Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

#101 - WiFi attacks and defense with Lennart Koopmann, Founder of the Nzyme Network Defense System

In this episode of The Cybersecurity Defenders Podcast, we take a close look at WiFi attack methods, and the defenses to them, with Lennart Koopmann, Founder of the Nzyme Network Defense System. Lennart Koopman, a tech enthusiast originally from Germany, now calling Houston, TX home. He began coding at a young age and chose to forgo formal education, diving straight into the world of computers after high school.

Security Teams Spend 71 Hours Responding to Every One Hour in a Cyber Attack

New data sheds light on what kinds of cyber attacks are targeting your cybersecurity team, what it’s costing them, why it’s taking so much time to fix, and where you should focus resources. Barracuda’s Cybernomics 101 report provides a lot of insight into the current economics of cyber attacks. According to the report: The average largest ransom any organization paid is $1.38 million, with an average cost of $5.34 million to respond to compromises!

PRC State-Sponsored Threat Actors (Volt Typhoon) Target Critical Infrastructure Entities

On February 7, 2024, CISA issued an advisory detailing their discoveries concerning state-sponsored cyber actors linked to the People’s Republic of China (PRC). Notably, the PRC-affiliated threat actor, Volt Typhoon, is actively engaged in efforts to infiltrate IT networks, with the potential aim of launching cyber attacks on vital U.S. infrastructure in the event of a substantial crisis or conflict with the United States.

Browser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%

A new report shows massive increases in browser attacks in the second half of 2023, with over 31,000 threats specifically designed to bypass security solution detection. I spend a lot of time on this blog talking about phishing, social engineering, smishing, deepfakes and more – all topics centered around attack techniques designed to interact and fool a user.

APT29's Attack on Microsoft: Tracking Cozy Bear's Footprints

A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely to come. These recent events have sent shockwaves throughout the tech community, and for good reason. As we continue to uncover the fallout from these breaches, it has become apparent that the magnitude of the incident is more significant than we first realized.

AnyDesk Confirms Unauthorized Access to Production Systems

On February 2, 2024, AnyDesk confirmed a compromise of its production systems in a security advisory, leading the company to revoke all security-related keys, including the cryptographic code-signing certificate used to publish their software. As an additional precaution, AnyDesk also reset user passwords on the AnyDesk web portal. AnyDesk has started using a new code signing certificate as of AnyDesk version 8.0.8.

Anyone Can Launch a Bot Attack in 2024

Netacea is a noted vendor in a new Forrester report, The Bot Management Software Landscape, Q1 2024. The report provides important independent research into the evolution of automated attacks threatening businesses in the coming year, and how bot management solutions are positioned to defend against them. The main trend cited in the report is that now, anyone can launch a sophisticated bot attack.

Security Bulletin: AnyDesk Production Systems Breach

On February 2nd, 2024, AnyDesk disclosed that their production systems had been compromised and that private code signing keys and source code were stolen, while an unknown number of user accounts had their passwords reset. This is a significant concern, as it would allow a malicious attacker to generate malicious versions of AnyDesk software with compromised code that appears to be legitimate. It is assessed that approximately 18,000 credentials are available for sale on the Dark Web as a result.

Synthetic Data: The New Frontier in Cyber Extortion

Organizations are increasingly facing cyber attacks resulting in data breaches, and part of their post-incident responsibilities includes adhering to mandatory reporting requirements. Notably, the infamous BlackCat ransomware group has been exploiting these requirements for their benefit. They apply pressure on victims by threatening to inform the Securities and Exchange Commission (SEC) about the company's supposed failure to report significant data breaches.