Security

We Keep you Connected

Security

  1. Mailchimp Suffers Another Security Breach Compromising Some Customers' Information - Popular email marketing and newsletter service Mailchimp has disclosed yet another security breach that enabled threat actors to access an internal support and account admin tool to obtain information about 133 customers."The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack," the Intuit-owned company said in a disclosure.The development was first reported by TechCrunch.Mailchimp said it identified the… Continue Reading
  2. North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks - A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a "sprawling" credential harvesting activity targeting a number of industry verticals, marking a significant shift in its strategy.The state-aligned threat actor is being tracked by Proofpoint under the name TA444, and by the larger cybersecurity community as APT38, BlueNoroff, Copernicium, and Stardust Chollima.TA444 is "utilizing a wider variety of delivery methods and… Continue Reading
  3. Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium - Vulnerability analysis results in Orange Cyberdefenses' Security Navigator show that some vulnerabilities first discovered in 1999 are still found in networks today. This is concerning.Our Vulnerability Scans are performed on a recurring basis, which provides us the opportunity to examine the difference between when a scan was performed on an Asset, and when a given finding on that Asset was reported. We can call that the finding 'Age'. If the findings first reported are not… Continue Reading
  4. GoTo Encrypted Backups Stolen in LastPass Breach - The GoTo remote work tool software platform has confirmed that encrypted backups for several of its tools, including Central, Pro, join.me, Hamachi, and RemotelyAnywhere, were exfiltrated, along with some encryption keys, in last November's compromise of the LastPass cloud-based password keeper. The compromised GoTo data could include usernames, salted and hashed passwords, some multifactor authentication (MFA) settings, product settings, and licensing information, according to the company's recent disclosure. Impacted customers will be contacted by GoTo directly,… Continue Reading
  5. Emotet Malware Makes a Comeback with New Evasion Techniques - The Emotet malware operation has continued to refine its tactics in an effort to fly under the radar, while also acting as a conduit for other dangerous malware such as Bumblebee and IcedID.Emotet, which officially reemerged in late 2021 following a coordinated takedown of its infrastructure by authorities earlier that year, has continued to be a persistent threat that's distributed via phishing emails.Attributed to a cybercrime group tracked as TA542 (aka Gold Crestwood or Mummy… Continue Reading
  6. Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages - A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that's been believed to be active since at least 2017.According to GoDaddy-owned Sucuri, the infections involve the injection of obfuscated JavaScript hosted on a malicious domain named "track[.]violetlovelines[.]com" that's designed to redirect visitors to undesirable sites.The latest operation is said to have been under way since December 26, 2022, according to data from urlscan.io. A prior wave seen in early… Continue Reading
  7. Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices - Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems."This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system," Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn said. "A user would not know their USB device is infected or possibly used to… Continue Reading
  8. SaaS RootKit Exploits Hidden Rules in Microsoft 365 - Microsoft is a primary target for threat actors, who scour Microsoft applications for weaknesses. Our security research team at Adaptive Shield recently discovered a new attack vector caused by a vulnerability within Microsoft's OAuth application registration that allows attackers to leverage Exchange's legacy API to create hidden forwarding rules in Microsoft 365 mailboxes.To understand this new attack vector, you must understand the key components therein. These include hidden forwarding rules and SaaS-to-SaaS app access, all… Continue Reading
  9. Microsoft Urges Customers to Secure On-Premises Exchange Servers - Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads."Attackers looking to exploit unpatched Exchange servers are not going to go away," the tech giant's Exchange Team said in a post. "There are too many aspects of unpatched on-premises Exchange environments that are valuable to bad actors looking to exfiltrate data or… Continue Reading
  10. Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation - Google on Thursday disclosed it took steps to dismantle over 50,000 instances of activity orchestrated by a pro-Chinese influence operation known as DRAGONBRIDGE in 2022."Most DRAGONBRIDGE activity is low quality content without a political message, populated across many channels and blogs," the company's Threat Analysis Group (TAG) said in a report shared with The Hacker News. "However, a small fraction of DRAGONBRIDGE accounts also post about current events with messaging that pushes pro-China talking points."DRAGONBRIDGE… Continue Reading

What are cybersecurity threats?

cybersecurity threat is any malicious attack by an individual or organization to gain access to another individual’s or organization’s network to corrupt data or steal confidential information. Sometimes, the attacks destroy computer systems.
No company is immune from cyber attacks and the resulting data breaches. As cyber threats become increasingly sophisticated, businesses must ensure they implement the security necessary to safeguard their data and their networks.
However, before they can do that, organizations need to understand the types of threats they’ll be facing almost daily, including:

  • Trojan: A type of malicious software (malware) or code that acts as a legitimate application or file to trick a user into loading and executing the malware on his device. A Trojan’s goal is to damage or steal an organization’s data or otherwise inflict some harmful action on its network.
  • Virus: A malicious program aimed at infecting a company’s systems, destroying data and bringing its network to a standstill. A virus attaches itself to a program, file, or document and lies dormant until some event triggers the device to execute its code.
  • Phishing attacks: A type of social engineering that attempts to trick users into bypassing normal cybersecurity practices and giving up sensitive data, such as user names and passwords, bank account information, Social Security numbers, and credit card data. Typically, hackers send out phishing scam emails that appear to come from trusted senders, such as PayPal, eBay, financial institutions, as well as friends and co-workers. The cybercriminals try to get users to click on links in the emails that will redirect them to fraudulent websites that ask for personal information or install malware on their devices. Opening attachments sent with phishing emails can also install malware on users’ devices, or allow the hackers to control their devices remotely.
  • Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. … It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
  • Distributed denial of service (DDoS): A DDoS attack aims to take down a company’s website by overwhelming its servers with requests. In this attack, requests come from hundreds or thousands of IP addresses that have probably also been compromised and tricked into continuously requesting a company’s website. A DDoS attack overloads an organization’s servers, slows them down significantly or temporarily takes them offline. This prevents customers from accessing the website and completing orders.

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE