Cybersecurity Weekly News Roundup for First Week of Jan 2021
Posted in Cyber Security

A Brief Weekly Review of Top Stories that Dominated the Cyberworld

Latest Blogs

Cybersecurity Weekly News Roundup for First Week of Jan 2021

By AMSAT Jan 08,2020

A Brief Weekly Review of Top Stories that Dominated the Cyberworld

With hackers exfiltrating emails to experts warning of new ransomware targeting enterprise networks, the outgoing week has been full of worrying developments in the world of cybersecurity. But one news item that stood out amid all the ominous developments, and which will greatly help the US Army secure its digital assets against cyberattacks, was the US government’s announcement of a Bug Bounty program called ‘Hack the Army 3.0’

 

Here is the review of the stories that made headlines in the last week.

US Government Announced ‘Hack the Army 3.0’ Bug Bounty Program

The U.S. government announced the launch of another bug bounty program, Hack the Army 3.0. The objective of the program is to help the US Army protect its digital assets and systems against cyberattacks, and it’s open to both military and civilian white hat hackers. Nevertheless, only civilians are eligible for financial rewards if they find flaws.

Not everyone can participate in the program, but the Department of Defense does have an ongoing vulnerability disclosure program through which anyone can report security gaps at any time in return for “thanks.”

‘Earth Wendigo’ Hackers Exfiltrated Emails Through JavaScript Backdoor

A well-orchestrated malware attack campaign had been exfiltrating emails from targeted organizations using a JavaScript backdoor injected into a webmail system extensively used in Taiwan, according to an advisory.

The advisory said that Earth Wendigo had been targeting multiple organizations, including government entities, research institutions, and universities in Taiwan since May 2019.

Researchers Warned of New Babuk Ransomware Targeting Enterprise Networks

Security experts have detected a brand new ransomware family, Babuk, targeting at corporate networks, warning that professional threat actors had already hit several organizations with the file-encryption scheme.

Reports suggested that Babuk claimed at least four corporate victims facing data recovery extortion attempts.

TAGS

  • Weekly News Update
  •  Security Updates
  • Cyber Security

Recent Blogs

Share this article

Ready to Get Started?

Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

    By submitting the form, you agree to the Terms of Use and Privacy Policy

    Six-ways-to-protect-against-digital-threats
    Posted in Digital Threats

    Six ways to protect against digital threats

    Latest Blogs

    Six-ways-to-protect-against-digital-threats

    By AMSAT Aug 28,2020

    Six ways to protect against digital threats

    The fourth industrial revolution is poised to be driven by two major elements: digitization and connectivity. However, manufacturers ought to adopt cybersecurity to ensure physical assets and intellectual property are sufficiently defended against heist and attack. The digitization of manufacturing is driving industrial operators to attain new levels of output, quality, and visibility.

    Though these are thrilling times in manufacturing, there is a dark side to the swift progress that’s ongoing. Regrettably, more connections also open the door to new security perils, and preceding generations of manufacturing control systems were not perceived with security or IP connectivity in mind.

     

    Industrial Automation and Control Systems (IACS) conventionally employ proprietary hardware and procedures that are difficult to integrate with network security. Although separated from industrial IP networks, they’re still vulnerable because they’re often set up as simple, open network machine islands, with inadequate or no security. The net result is that digital change is multiplying vulnerabilities at the same time as cyber-attackers are getting more sophisticated.

     

    As per recent research by Cisco, if cybersecurity fears delay digital execution, it could take up to five years to catch up with the competition. The industrial sector has some of the least developed security protocols and policies and lowest quality security setup, so there’s a very real risk of being left behind.

    Several industrial enterprises don’t have even a simple security policy jotted down. Begin by creating and enforcing a set of written security policies and procedures for your plant that will summarize who should be able to access the network in the first place and how.

    It should encompass permanent employees and outworkers, while also spelling out what assets they can evaluate, define acceptable asset use, and define reporting instruments for events. Written policies should also comprise an incident response plan, including any measures to restore critical production systems following a security event.

     

    Physical security is key

     

    Some of the most severe harm comes from within, when entry is gained from the factory floor. Whether it’s foiling inventory lift, data loss or intellectual property theft, businesses can take advantage of a wide-ranging physical security solution combined with a safe wired and wireless industrial network.

     

    Defend assets with physical access limits like locks, key cards, and video surveillance. Where hands-on, you can also add device verification and authorization, plus encryption.

     

    Take a rounded approach

     

    The chances of a breach increase with a rise in more connections in your manufacturing setting. Your network cannot be secured by any single technology, product, or technique. Defending important manufacturing assets needs a rounded approach that uses numerous layers of protection to address different types of threats.

     

    A rudimentary mapping exercise will help you get started, providing a catalogue of all the devices and software on your network. Remember, ‘air gap’ approaches are imperfect – just because a robot or device isn’t linked to the network doesn’t mean it’s totally safe. One corrupt or malicious thumb drive will put a remote machine at risk of unintended downtime or worse, safety events.

     

    Isolate your sub-systems

     

    To establish zones and design schemas to segment and segregate your sub-systems, it’s important to use industry best practices. On the network boundary, firewalls and intrusion detection will help you foil threats, while within the network, using out-of-band deep packet inspection (DPI) in your routers, switches, and other network devices can help you detect viruses, spam, and other intrusions.

     

    Stop attackers in their tracks

     

    An important segment of any company’s network architecture spans the internet edge, where the business network meets the public internet. Internet edge is the doorway to cyberspace, and serves numerous roles for the characteristic enterprise network. As network users stretch out to websites and use email for corporate communication, you need to keep your business resources both reachable and protected.

     

    Takeaway

     

     

    In time, manufacturers who rise to the challenge of digitization by enforcing the next generation of security defenses built for the age of the IIoT will gain competitive edge in the process. By thinking holistically and integrating multiple layers of protection, you can defend intellectual property and physical assets from accidental breaches and cyber theft, while accelerating threat resolution, decreasing downtime, and driving productivity gains across your services.

    TAGS

    • Cyber Crime
    • Security Updates
    • Digital Threats

    Recent Blogs

    Share this article

    Ready to Get Started?

    Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

      By submitting the form, you agree to the Terms of Use and Privacy Policy

      5-Top-Regulatory-Compliance-Frameworks
      Posted in Cyber Security

      5 Top Regulatory Compliance Frameworks

      Latest Blogs

      5-Top-Regulatory-Compliance-Frameworks

      By AMSAT Aug 28,2020

      Dealing with cyber-threat: a complex challenge

      To keep abreast with industry best practices and to adhere to technical and other requirements, enterprises today often use frameworks to ensure cybersecurity compliance. These frameworks provide best guidelines to help improve security, enhance business processes, meet regulatory requirements, and carry out other tasks essential to attain specific business objectives such as breaking into a particular market niche or selling to government institutions.

      There are a number of such frameworks, and the recommendations set out in them can impose tough and often costly requirements on enterprise resources, not least in circumstances where an enterprise is bound by a host of supervisory compliance regimes

      Cybersecurity Compliance Frameworks

       

      These frameworks typically provide recommendations on executing and managing the several aspects of a security program, such as perimeter defense, access control, authentication, encryption, monitoring, reporting, incident response, and risk management. They may also give guidelines on best practices, and fields that should be encompassed in cybersecurity awareness training.

      These frameworks approach these matters in a particular way, typical of its particular design, and are likely to be influenced by the industry standards or market sector for which they have been designed.

      The following are some of the leading frameworks highly recommended for cybersecurity compliance purposes.

      Consortium for IT Software Quality (CISQ)

      This specific framework has developed standards for automating the measuring of structural quality and the size of software applications. The standards were drawn up based on exploits and flaws recognized by the Open Web Application Security Project (OWASP), the SANS Institute, and Common Weakness Enumeration (CWE). The standards of this framework are generally used in handling risks like application security.

      Control Objectives for Information Related Technology (COBIT)

      More than 25 years ago, the Information Security Audit and Control Association (ISACA) introduced the Control Objectives for Information Related Technology (COBIT) framework to highlight the issue of risk reduction in financial institutions. The latest review of COBIT comprises best practices for aligning information technology functions and procedures and connecting these best practices to business plan.

      Federal Risk and Authorization Management Program (FedRAMP)

      This framework provides a standardized way for government agencies to assess the risks of cloud-based software solutions and infrastructure platforms. The framework allows existing security evaluations and packages to be reused across many government organizations and is based on the constant monitoring of cloud products and services for real-time cybersecurity.

      National Institute of Standards and Technology (NIST)

      This is a division of the US Chamber of Commerce, which deals with cybersecurity issues impacting the operators and managers of serious infrastructure. NIST’s recommendations for manufacturing, quality control, security, and other matters are grounded on the outcomes of consultations with security industry specialists, government agencies, and researchers. The framework offers a set of controls and balances to help infrastructure operators to manage their cybersecurity risks.

      Privacy Shield

      The Privacy Shield Framework was recognized to substitute the US-EU Safe Harbor rules which were issued to ensure that US companies complied with European Union (EU) data protection standards when shifting EU data across borders. The framework was intended to minimize and alleviate the risk of meddling when data is transferred between the EU and the USA.

       

      TAGS

      • Regulatory Compliance Frameworks
      • Security Updates
      • FedRAMP

      Recent Blogs

      Share this article

      Ready to Get Started?

      Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

        By submitting the form, you agree to the Terms of Use and Privacy Policy

        Key Features of a File Integrity Monitoring Software
        Posted in Integrity Monitoring

        7 Key Features of a File Integrity Monitoring Software

        Latest Blogs

        Key Features of a File Integrity Monitoring Software

        By AMSAT Dec 31,2020

        7 Key Features of a File Integrity Monitoring Software

        The growing occurrence of data breaches over the last few years has led to the creation of a number of regulatory standards such as the PCI-DSS. These standards get companies to embrace security best practices, including the need to supervise all types of changes made to server configurations. Although some of these configuration changes have no considerable effect on systems, a few unforeseen changes could put companies at risk, which may also lead to non-compliance.

         

        The File Integrity Monitoring Solution

         

        To help secure your critical data and maintain compliance, you need to spot changes down to the smallest detail in real time. This is achieved by creating a baseline state and supervising for file changes relative to the baseline. 

         

        The problem is that it’s unrealistic to oversee every application or device in your network all the time. Moreover, today’s networks are far too multifaceted to be checked physically, and this reality holds true even in small to mid-sized organizations. Therefore, you need a solution that helps you take over all these changes without the risks of manual editing. And this results in the need for File Integrity Monitoring (FIM).

         

        Here are the features you should be looking for when assessing any file integrity monitoring solution.

        1. Multiple Platform Support

         

        A typical organization today commonly runs on Windows, Linux, Solaris, AIX or even HP-UX. So, it’s important to try to find an effective solution than can supervise numerous platforms without incompatibility issues.

         

        2. Easy Integration

        The FIM of your choice should be able to impeccably work with other data security solutions such as associating change data with event and log data. This lets your team swiftly recognize, trace, and relate problem-creating changes with each other.

         

        3. Prolonged Perimeter Protection

         

        You should opt for an FIM solution that goes beyond change discovery in files and its characteristics. Network devices such as firewalls, routers, switches, and VPN concentrators should also be taken into account by your solution.

         

        4. Smarter Change Detection

         

        Spotting a change at a minimum means recognizing if a hash of the file has altered. A sturdier FIM solution can look at numerous traits pertaining to a file besides the hash. All of this supplementary metadata offers superior insight of the true nature of the change. For instance, changing the owner of a file does not change its contents, which implies that the hash would remain the same. Nevertheless, a more sophisticated FIM lets you comprehend if the file’s owner has been changed.

         

        5. Multi-Level Logging and Simplified Reporting

         

        Conventional file integrity monitoring solutions generally operate on each individual machine, with contemporary tools providing a cohesive view of all changes across the network. This lets you manage all of the servers in a single view. Another aspect to look for in an FIM solution is advanced reporting of rollup information. Preferably, your FIM tool should have a sophisticated dashboard that lets you assess the state of your infrastructure at an unconventional level and subsequently drill down volumes of change data into actionable information.

         

        6. Simplified Rule Configuration

         

        Your file integrity monitoring solution ought to have a system to easily define monitoring guidelines for a server or device. It should also have a mechanism to duplicate those rules to many devices across your infrastructure.

         

        7. Real-Time Monitoring

         

        This feature protects the integrity of your IT infrastructure by comparing misconfigurations in real time against your internal standards or outside policies for compliance and security best practices.

        TAGS

        • File Integrity Monitoring
        • FIM
        • FIM Solution
        • Prolonged Perimeter Protection
        • Smarter Change Detection

        Recent Blogs

        Share this article

        Ready to Get Started?

        Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

          By submitting the form, you agree to the Terms of Use and Privacy Policy

          Cybersecurity-Weekly-News-Roundup
          Posted in Cyber Security

          Dealing with cyber-threat: a complex challenge

          Latest Blogs

          Cybersecurity Weekly News Roundup for First Week of Jan 2021

          By AMSAT Jan 01,2021

          Dealing with cyber-threat: a complex challenge

          The outgoing week saw a handful of incidents with far-reaching effects on the
          cybersecurity landscape. From the Russian attackers compromising Microsoft
          cloud customers to Vietnam being targeted in a supply chain attack to Wasabi
          cloud storage service knocked offline for hosting, the world of cybersecurity was
          rocked by multiple events perpetrated by malicious threat actors.

          Here is the review of the stories that made headlines in the outgoing week.  

           

          SolarWinds hackers accessed Microsoft source code

          On Thursday, Microsoft recognized that hackers who organized a huge hack of government and private computer networks gained access to its internal “source code,” a vital element for its software. The tech giant attributed the attack to Russian-led hackers.

           

          Russian hackers compromised Microsoft cloud customers through third party

           

          Russian government hackers compromised Microsoft cloud customers and stole emails from at least one private-sector company. People familiar with the matter said that it was a disturbing development in Moscow’s continuing cyberespionage campaign targeting several U.S. agencies and corporate computer networks.

           

          Vietnam targeted in complex supply chain attack

          A group of cagy hackers perpetrated an ingenious supply chain attack against Vietnamese private companies and government agencies by inserting malware inside an official government software toolkit.

          Wasabi cloud storage service knocked offline for hosting malware

          Cloud storage provider Wasabi suffered an outage after a domain used for storage endpoints was suspended for hosting malware.

          TAGS

          • Cybersecurity News Roundup

          • Security Updates
          • SolarWinds
          • Russian hackers

          Recent Blogs

          Share this article

          Ready to Get Started?

          Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

            By submitting the form, you agree to the Terms of Use and Privacy Policy

            An-Insight-into-File-Integrity-Monitoring-and-Its-Functionality
            Posted in Integrity Monitoring

            An Insight into File Integrity Monitoring and Its Functionality

            Latest Blogs

            An-Insight-into-File-Integrity-Monitoring-and-Its-Functionality

            By AMSAT Aug 28,2020

            An Insight into File Integrity Monitoring and Its Functionality

            File Integrity Monitoring, of FIM, is, doubtlessly, an
            extremely important layer of security in any network that merits protection. FIM,
            which is required by data security standards and recommended by auditors and
            security experts worldwide, oversees important system files and operates system
            components and even network devices for unlawful changes.

            By adjusting ePOS terminals, operating system host files or critical applications, malevolent parties can steal sensitive information, such as payment information from networks for their own advantage. FIM seeks to prevent the outcome of such hacks by warning administrators to unlawful changes in the network.

             

            How FIM actually works

            Once executed, the FIM software will begin to oversee any alterations that are made to your files, systems, logs, settings, etc. It detects when, how, and by whom the changes are made and compares them with the reference point. The organizations can install the predictable changes to decrease false alerts. A majority of the FIM software are able to detect DDoS attacks, phishing attacks, unlawful system access, data theft, malware or ransomware injections, and insider fears.

            A business website has scores of code files on the directory. Although the management understands that an attacker has injected malware in the website, it’s hard to trace malicious injections amongst thousands of lines of codes. FIM software is able to spot the exact file and codes that have been tainted, which makes the recovery process all the much swifter and easier. For WordPress sites, it can also monitor wp-config.php and .htaccess files.

            Challenges with FIM

            Some of the critical problems associated with FIM include:

             

            Hash-based File Integrity Checking

             

            This scans key files on systems on a regular schedule and warns admins about spotted changes by comparing the hash to the preceding version. The substitute to this is you need to plan this task to run as per a definite time interval. Nevertheless, this way you miss out on all the times the checking is under way. In addition, this technique is most appropriate for authentic file changes—not file access and reads.

            Real-time File Integrity Checking

            The actual file auditing procedure that captures real-time file access and alters within file audit events. By evaluating these events in real-time, you are able to get information on not just file changes, but also all the file read, write, and create events. The problem with this method is coping with a huge volume of events to locate the violation you are looking for.

             

            In Windows systems, FIM can be executed by collecting file audit events from a particular file, folder, or a whole system and evaluating the event logs to see file-change characteristics. This is easier said than done. One challenge with allowing native Windows file reviewing and using Windows Event Viewer to spot file changes is you end up getting several events (mostly false-positives) and combing all of them to find the precise event that exposes a breach. Another challenge is learning the exact event ID to identify a violation.

             

            You need to spend more time and effort finding these event IDs and find a way to remove all the noise and superfluous events created in the file auditing process.

            TAGS

            • Cybersecurity
            • FileIntegrity Monitoring
            • FIM

            Recent Blogs

            Share this article

            Ready to Get Started?

            Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

              By submitting the form, you agree to the Terms of Use and Privacy Policy

              Posted in Cyber Security | Tagged ,

              A Brief Overview of System Integration Method

              Latest Blogs

              An-Overview-of-System-Integration

              By AMSAT Dec 23,2020

              A Brief Overview of System Integration Method

              System Integration is the method by which several individual subsystems or sub-components are combined into one all-inclusive larger system, thus letting the subsystems work collectively. Simply put, the synergy formed through system integration allows the core system to attain the principal functionality required by the organization.

               

              Many organizations using system integration need to improve its efficiency as well as productivity and quality of their operations. The objective? To get the company’s different IT systems to communicate with each other in the background in order to avoid the time and effort spent physically sharing information with other units of the organization, including the higher management. System integration helps an organization witness a rise in information flow speeds as well as decreases operational expenses.

               

              Additionally, system integration links a company with third parties such as contractors, clients and stakeholders, while allowing suppliers to keep up to date with raw material levels. It also lets customers keep track of finished goods inventory and shareholders view the company status at a glance in a dashboard way in real time. A reliable system integrator helps meet all of these conditions through the use of system integration.

               

              Methods of System Integration

               

              By no means is finding an appropriate systems integration solution a simple undertaking. It’s imperative you choose the right subsystems, the right locations and the right nature of the relationship. Therefore, it is very important that you as a company appreciate precisely what processes are involved, how they interact with all the stakeholders as well as the business goals. If you have clarity about why and where the company needs agreement in operations, the systems integration will go smoothly.

              Here are some widely prevalent methods of system integration. 

               

              Point-to-Point Integration

               

              Point-to-Point Transfers are typically point-to-point interfaces between two systems. The files are generally created for particular objectives and it is strange for the data in the file to be used by more than one receiving system. The format of the file is significant to the applications but could be column based, delimited, or XML format.

               

              Vertical Integration

               

              Companies are always on the lookout for ways to cut costs and control the quality of the products and services they provide. A company is capable of providing a competitive advantage by incorporating various stages of its production process and supply chain into its business. This is called vertical integration. There are three types of integration, each with a number of collective benefits and drawbacks when integrating two companies in various stages of production. Organizations may acquire vertical integration through internal expansion, an acquisition, or a merger.

               

              Horizontal Integration

               

               

              This type of integration refers to acquiring systems integration using one specialized subsystem as a common user interface layer which connects all the other subsystems. One can find some of the most common examples of horizontal integration in the healthcare industry. If there are three subsystems, then there will only be three connections. If there are 7 subsystems there will only be 7 connections. Thus, the major benefit of this method is the minimum number of connections needed to maintain functionality which in turn cuts time, effort and money spent creating the system. 

              TAGS

              • Cybersecurity
              • Security Updates
              • System Integration
              •  
              • Vulnerability Management

              Recent Blogs

              Share this article

              Ready to Get Started?

              Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                By submitting the form, you agree to the Terms of Use and Privacy Policy

                Top 5 open-source host-based intrusion detection systems
                Posted in Cyber Security

                Top 5 open-source host-based intrusion detection systems

                Latest Blogs

                By AMSAT Dec 21,2020

                Top 5 open-source host-based intrusion detection systems

                An intrusion detection system, or HIPS, refers to a hardware or software package which supervises a single host for doubtful activity by evaluating events taking place within that host. The system particularly focuses on supervising and evaluating log files in order to spot irregularities and unauthorized changes based on predefined rules and policies. With a slew of stored logs, extracting significant information is important to spot anomalies, but the retrieved information should be precise. Therefore, ensuring the security of those logs is crucial to defend against log manipulation.

                It hardly needs pointing out that IDS’s are key to ensuring the security of modern organizations’ assets and all network traffic. These safeguards are used to secure restricted access to an organization’s network. Intrusion detection systems have two different types: host-based (HIDS) and network-based systems (NIDS). Network-based IDS evaluates network traffic for any infringement and generate alerts; HIDS track down the hosts’ behaviors for any doubtful activity by analyzing events on your network.

                Here are the five open-source host-based intrusion detection systems to help you secure your organization.

                1. Ossec

                An acronym for Open-Source Security Event Correlator, OSSEC is a well-known and highly regarded solution free and open-source host-based system due to an enormous list of contributors. With roughly 6,000 monthly downloads, OSSEC is characterized by its scalability and multi-platform feature because it runs on Windows, different Linux distributions, and MacOS. This is often compared to Wazuh; we will cover some of the breakdown between OSSEC vs. Wazuh is a common comparison made by HIDS or SIEM users. We will go over Wazuh later in this list. This tool, which can be compared to Wazuh, enables you to perform log analysis, file integrity checking, policy supervision, rootkit finding, and active response using both signature and anomaly discovery methods. It provides important insight into systems operations in order to identify irregularities.

                1. Tripwire

                Tripwire is a free and open-source host-based detection system. Developed by Tripwire, this tool is known for amazing capabilities to ensure data integrity. It also helps system administrators to spot alterations to system files and informs them if there are tainted or tampered files. If you wish to install it on your Linux host, you can just use the apt-get or yum utilities. During the installation, you will be required to add a mandatory passphrase, which should ideally be a complex one. Once installed, you’ll need to initiate the database and you can easily begin your checks.

                1. Wazuh

                This is another open-source monitoring solution for integrity monitoring, incident response, and compliance. Wazuh offers security discernibility into the Docker hosts and containers, overseeing their behavior and spotting threats, flaws and irregularities. The open-source solution uses incongruity and signature finding approaches to detect rootkits as well as carrying out log analysis, integrity checking, Windows registry monitoring, and active response. Wazuh can also be used to oversee files within Docker containers by focusing on the consistent volumes and bind mounts.

                1. Samhain

                Another key open-source intrusion detection system, Samhain helps you check file integrity, oversee log files, and spot veiled processes. Simple to install, this runs on POSIX systems; all one needs to do is download the tar.gz file from the official web page and install it on your system. Samhain projects come with wide-ranging and thorough documentation, providing centralized and encoded monitoring capabilities over TCP/IP communications.

                1. Security Onion

                Designed and maintained by Doug Burks, Security Onion is a free and open-source IDS composed of 3 components: full packet capture function, intrusion detection systems that correlate host-based events with network-based actions as well as many other utilities. The tool is the perfect solution if you wish to establish a Network Security Monitoring (NSM) platform easily and quickly—thanks largely to its friendly wizard.

                TAGS

                • Intrusion detection systems
                • Security Updates
                • Cyber Security

                Recent Blogs

                Share this article

                Ready to Get Started?

                Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                  By submitting the form, you agree to the Terms of Use and Privacy Policy

                  Cybersecurity-Weekly-News-Roundup
                  Posted in Cloud Security | Tagged , ,

                  Cybersecurity Weekly News Roundup for 3rd week of December

                  Latest Blogs

                  By AMSAT Dec 18,2020

                  Cybersecurity Weekly News Roundup

                  The outgoing week has been full of happenings: supply chain attacks, cyberattacks, and creation of kill switch for SolarWinds backdoor by technology giants like Microsoft and FireEye have dominated the cybersecurity landscape.

                  Here is a brief review of news that stood out in the cyberworld.


                  Microsoft, FireEye confirmed SolarWinds supply chain attack


                  Cybercriminals believed to be operating on behalf of a foreign government breached software provider SolarWinds and then deployed a malware-laced update for its Orion software to infect the networks of numerous US companies and government networks.

                  Cyberattack hit SolarWinds’ 18,000 customers

                  SolarWinds divulged that 18,000 customers might have been affected by the cyber-attack against its supply chain.

                  FireEye, Microsoft, GoDaddy come up with kill switch for SolarWinds backdoor

                  Microsoft, FireEye, and GoDaddy collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to axe itself.

                  TAGS

                  • Cyberattack
                  • Security Updates
                  • Cyber Security
                  • Weekly News
                  • FireEye

                  Recent Blogs

                  Share this article

                  Ready to Get Started?

                  Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                    By submitting the form, you agree to the Terms of Use and Privacy Policy

                    Cybersecurity Weekly News Roundup
                    Posted in Cyber Security

                    Cybersecurity Weekly News Roundup for last week of 20

                    Latest Blogs

                    Cybersecurity Weekly News Roundup

                    By AMSAT Dec 04,2020

                    Cybersecurity Weekly News Roundup

                    The outgoing week has been one of discoveries: security researchers, by default or by design, came up with new malware and malicious NPM packages. On the other hand, news of a hacker selling passcodes for email accounts of scores of C-level executives also did the rounds across the cybersecurity landscape.

                     

                    Here is a brief review of news that stood out in the cyberworld.

                     

                    A threat actor sold passcodes for email accounts of hundreds of C-level executives

                     

                    A cybercriminal sold access to the email accounts of hundreds of C-level executives at organizations across the globe.

                     

                    Researchers discovered new malicious NPM packages installing remote access trojans

                     

                    According to reports, cybersecurity researchers discovered new malicious NPM packages that install the njRAT remote access trojan, letting cybercriminals gain control over a computer.

                    Russian cyber-espionage group discovered new malware used in government attacks

                     

                    ESET’s security experts found a new malware that Russian cyber-espionage group Turla has been using in carrying out attacks against governments.

                     

                    New TrickBot version aimed to infect UEFI/BIOS firmware

                     

                    TrickBot malware operators added a new capability that can let them interact with an infected computer’s BIOS or UEFI firmware. According to news reports, the new capability was spotted inside part of a new TrickBot module and was seen in the wild at the end of October.

                    TAGS

                    • Cybersecurity
                    • Security Updates
                    • TrickBot
                    • malware

                    Recent Blogs

                    Share this article

                    Ready to Get Started?

                    Our specialists are ready to tailor our security service solutions to fit the needs of your organization.

                      By submitting the form, you agree to the Terms of Use and Privacy Policy