” a spokesman for GoDaddy, the largest internet domain management company in the world, told AFP in a statement.

“While the test mimicked real attempts in play today, we need to do better and be more sensitive to our employees,” added the Arizona-based company.

In December, around 500 employees clicked on an email from the company offering a Christmas bonus of $650 and asking them to fill out a form with their personal details.

Two days later, a different message appeared in their inboxes.

“You are receiving this email because you failed our recent phishing test,” the email from GoDaddy’s security chief read, according to Arizona’s Copper Courier newspaper.

The technique of phishing, widely used by computer hackers, sees emails pretending to be a person known to the intended target, with the objective of obtaining information to infiltrate their computer systems.

The test email sparked uproar on social media as millions of Americans have been hit hard by the economic crisis linked to the coronavirus pandemic.

Source…

Cyber Security Today – A new ransomware gang emerges, bad news for cyber crooks and pensioners information exposed


A new ransomware gang emerges, bad news for cyber crooks and pensioners’ information exposed.

Welcome to Cyber Security Today. It’s Wednesday December 23rd. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:

 

There’s another sign that ransomware is paying off for cybercriminals: A new group has emerged, according to the Bleeping Computer news site. The gang calls itself Hades, and one of its first victims is a large American freight transportation firm called Forward Air Corporation. The attack occurred on December 15th but the firm only filed a report with the U.S. Securities and Exchange Commission on Monday.

Meanwhile a group of tech companies including Microsoft, McAfee, Rapid7 and Citrix are banding together to fight ransomware. To be called the Ransomware Task Force, it will officially start next month. Its goal is to assess the effectiveness of existing anti-ransomware solutions and create a road map of concrete objectives and actionable milestones fighting ransomware. It hopes to include representatives of government, law enforcement, nonprofits, cybersecurity insurance, and international organizations.

There is another organization of largely European security vendors and police called No More Ransom. It’s a three-year-old project that hosts a number of decryption tools for IT security professionals to use in case their firm is attacked.

Some good news: Police in Europe and the FBI have taken down three websites that offered protected web hosting and virtual private networking encryption often used by criminals for ransomware and other scams. Among crooks these are called bulletproof hosting services, because they ignore complaints about suspicious activity and don’t care who uses them. After taking down the sites police identified and alerted over 250 companies who were being spied on by criminals using the services.

In another move the European police co-operative called Europol announced the launch of a platform to help police unscramble encrypted information lawfully seized in criminal investigations. Police in 24 countries will be able to use the service. Not included is the United…

Source…

New endowment to assist cybersecurity and software engineering students | UTSA Today | UTSA


New endowment to assist cybersecurity and software engineering students

DECEMBER 10, 2020 — To commemorate its 20th anniversary, Digital Defense, a leader in vulnerability management and threat assessment solutions, has announced the establishment of a financial endowment for the Department of Computer Science at UTSA. The endowment will provide scholarships and support to students on the path to a software engineering or cybersecurity career. In addition, it will support UTSA and its efforts to further enhance what is already one of the most highly regarded cybersecurity programs in the nation.

Digital Defense has a long-standing relationship with the university, including collaboration through an intern recruitment program. Over the years UTSA’s software engineering and cybersecurity programs have produced exceptional candidates who have transitioned into full-time roles at the company. Additionally, Digital Defense’s Frontline.Cloud software as a service technology is utilized in the UTSA cybersecurity curriculum as a real-world training tool. The security platform helps students test for hidden threats on their target networks and learn about the vulnerability management process.


“The establishment of the UTSA endowment [affords] us the opportunity to help support the education of future generations.”



“We are grateful to be celebrating our 20th anniversary, a significant milestone, and wanted to give back to San Antonio, our hometown community, and the cybersecurity industry at large. Furthering our partnership with UTSA allows us to do both,” said Larry Hurtado, president and CEO of Digital Defense. “We seek out every opportunity to help our nation and organizations around the globe protect their information assets from cyberattacks. The establishment of the UTSA endowment does just that—affording us the opportunity to help support the education of future generations of cybersecurity and engineering professionals and, longer term, providing additional relief to the cybersecurity workforce shortage.”

UTSA is an elite San Antonio higher education institution with national recognition in the cybersecurity field. Its…

Source…