%term

MSPs Targeted in Ransomware Attack

Jul 4, 2021 By Cyberint Research In Cyberint

News has been surfacing throughout the day on July 3, 2021, of a seemingly large ransomware attack affecting hundreds of organizations following a software supply chain compromise at the supplier of software to managed service providers (MSPs).

Read Post

Cyberint

Read more about MSPs Targeted in Ransomware Attack

Yuba County Survived a Ransomware Attack and Lived to Tell the Tale

Jun 30, 2021 By Rubrik In Rubrik

The growing threat of ransomware attacks is ubiquitous, which has been further accelerated by the pandemic. In February of 2021, Yuba County was hit by ransomware that infected critical systems. Despite the attacker’s demands for ransom, the county was able to avoid paying the hefty fee and quickly recovered with Rubrik. Listen in on the fireside chat with Paul LaValley, CIO of Yuba County as he shares intimate details of how they survived the attack and lived to tell the tale.

View Video

Rubrik

Read more about Yuba County Survived a Ransomware Attack and Lived to Tell the Tale

Secure Software Development: How to Check Your Code

Jun 28, 2021 By SecuritySenses In SecuritySenses

In May of 2021, a cybercrime organization called DarkSide successfully locked operators of the Colonial Pipeline, which supplies the east coast with 45% of its petroleum fuel, out of their own software system with a type of malware called "ransomware." True to its name, ransomware returns access to your software (in theory) if you pay a ransom. The result-fuel supplies collapsed across the eastern United States, with gas lines, price spikes, and panic. People began hoarding gasoline in states not even served by the Colonial Pipeline. The US government passed emergency legislation. Even DarkSide seemed shocked at the impact of their cyberattack.

Read Post

SecuritySenses

Read more about Secure Software Development: How to Check Your Code

5 Cyber Risks SLED Agencies Need to Protect Against

Jun 28, 2021 By Phoebe Fasulo In SecurityScorecard

Last year was a tough one for schools, local, and state governments. Not simply because of COVID-19, which forced every local government and school to navigate a pandemic, but also because the pandemic brought with it a different set of dangers. While local governments and schools were trying to figure out remote learning, remote work, and how to run public meetings safely and effectively online, cybercriminals took advantage of the fact that the remote world is new to most small governments.

Read Post

SecurityScorecard

Read more about 5 Cyber Risks SLED Agencies Need to Protect Against

How to reduce your attack surface with system hardening in 2021

Jun 25, 2021 By Editor In Cyphere

The goal of system hardening (or security hardening) is to reduce the attack surface. It includes reducing security risks and removing potential attack vectors. By removing superfluous programs, accounts functions, applications, ports permissions access etc., the reduced attack surface means the underlying system will be less vulnerable, making it harder for attackers or malware to gain a foothold within your IT ecosystem.

Read Post

Cyphere

Read more about How to reduce your attack surface with system hardening in 2021

Cybersecurity sketchnotes: A key takeaway from the Solorigate attack

Jun 25, 2021 By Netwrix In Netwrix

Watch the third episode of our video series. Our cybersecurity expert gives a bit of background on the Solorigate attack and explains how to increase resilience against it.

View Video

Netwrix

Read more about Cybersecurity sketchnotes: A key takeaway from the Solorigate attack

Stories from the SOC - Office 365 account compromise and credential abuse

Jun 23, 2021 By Marcus Hogan In AT&T Cybersecurity

Credential abuse and compromised user accounts are serious concerns for any organization. Credential abuse is often used to access other critical assets within an organization, subsidiaries, or another partner corporation. Once an account is compromised, it can be used for data exfiltration, or to further promote the agenda of a threat actor.

Read Post

AT&T Cybersecurity

Read more about Stories from the SOC - Office 365 account compromise and credential abuse

On the Importance of Protecting U.S. Pipeline Owners and Operators

Jun 23, 2021 By Alex Bagwell In Tripwire

In the beginning of May, a U.S. pipeline company suffered a ransomware attack. The company decided to respond by halting operations while it investigated the incident. This delayed tens of millions of gallons of fuel from reaching their destination all along the East Coast. Less than a week later, Bloomberg reported that the company had paid millions of dollars to a ransomware group in order to regain access to their systems. U.S.

Read Post

Tripwire

Read more about On the Importance of Protecting U.S. Pipeline Owners and Operators

Survey: Nearly Half of Manufacturers Suffered a Digital Attack in the Last Year

Jun 21, 2021 By Dean Ferrando In Tripwire

Confidence isn’t new when it comes to cybersecurity. All the way back in 2015, for example, 86% of security professionals working in the energy sector told Tripwire that they were confident they could detect a breach in a week. Just less than half (49%) said it wouldn’t take them longer than a day to spot an attack. It was the same story a year later when Tripwire surveyed infosec professionals in the retail sector.

Read Post

Tripwire

Read more about Survey: Nearly Half of Manufacturers Suffered a Digital Attack in the Last Year

SecurityScorecard Finds USAID Hack Much Larger Than Initially Thought

Jun 18, 2021 By Ryan Sherstobitoff In SecurityScorecard

SecurityScorecard’s Investigations & Analysis team conducted an investigation into the details surrounding the USAID.gov attack. As has been previously reported, the attack has been potentially attributed to the organization commonly known as Cozy Bear, but our investigation found that the campaign is likely much larger, and began much earlier than has been reported.

Read Post