Posted in Cyber Security

A Brief Weekly Review of Top Stories that Dominated the Cyberworld

Latest Blogs

a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld

By AMSAT Sep 24,2021

A Brief Weekly Review of Top Stories that Dominated the Cyberworld

Pakistan had one of the most embarrassing moments on the global security landscape when a 35-year-old Pakistani citizen, Mohammad Fahd, was sentenced to 12 years in prison in the US for his involvement in illegal hacking of AT&T phones. In another major development, European law enforcement agencies dismantled an organized crime group allegedly involved in online fraud, money laundering, and other illegal activities. Besides, the outgoing week saw some other events unfold on the security front.


Here’s a brief review of the major developments of the past week.    

 

Illegal Unlocking of AT&T Phones: Pakistani Citizen Sentenced to Prison in U.S


A 35-year-old Pakistani citizen, involved in an AT&T hacking scheme, was sentenced to 12 years in prison in the United States.


The scheme initiated in 2012, when convict Mohammad Fahd and others employed AT&T call center employees for help in cracking phones sold by the telecom giant to customers.

Fahd was primarily helped directly by AT&T call center workers to unlock phones, but when in 2013 AT&T enforced a new system that made it more tough for employees to unlock devices, the man employed someone to create a piece of malware that, once installed on AT&T’s internal systems, would let him remotely crack a larger number of phones from Pakistan.

 

Illegal Unlocking of AT&T Phones: Pakistani Citizen Sentenced to Prison in U.S

 

European law enforcement authorities cracked down on an organized crime group purportedly involved in online fraud, money laundering, and other illegal activities.


With help from Europol and Eurojust, the police made over 100 arrests — chiefly in Spain, with some in Italy — conducted 16 house searches, and froze 118 bank accounts. They seized 

several electronic equipment, hundreds credit cards, SIM cards, and more.


The group, which was connected to the Italian Mafia, swindled hundreds of individuals through attack methods such as phishing, SIM exchange, and even business email compromise (BEC). The proceeds were laundered through a network of fake companies and couriers.

Illegal Unlocking of AT&T Phones: Pakistani Citizen Sentenced to Prison in U.S

Cisco announced the availability of patches for a number of serious flaws in IOS XE software that could be misused to perform random code remotely, cause denial of service, or manipulate device configuration.

 

The most critical of these issues was CVE-2021-34770, which could have led to remote code execution without verification, with administrator privileges.

 

Found in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of IOS XE software for Catalyst 9000 wireless controllers, the virus can also have been abused to cause a denial of service (DoS) condition.

TAGS

  • AT&T hacking
  • Security Updates
  • Cisco

Recent Blogs

Share this article

Ready to Get Started?

Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

    By submitting the form, you agree to the Terms of Use and Privacy Policy

    a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld
    Posted in Cyber Security

    A Brief Weekly Review of Top Stories that Dominated the Cyberworld

    Latest Blogs

    a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld

    By AMSAT Sep 03,2021

    A Brief Weekly Review of Top Stories that Dominated the Cyberworld

    In another week that kept security experts on their toes, the cyberworld saw a slew of events with far-reaching consequences: A cyberattack that hit Boston Public Library is one such incident. In addition, the Federal Bureau of Investigation’s (FBI) alert about Hive ransomware on healthcare systems and FBI, CISA’s warning about a spike in ramsomware attacks on holidays featured among a handful of headline-grabbing news items of the outgoing week.

     

    A brief review of the major developments of the past week is as follows.    

    Boston Public Library Hit by Cyberattack

    As per news reports, the Boston Public Library came under a cyberattack earlier this week that disrupted its computer network.

     

    In a statement the library posted on its website, no sensitive employee of patron data was stolen or affected.

     

    A statement issued by the university read: “We experienced a systemwide technical outage due to a cybersecurity attack, pausing public computer and public printing services, as well as some online resources,” adding “affected systems were taken offline immediately, and proactive steps were taken to isolate the problem and shut down network communication.”

    FBI, CISA Warned of Spike in Ransomware Attacks on Holidays

    The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned against an increase in ransomware assaults during holidays and weekends.

    In a statement, the agencies observed that a rise in cyber-incidents involving ransomware was witnessed during previous U.S. holidays such as the Fourth of July weekend in 2021.

    They also stated that they had no clue that a cyberattack would happen over the imminent Labor Day holiday, but encouraged businesses to review their cybersecurity posture and apply recommended best practices to ensure they were safeguarded.

    FBI Issued Alert about Hive Ransomware amid Growing Attacks on Healthcare Systems

    The Federal Bureau of Investigation (FBI) issued a comprehensive alert about the Hive ransomware that was aggressively attacking healthcare systems. The new ransomware displayed strong file encryption capabilities and even ended backups to support the assault.

    Hive ransomware also works on the double-extortion plan as it steals data before encryption, while it abuses phishing emails to deceive business users to exfiltrate the network. 

    Experts Said Flaws Could Let Hackers Disarm Fortress Home Security Systems

    Security experts at cybersecurity company Rapid7 highlighted a few flaws that threat actors could exploit to remotely deactivate one of the home security systems offered by Fortress Security Store, a US-based physical solutions provider.

     

    According to the company, its products are used by thousands of consumers and companies.

    The vulnerabilities were discovered in Fortress’ S03 WiFi Security System, which connects to a current Wi-Fi network or phone line.

     

    Rapid7 researchers revealed that the product was impacted by two vulnerabilities that could be exploited remotely.

    TAGS

    • Cyber Crime
    • Security Updates
    • Boston Public Library
    • Ransomware Attacks

    Recent Blogs

    Share this article

    Ready to Get Started?

    Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

      By submitting the form, you agree to the Terms of Use and Privacy Policy

      a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld
      Posted in Cyber Security

      A Brief Weekly Review of Top Stories that Dominated the Cyberworld

      Latest Blogs

      a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld

      By AMSAT Aug 27,2021

      A Brief Weekly Review of Top Stories that Dominated the Cyberworld

      The outgoing week saw a number of events that had far-reaching effects on the cybersecurity landscape.  From China passing a strict new online privacy law to US and Singapore signing memorandums of understanding, the world of security was replete with some extraordinary developments.

       

      Here’s a brief review of the major developments of the past week.    

      China Okayed Stringent New Online Privacy Law

      China passed a comprehensive privacy law with the aim of stopping companies from gathering important personal data, as the country faced a surge in internet scams.

      Green-lighted by China’s leading lawmaking body, under the new rules, state and private businesses dealing with personal information would be required to decrease data collection and acquire user consent.

       

      However, the Chinese state security system would maintain access to a wide range of personal data. Beijing has long been blamed for exploiting big tech to hasten repression in the northwestern Xinjiang province and somewhere else.

      US, Singapore inked MOUs to broaden collaboration in cybersecurity

      As per reports, the United States and Singapore signed a spate of memorandums of understanding (MOUs) to extend cooperation in cybersecurity across many fields such as finance, defence, and research and development. Such measures would include further information about sharing, joint exercises, and competency development. 

      Three MOUs were inked as part of US Vice President Kamala Harris’ three-day visit to Singapore this week. 

      One of these involved an agreement between Singapore’s Cyber Security Agency (CSA) and the US Cybersecurity and Infrastructure Security Agency (CISA) to widen collaboration in cybersecurity beyond data sharing and exchanges. The two government agencies will seek to include new areas of support in important technologies as well as research and development, amongst others. 

      US Tech Companies Pledged Billions to Boost Cybersecurity Defenses

      The White House announced that some of the top technology firms of the United Stated had pledged to invest billions of dollars to improve cybersecurity infrastructure and to train workers.

       

      The meeting, in which President Joe Biden also participated, was held during a persistent stretch of ransomware assaults that had targeted important defenses, in addition to other illegal cyber operations that U.S. authorities have associated to foreign threat actors.

       

       

      The US government had been asking the private sector to play its role to boost cybersecurity defenses against those highly sophisticated attacks which President Biden referred to as a “core national security challenge” for the United States.

      TAGS

      • Cyberworld
      • Security Updates
      • Online Privacy Law

      Recent Blogs

      Share this article

      Ready to Get Started?

      Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

        By submitting the form, you agree to the Terms of Use and Privacy Policy

        A Brief Weekly Review of Top Stories that Dominated the Cyberworld
        Posted in Cyber Security

        A Brief Weekly Review of Top Stories that Dominated the Cyberworld

        Latest Blogs

        A Brief Weekly Review of Top Stories that Dominated the Cyberworld

        By AMSAT Aug 13,2021

        A Brief Weekly Review of Top Stories that Dominated the Cyberworld

        The outgoing week saw events that had far-reaching effects on the cybersecurity scene. From a ‘sophisticated group’ accused of a cyberattack on Alaska health department to 10,000 victims hit by Android Trojan in 140 countries, the security landscape was awash with a slew of exciting developments.  

         

        Here’s a brief synopsis of the events:

        ‘Sophisticated Group’ Blamed for Alaska Cyberattack

        A spokesperson for the Alaska health department accused a “highly sophisticated group” of the cyberattack that targeted the former, as well as other governmental entities.

        A department spokesperson Clinton Bennett said that a highly sophisticated group known to carry out intricate cyberattacks against organizations that include state governments and health care entities is responsible for the attacks on the Alaska health department.


        However, in an email, Mr Bennett said the department will not comment on the group’s identity, citing a continuing probe.


        The company has so far raised $154 million, with the earlier round being $30 million in September 2019. It says the funding will be used to help scale product development efforts and boost its sales, marketing and partner efforts. 

        Social Media Hijacking: 10,000 Victims in 140 Countries hit by Android Trojan

        According to a report, cybersecurity firm Zimperium identified a new malware Android Trojan that has hit more than 10,000 victims in more than 100 countries. 


        Named FlyTrap, the trojan, was able to spread through “social media hijacking, third-party app stores, side-loaded applications” since March.


        The malware was first spotted by Zimperium’s zLabs mobile threat research teams that figured out that it uses social engineering ruses to affect Facebook accounts. The malware hijacks social media accounts by infecting Android devices, letting attackers gather information from victims like Facebook ID, location, email address and IP address as well as cookies and tokens tied to your Facebook account.

        Hacker exploited flaw to steal $600m in ‘biggest’ cryptocurrency theft

        In one of the largest cryptocurrency thefts so far, a threat actor apparently exploited a vulnerability to steal $600 million from a blockchain finance platform.


        The creators of Poly Network, a “DeFi” or decentralized finance platform that works across blockchains, said on Tuesday that a hacker made off with about $600 million in cryptocurrencies.

        The Poly Network team said: “The amount of money you hacked is the biggest one in defi history. 


        Law enforcement in any country will regard this as a major economic crime and you will be pursed. It is very unwise for you to do any further transactions. The money stole is from tens of thousands of crypto community members, hence the people. You should talk to us to work out a solution.”

        TAGS

        • Alaska Cyberattack
        • Security Updates

        Recent Blogs

        Share this article

        Ready to Get Started?

        Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

          By submitting the form, you agree to the Terms of Use and Privacy Policy

          a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld
          Posted in Cyber Security

          A Brief Weekly Review of Top Stories that Dominated the Cyberworld

          Latest Blogs

          a-brief-weekly-review-of-top-stories-that-dominated-the-cyberworld

          By AMSAT August 06,2021

          A Brief Weekly Review of Top Stories that Dominated the Cyberworld

          The outgoing week was rife with a number of events with serious ramifications on the cybersecurity scene. From US Justice Department accusing Russian threat actors of hacking federal prosecutors to Amazon slapping a record fine of 746 million euros, the security landscape was witness to a slew of exciting developments. 

           

          Here’s a brief synopsis of the events:

          Russians Hacked Federal Prosecutors: US Justice Department

          According to the Justice Department, the Russian hackers behind the colossal SolarWinds cyberespionage drive infiltrated the email accounts of some of the key federal prosecutors’ offices across the country last year.

           

          The department said that hackers broke into 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York. The Justice Department said that during that hacking spree, 27 U.S. attorney offices had at least one employee’s email account compromised.

           

          It also said that it believes the accounts were breached from May 7 to Dec. 27, 2020. The time frame is important because the SolarWinds drive, which intruded lots of private-sector businesses and think tanks as well as at least nine U.S. government agencies, was first exposed and publicized in mid-December.

          Amazon Slapped with Record Fine Over Data Privacy in
          Luxembourg

          Online retail colossus Amazon said it was hit by a heavy fine of 746 million euros ($880 million) by Luxembourg authorities over charges it breached the EU’s data protection rules.

           

          In a securities filing, the company said that the fine was issued on July 16 by the Luxembourg National Commission for Data Protection after its finding that “Amazon’s processing of personal data did not comply with the EU General Data Protection Regulation (GDPR).”

           

          Using the company’s French acronym, Amazon went on to say: “We believe the CNPD’s decision to be without merit and intend to defend ourselves vigorously in this matter.”

          Nozomi Networks Said It Had Raised $100 Million

          Industrial cybersecurity startup Nozomi Networks said it had raised $100 million in a Series D pre-IPO-funding round.

           

          A number of prestigious firms such as Honeywell Ventures, CIA-linked In-Q-Tel, Keysight Technologies, Porsche Ventures Dubai Electricity, Telefónica Ventures, and others also participated in the funding, which was led by Triangle Peak Partners.

           

          The company has so far raised $154 million, with the earlier round being $30 million in September 2019. It says the funding will be used to help scale product development efforts and boost its sales, marketing and partner efforts. 

          TAGS

          • Cyber Crime
          • Security Updates

          Recent Blogs

          Share this article

          Ready to Get Started?

          Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

            By submitting the form, you agree to the Terms of Use and Privacy Policy

            securing-your-organization-against-netwalker-ransomware
            Posted in Cyber Security

            Securing Your Organization Against Netwalker Ransomware

            Latest Blogs

            By AMSAT July 4,2021

            Securing Your Organization Against Netwalker Ransomware

            securing-your-organization-against-netwalker-ransomware

            Although ransomware has been around for the last two decades, the treat is as serious as it was back then. In fact, the intensity and sophistication of this attack have grown immensely with time. While ransomware attacks have mainly targeted state and local governments, health care sectors, private companies, and the transportation sector have also been at the radar of hackers.

            What Is Netwalker Ransomware?

            Netwalker is a type of ransomware that is believed to be a threat of the Mailto effect, which is an updated version of it. This is the name allotted to a family of Windows ransomware that has targeted business computer networks, encoding the files it finds, and asking that a cryptocurrency payment is made for the secure retrieval of the encoded data. Mailto was discovered by independent cybersecurity investigator and Twitter user GrujaRS.

            This malicious business model is nothing new, and is being hired most noticeably by hackers behind the GandCrab ransomware and its updated version Sodinokibi. Nevertheless, joining in comes with its own set of rubrics. Affiliates are prohibited from going against establishments situated in the region of Russia and the Commonwealth of Independent States. Also, it is stated that agents must always return the files of the victims who paid the ransom. Nevertheless, this is never an assurance when it comes to ransomware attackers.

            How to Secure Your Organization Against Netwalker Ransomware

            In the event that Netwalker or any other similar threat affects sensitive data, organizations rid themselves by paying the ransom. But that’s the least thing an organization should do, because you can never be sure that the hackers will give you back access to your data.

            Here’s how you can protect your organization against Netwalker ransomware.

            1. Frame an Effective Data Backup Plan

            Threat actors who spread ransomware base their whole métier around keeping important data hostage. Having a restorable file record takes the power away from the hackers and puts it back into your hands. It is then important to have an offline backup on an external hard drive or another type of storage device, as well as one in the cloud.


            Nevertheless, for this approach to be really effective against Netwalker attacks, you need to appreciate what type of data your company needs to support in the first place. First, find the folders that are key to the even running of your operation. Then, ensure that they have precedence in the cloud and offline storage procedure.

            2. Frequently Change the Passwords on All Access Points

            One way in which Netwalker sneaks into the systems of large companies is through brute force and remote desktop procedure bouts. With the help of bots, the actors behind these malevolent hacks try a number of passwords until they hit the spot. Therefore, weak passwords cannot defend access points.


            The best way to remedy this in your organization for good strength appear too simple to be true. Nevertheless, it all boils down to often changing and firming passwords, as well as using two-factor verification procedures. It’s a foolproof method to avert ransomware affiliates from controlling computers in your network remotely through RDP.

            3. Use a Next-Generation Antivirus for Enhanced Safety

            As specified earlier, threat actors are becoming extremely sly in their attacks, and Netwalker is a testament to that. Therefore, you should, firstly, ensure that your antivirus is updated and latest. However, that itself might not cut it nowadays. Hence, you should consider arming your business with a next-generation antivirus.

             

            4. Frequently Apply Available Software Fixes

             

            Installing software fixes once they are arranged by their respective developers is important for your network’s stability. Without them, threat actors can easily abuse unfixed system weaknesses and penetrate your machine to perform Netwalker. To arrange covers automatically and rationalize your company’s cybersecurity process even more, it’s recommended you frequently apply software patches.

            5. Find a Netwalker Ransomware Decryptor

            When confronted by a nefarious Netwalker attack, the most effective approach to adopt is to try a ransomware decryptor. As of currently, no Netwalker decryption tool has been in print, but keep looking for a top-notch Netwalker ransomware decryption either on the market or on the internet. In the meanwhile, however, the safest way to adopt is to prevent your systems from coming under such wicked attacks.

            The Bottom Line

            It was only a matter of time before cybercriminals started to make a profit with threats related to the coronavirus pandemic, and Netwalker appears to be their most prominent venture in this direction. While several large organizations have already become its victim, this doesn’t need to occur to you now since information about this threat is on hand. As always, being hands-on is the best course of action when it comes to ransomware attacks. Waiting for a decryptor might be appealing, as it is the easiest way out, but meanwhile, it is your due thoroughness to secure your business and its assets from Netwalker as well as other types of cybersecurity problems.

            TAGS

            • Ransomware
            • Security Updates
            • Nozomi Networks

            Recent Blogs

            Share this article

            Ready to Get Started?

            Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

              By submitting the form, you agree to the Terms of Use and Privacy Policy

              securing-highly-visible-people-from-personal-cyberattacks
              Posted in Cyber Security

              Securing Highly Visible People from Personal Cyberattacks

              Latest Blogs

              securing-highly-visible-people-from-personal-cyberattacks

              By AMSAT July 28,2021

              Securing Highly Visible People from Personal Cyberattacks

              Executive security teams encounter threats from several sources including social media, telephone, email, and event in-person physical threats. The teams must find out which are valid threats that need action, and which are simple online outbursts or harassment that should be supervised, but are mostly inoffensive. When the threat is worrying enough to prompt teams to take action, a characteristic response comprises physical, procedural, and technical security procedures. Nevertheless, unless a person has 24×7 executive protection (which is expensive), these threats don’t often intensify while an executive defense team is present. Thanks to this, digital executive security is critical.

              Social Media Supervision

              The chief social media platforms have teams who can spot menacing behavior and fierce rhetoric, and eliminate it rapidly. Thanks to their success, many of the hostile content is moving to non-traditional forums or social media platforms that are less-regulated. There are also special interest forums focused on technology, finance, or even home to dissatisfied former employees that represent considerable risk. 

              Technical Signature Examination

              People like to post online, and they tend to do so when they are emotionally thrilled. The perception of online secrecy has changed the game and occasionally individuals go so far as to make physical threats. When actors post they leave a digital trail, which can be supervised. Shrewd actors don’t use real names or locations, but opportune ascription can link the actor’s real identity to an online persona, supervision can follow, and alerts can be produced if threats happen. Also, the actor’s posts may unwittingly divulge a location or leave an IP address allowing him to be further identified. 

              The Appropriate Approach to Digital Executive Security

              A custom-made method to digital executive security lets security teams to exploit resources and identify threats without depending on 24×7 physical executive security. This method includes:

               

              Custom-made social media and Open-Source Intelligence Collection: Building a collection engine that reduces visibility gaps is crucial: everything from breach data, to external traffic sources, to foreign media posts, Protective DNS, and corporate information should be enhanced. For example, if a cybercriminal posts a despicable threat but removes it a day later, the collection engine should be able to catch it. This requires proper data engineering of organized and amorphous data to search and alert. 

               

              Threat Actor Engagement and Tailored Access: Seeing and engaging cybercriminals needs access to the platforms where they engage, a reliable-looking profile, and research. If a cybercriminal is irritating or leveling allegations against a company’s executive team, they are likely to leave digital breadcrumbs on chat forums or websites intended to attack the company, as well as social media forums. 

               

              Technical Signatures Examination: Public information sources can help detect a threat actor’s designs. This data can disclose vital information enabling skilled investigators to match online activity, a general physical location, or movement patterns over time. 

               

              Meaningful Evaluation: A system that alerts on the appropriate negative sentiment in an apt manner is critical to pertinent and actionable intelligence. Appreciating social norms, stylometric qualities, and context to actors lets experts quickly identify and determine malevolent capability and intent.

               

              Attribution and Coordination: An important factor in effective digital executive defense is the capacity to attribute an actor’s online identities without warning the actor. This approach includes:

               

              • Watching for pattern of life indicators such as the cybercriminal conducting surveillance activities
              • Collecting and examining content for trigger words or photos
              • Periodic communication with the Client’s security or physical team. Ascription should not be resource exhaustive and should happen in a timely manner

               

              None of these several elements are a solution in themselves, but together they can flawlessly bridge the physical and the digital world. Combining these pieces lets a digital investigator to continue executive protection supervision, manage the intelligence for a cybercriminal as well as the victim, and ensure appropriate defense. 

              TAGS

              • Cyberattacks
              • Security Updates

              Recent Blogs

              Share this article

              Ready to Get Started?

              Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                By submitting the form, you agree to the Terms of Use and Privacy Policy

                Latest Blogs

                By AMSAT Aug 28,2020

                Dealing with cyber-threat: a complex challenge

                Across the globe, organizations in various sectors, both public and private, now openly recognize that cyber-attacks are one of the most widespread and gravest risks they encounter.


                Given the risks organizations around the world face with regard to the security of their data, dealing with cyber-threat has become a complex challenge. Much of the existing focus is on security and compliance, as companies – subject to growing amounts of legislative, corporate and regulatory requirements – prove they are handling and securing information appropriately.


                Since the information security landscape is constantly evolving, private and public sector organizations find it hard to believe they could be a target for cyber-attacks. This approach needs to change, as it’s best to be proactive rather than reactive. At the same time, relying on defense is no longer viable, as the threat actor bent on wreaking harm to an organization will be unrelenting in their objective. This results in public and private sector organizations getting to know what is going on around them so that they can recognize when an attack has occurred or when an attack is on the cards. Intelligence and the intuition that it brings is at the core of next generation of information security.

                The importance of cybersecurity


                Why should security figure at the top of every organization’s top priority list? Why should senior management of every small and large organization be concerned about cybersecurity?


                The answer: The digital world in which business is conducted is susceptible and prone to being attacked. Digitization brings with it boundless opportunities for innovation. It still has a long way to go before becoming a fully protected system that is set to control and regulate itself. Decision-makers ought to ensure that all systems in their company abide by the latest high-security protocols. Employees, particularly not so tech-savvy, must also be competent in basic cyber-security etiquettes. For example, everyone needs to know how to recognize a phishing email and how to isolate it, while informing the proper authority, both internal and external.


                Without the right security strategy, you might be in for an irreparable damage for your organization. Even with the sturdiest controls in place, an organization would do well to bank on those controls to be tested. Threat attackers know how to find weak spots and take advantage of them, opening holes up that bring down robust systems. The solution lies in being offensive rather than defensive, and practicing the essential security tasks that will keep most of the threats at bay.

                TAGS

                • Cyber Crime
                • Security Updates

                Recent Blogs

                Share this article

                Ready to Get Started?

                Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                  By submitting the form, you agree to the Terms of Use and Privacy Policy

                  A-Brief-Weekly-Review-of-Top-Stories-that-Dominated-the-Cyberworld
                  Posted in Cyber Security

                  A Brief Weekly Review of Top Stories that Dominated the Cyberworld

                  Latest Blogs

                  A-Brief-Weekly-Review-of-Top-Stories-that-Dominated-the-Cyberworld

                  By AMSAT July 23,2021

                  A Brief Weekly Review of Top Stories that Dominated the Cyberworld

                  The security landscape saw a number of developments with far-reaching implications over the last week. From Saudi Arabia state oil giant Aramco facing $50mn cyber extortion over leaked data to Google Cloud introducing new zero trust offerings for government, the outgoing week was full of several headline-grabbing events.

                   

                  Here’s a brief review of what occurred in the outgoing week.   

                  Saudi Aramco Facing $50M Cyber Extortion Over Leaked Data

                  Saudi Arabia’s state oil giant recognized that leaked data from the company — files now ostensibly being used in a cyber-extortion attempt involving a $50 million ransom demand — likely came from one of its contractors.

                   

                  The Saudi Arabian Oil Co., said that it “recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors.”

                   

                  The company did not say which contractor was affected nor whether that contractor had been hacked or if the information leaked out another way.

                   

                   

                  “We confirm that the release of data was not due to a breach of our systems, has no impact on our operations and the company continues to maintain a robust cybersecurity posture,” Aramco said.

                   

                  Google Cloud Launches New Zero Trust Offerings for Government

                   

                  This week, Google Cloud announced a new set of services aimed at help federal, state, and local government organizations in the United States to enforce Zero Trust architecture.

                   

                  A fresh Biden administration Executive Order on Improving the Nation’s Cybersecurity requires government organizations stick to a Zero Trust method to cybersecurity, and Google Cloud has launched three new service offerings custom-made to meet those needs and to be consistent with National Institute of Standards and Technology (NIST) standards.

                   

                  Dell Fixes Critical Flaws in OpenManage Enterprise

                   

                  Fixes released this week by Dell for its OpenManage Enterprise product address several critical-severity flaws.

                   

                  A systems management and monitoring application, Dell OpenManage Enterprise delivers administrators with a complete view of Dell EMC servers, network switches, and storage in their setting.The most severe of these issues is CVE-2021-21564, an improper authentication flaw that could allow a remote attacker to “hijack an elevated session or perform unauthorized actions by sending malformed data.”

                   

                  Another serious flaw that Dell patched in OpenManage Enterprise is CVE-2021-21585 (CVSS score of 9.1), an OS command injection bug in RACADM and IPMI tools that could allow a remote, authentic malevolent user that already has high privileges to perform arbitrary OS commands.

                  TAGS

                  • Cyber Crime
                  • Security Updates

                  Recent Blogs

                  Share this article

                  Ready to Get Started?

                  Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                    By submitting the form, you agree to the Terms of Use and Privacy Policy

                    all-you-should-know-about-hackers-and-their-types
                    Posted in Cyber Security

                    All You Should Know about Hackers and Their Types

                    Latest Blogs

                    all-you-should-know-about-hackers-and-their-types

                    By AMSAT July 26, 2021

                    All You Should Know about Hackers and Their Types

                    Who is a hacker?

                    Although the word “hacker” generally has a negative connotation, a hacker is not always a bad guy. A hacker is only an individual who uses computer programming or special methods to get over a challenge or problem. Hackers may be driven by many reasons, including profit, grievance, information collection, or to evaluate system defects to help develop defenses against potential hackers. 


                    Types of hackers and what they do

                     

                    Usually executed by one or more hackers, hacking is all about the unlawful intrusion into a network or computer. Nevertheless, a hacker can be any individual, and they either work alone or are hired by an organization that has the object to upset something or inflict damage––gratuitously. Often, they look to change security systems to attain their objective, which is different from the real purpose of the system.

                     

                    A number of businesses also hire hackers as their full-time employees. These hackers push their capabilities to find defects, vulnerable areas, and weak spots in the organization’s security system. This is done to explore and rectify the flaws and stop malicious hackers from getting into the security system.

                    Types of Hackers around the Globe

                    ‘Black Hat’ Hackers

                    Initiated from Western films, the term “black hat” refers to the despicable persons who used to put on black hats, while the upright men would wear white hats.


                    A black-hat hacker is a person who seeks to gain unlawful entry into a system or network to exploit them for malevolent reasons. The black-hat hacker does not have any consent or authority to impact their targets, and seeks to inflict damage by compromising security systems, changing functions of websites and networks, or closing systems altogether. They often do so to steal or gain access to passwords, financial information, and other personal data.

                    ‘White Hat’ Hackers

                    On the contrary, white-hat hackers are believed to be the good guys, working with organizations to reinforce the security of a system. A white hat is allowed to involve the targets and to affect them within the set rules of engagement. Often referred to white-hat hackers, these people are expert at ethical hacking tools, methods, and practices to defend a company’s information systems.


                    As opposed to black-hat hackers, white-hat hackers exploit security networks and look for backdoors when they are legitimately allowed to do so. Ethical hackers always reveal every vulnerability they find in the company’s security system so that it can be repaired before they are get abused by malicious actors. Some Fortune 50 companies like Facebook, Microsoft, and Google also use ethical hackers.

                    ‘Grey Hat’ Hackers

                    These hackers exploit networks and computer systems in the way that black hats do, but do so without any mal-intent, disclosing all gaps and flaws to law enforcement agencies or intelligence agencies. Typically, these hackers browse the internet and break into computer systems to alert the administrator or the owner that their system or network contains one or more flaws that must be patched swiftly. Grey-hat hackers may also swindle the hacked, offering to fix the fault for a nominal fee.

                    TAGS

                    • Hackers
                    • Black Hat Hackers
                    • White Hat Hackers
                    • Grey Hat Hackers

                    Recent Blogs

                    Share this article

                    Ready to Get Started?

                    Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                      By submitting the form, you agree to the Terms of Use and Privacy Policy

                      top-stories-that-dominated-the-cyberworld
                      Posted in Cyber Security

                      A Brief Weekly Review of Top Stories that Dominated the Cyberworld

                      Latest Blogs

                      top-stories-that-dominated-the-cyberworld

                      By AMSAT July 07,2021

                      A Brief Weekly Review of Top Stories that Dominated the Cyberworld

                      The security landscape saw a number of developments with far-reaching consequences over the last week. From US President Joe Biden warning his Russian counterpart Vladimir Putin to take action against cybercriminals to Microsoft’s decision to acquire cybersecurity startup RiskIQ, the outgoing week was replete with many headline-grabbing events.

                      Here’s a brief review of what occurred in the outgoing week.  

                      Biden Told Putin to “Take Action” against Cybercriminals

                      In a phone call, President Joe Biden warned Russian President Vladimir Putin that he must crack down against threat actors acting in his country.

                       

                      The White House said that the United States reserves the right to protect its people and its critical infrastructure from future attacks.

                       

                      In his call with Putin, Biden also underlined that he is committed to sustained engagement on the wider threat posed by ransomware, as per the White House.

                       

                      Last month, Biden warned the Russian president that there would be consequences for continuing cyberattacks stemming from Russia. Since then, a new ransomware attack associated with the Russia-based REvil hacking group has triggered extensive disruption.

                      Microsoft Set to Buy Cybersecurity Startup RiskIQ

                      Technology giant Microsoft confirmed it was set to drop a whopping $500mn in cash to buy RiskIQ, a cybersecurity company that provides threat intelligence and cloud-based software as a service for organizations.

                      Microsoft, however, declined to confirm the reported figure.

                      Terms of the deal, which will see the San Francisco-based company’s threat intelligence services combined into Microsoft’s flagship security offerings, were not revealed.

                       

                      The announcement came amid a hyper-security landscape as businesses move to remote and hybrid working strategies.

                       

                      Microsoft said that by embedding RiskIQ’s technologies into its main products, its customers would be able to build a more inclusive view of the international threats to their organizations as workforces continue to work outside of the outdated office milieu.

                      Russian hacker group Went Offline, Sparking Speculations

                      A Russian-based hacker group, responsible for a huge ransomware assault, went offline, prompting rumors whether it was an action taken by the government.

                       

                      The “dark web” page of the group known as REvil vanished some two weeks after an assault which affected networks of hundreds of businesses globally and led to a ransom demand of $70 million.

                      A security expert, Allan Liska, with the firm Recorded Future, said: “REvil has seemingly vanished from the dark web, as its website has gone offline.”

                       

                      The news came on the heels of the US President Joe Biden’s repeated warning to his Russian counterpart Vladimir Putin about harboring threat actors while suggesting the United States could take action in the face of rising ransomware attacks.

                      Government Entities Targeted by Chinese Hackers

                      As per a new report from anti-malware vendor Kaspersky, a newly revealed advanced persistent threat (APT) drive targeted legions of users in South Asia, including government organizations.

                      Termed LuminousMoth, the activity involved cyberespionage attacks on entities since at least October 2020 but, unlike similar attacks that are highly targeted, this drive stands out thanks to its size: almost 100 victims in Myanmar and 1,400 in the Philippines.

                       

                       

                      However, the key focus of the attacks was only a subset of victims that comprised prestigious organizations, including government entities both within the two countries and overseas.

                      TAGS

                      • Cyber Crime
                      • Security Updates
                      • RiskIQ

                      Recent Blogs

                      Share this article

                      Ready to Get Started?

                      Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                        By submitting the form, you agree to the Terms of Use and Privacy Policy