Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat

A joint cybersecurity advisory published last week discusses ransomware attack impacts on healthcare, along with ALPHV’s attack techniques, indicators of compromise (IoCs) and proper response actions. ALPHV is a big enough problem that Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Department of Health and Human Services (HHS) all are getting together to put healthcare organizations on notice.

From Delivery To Execution: An Evasive Azorult Campaign Smuggled Through Google Sites

Netskope Threat Labs has observed an evasive Azorult campaign in the wild that employs multiple defense evasion techniques from delivery through execution to fly under the defender’s radar as it steals sensitive data. Azorult is an information stealer first discovered in 2016 that steals sensitive information including user credentials, browser information, and crypto wallet data.

LockBit affiliate jailed for almost four years after guilty plea

An affiliate of the LockBit ransomware gang has been sentenced to almost four years in jail after earlier pleading guilty to charges of cyber extortion and weapons charges. 34-year-old Mikhail Vasiliev, who has dual Russian and Canadian nationality, was arrested in 2022 as part of a multinational law enforcement investigation into LockBit that started in March 2020.

Iron Mountain Data Centers' Proactive Approach to Modern Threats with Rubrik

As a part of Iron Mountain Inc., a global leader in secure data and asset management trusted by 95% of the Fortune 1000, Iron Mountain Data Centers is uniquely positioned to protect, connect, and activate high-value customer data. Historically, Iron Mountain Data Centers took a defensive posture when it came to data security, focused on keeping bad actors out. Given the continually evolving nature of modern threats, the service provider had ambitious plans to elevate their cyber security platform, future-proofing their data security with Rubrik.

LESLIELOADER - Undocumented Loader Observed

Kroll observed the use of SPARKRAT in conjunction with a previously undocumented loader written in Golang. The loader assists in the initial infection and deployment of the malicious payload, enabling SPARKRAT to execute on a system. This process allows the payload to reach the target system undetected and unquarantined. The loader achieves its goal by decoding and decrypting a secondary payload binary, then injecting it into a notepad.exe instance.

New York Department of Financial Services Rules Part 500: Are You Ready for Amendment 2?

Hackers move fast. The cybersecurity industry works hard to move as fast (or faster) than hackers. And regulators work to keep pace. In 2017, the New York Department of Financial Services enacted the sector’s most ambitious set of cybersecurity regulations: 23 NYCRR Part 500. These “Part 500” rules have been updated to reflect the evolving threat landscape, the most recent change (“Amendment 2”) implemented in December 2023 to address emerging cybersecurity needs.

CASB vs DSPM with DDR

In 2022 alone, there was a staggering 70% increase in malicious events across all public clouds. And cybercriminals are specifically targeting one of the most critical assets of any organization - its data. According to an 2023 IBM report, 82% of breaches involved data stored in the cloud. So this begs the question, which tools do defenders have at their disposal to address these mounting threats?