Search the Community

Ransomware (a type of malicious software designed to block access to a computer system or... The post How Momentum is Building for the US Government to Play a Larger Role in Protecting K12 Schools from Cyberattacks appeared first on Security Boulevard. View the full article

Only a few months into 2024, experts had already recorded numerous cyber attacks on companies and government institutions - a taste of the technological threats that states, companies and societies will have to prepare for this year. And with the rise of Artificial Intelligence (AI), cyber attacks hold the potential to reach a completely new dimension, with attacks poised to happen faster, more frequently and more effectively as a result of the use of AI. In fact, according to the World Economic Forum’s Global Risk Index, “Lack of cyber security ranked fourth among the greatest risks to humanity, with the number one threat claimed to be the spread of false information or disinformation campaigns. Cyber attacks and disinformation to both rise The potential extent, scale, and speed with which technology can be used to disrupt organisations and information flows is unprecedented. AI tools hold the potential to allow bad actors to carry out traditional cyber attacks as well as more effective disinformation campaigns via social media and other platforms, even with limited resources. Large, well-organised groups, often suspected of being nation-state-linked, have used cyberattacks to disrupt everything from business operations to civil infrastructure. This is alongside AI being used for disinformation campaigns, hacktivism, and sabotage. Disinformation currently stands to become an integral part of national conflicts and may affect important elections in different parts of the world. In my view, this year will see more intense and diverse cyberattacks and disinformation campaigns with commercial and economic motives, but also more targeted attacks on individuals, brands, and their reputations. Ensuring your business is prepared for increased threats There is no one-size-fits-all defense solution against cyberattacks or disinformation. When developing protection against cyber attacks, organizations and governments should ensure that the ‘fundamentals’ of cyber hygiene are in place and consistently applied. National and local authorities must focus on strengthening cyber defenses and work closely with experts to ensure they have the right strategies in place to both identify, defend and pretend cyber threats This includes a comprehensive and organized exchange of cyber knowledge, carrying out regular testing, the implementation of basic cyber hygiene and the use of powerful security and monitoring tools. Certain organizations should also concentrate on assessing the risk potential of threatened targets, defining which parts of the infrastructure, e.g. financial institutions, industrial capacities, power grids, telecommunications networks, etc. are primarily worth protecting. Organizations must take appropriate security measures and notify relevant national authorities of serious incidents. It's important to note that AI technologies, while complicating the context of cyber threats and disinformation, will also have a more positive role to play in cyber defense. In the coming years, various AI-powered tools will help to identify, assess, triage, and mitigate both traditional cyber attacks and disinformation via real time automation, meaning anomalies can be managed at a scale and speed that human beings could not manage alone. The fight against disinformation will be particularly challenging, requiring wider education on how attackers work, how to recognize fake information and the steps to take to limit misinformation from spreading. It will require companies, governments, and individuals to all play a role. Final words Cyber attacks aren’t going anywhere, and as the technology we use continues to transform, so will the attack landscape in tandem. While it's an ongoing battle, government and industry have proven adept at adapting to protect our IT infrastructures. And with the rise of disinformation campaigns this year, I expect governments, businesses, and citizens to work together effectively to adjust to this new reality, finding ways of overcoming digital disinformation more effectively. We've featured the best online cybersecurity course. This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro View the full article

Cyberattacks are continuing to become more sophisticated even as defenders become more adept at thwarting existing threats. The post DirectDefense Report Sees Shifts in Cyberattack Patterns appeared first on Security Boulevard. View the full article

Hackers recently stole hundreds of thousands of social security numbers from an American consulting firm, with victims across the US possibly affected. Greylock McKinnon Associates (GMA) has filed a new report with the Office of the Maine Attorney General, and sent a breach notification email to affected individuals. In its filing, the company said that 341,650 individuals have had their sensitive data, and Social Security Numbers (SSN), stolen by unidentified threat actors. Identities unknown In the letter, seen by TechCrunch, GMA told the victims that it fell prey to a “sophisticated cyberattack” in May last year. In the attack, the threat actors stole people’s names, birth dates, addresses, and Medicare Health Insurance Claim Numbers, which also contained Social Security Numbers associated with a member. Furthermore, “some” medical information and/or health insurance information was also stolen. While the attack did happen almost a year ago, it was in early February that GMA was notified that it had resulted in the theft of sensitive, personal data. It is unclear why GMA took so long to conclude its investigation of the breach. GMA is a consulting firm providing litigation support services in civil litigation matters. The data it held was obtained by the U.S. Department of Justice (DoJ) as part of a civil litigation matter, and then passed over to the company. “We received your information in our provision of services to the DOJ in support of that matter,” GMA said in the letter. “DOJ has advised us that you are not the subject of this investigation or the associated litigation matters. The DOJ informed GMA that this incident does not impact your current Medicare benefits or coverage.” The identity of the attackers, or their motives, remain unknown. No threat actors have assumed responsibility for the attack just yet. It is also no known if the data was grabbed from a specific litigation process. More from TechRadar Pro Google scrambles to fix another round of Chrome vulnerabilitiesHere's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article

Hackers are targeting Apple macOS users with a range of different infostealers in an attempt to grab sensitive data and, possibly, money, experts have warned. A new report from cybersecurity researchers at Jamf Threat Labs found hackers were using multiple different approaches to try and drop the malware. In one campaign, they created a fake download website and fake ads for a browser called Arc and pushed them through search engines. Targeting macOS crypto fans "Interestingly, the malicious website cannot be accessed directly, as it returns an error," security researchers said. "It can only be accessed through a generated sponsored link, presumably to evade detection." Those that end up on the site and download the program will get Atomic Stealer, a known infostealer that was initially focused on grabbing cryptocurrency wallet-related information. Since its inception, Atomic Stealer, also known as AMOS, grew to target different operating systems, and grab more information, including stored passwords and sensitive files. In September 2023, security researchers from Malwarebytes reported on hackers tricking people with promises of software cracks, loaders, and key generators to get them to download AMOS. A separate campaign has seen hackers offering a fake free group meeting software which, in reality, downloads a different infostealer based on Realst. In this campaign, the victims are approached either to participate in a podcast, or in a job interview, and are invited to download the video conferencing tool. "These attacks are often focused on those in the crypto industry as such efforts can lead to large payouts for attackers," the researchers said. "Those in the industry should be hyper-aware that it's often easy to find public information that they are asset holders or can easily be tied to a company that puts them in this industry." More from TechRadar Pro Mac users targeted in new malvertising campaign delivering Atomic StealerHere's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article

Hot Topic customer may have been victims of a cyberattack when unknown actors tried to log into their accounts, the company has confirmed. In a breach notification letter sent to its customers, which was later picked up by BleepingComputer, the clothing store said that unidentified threat actors engaged in credential stuffing on November 18-19, and November 25, last year. With credential stuffing, an attacker tries a large number of username/password combinations against a service, until one combination works. Automation is usually deployed to speed the process up. User data taken According to Hot Topic, certain Hot Topic Rewards accounts were accessed during that time (the company didn’t specify how many), prompting the subsequent investigation. The company doesn’t know who the attackers are, or if they even managed to log into a noteworthy number of accounts. They also said they don’t know where the attackers got the login credentials from, but are certain they didn’t get it from Hot Topic. The breach notification letter was sent “out of an abundance of caution”. If the threat actors did manage to log into an account, they would have been able to obtain the user’s full name, email address, order history, month and day of birth, and mailing address. Not a lot, but still enough to run some forms of phishing or identity theft attacks. Compromised users who saved their credit card details on the platform shouldn’t worry too much, as just the last four digits of the card were visible, the company concluded. Hot Topic has since reset user passwords, and deployed counter-measures to protect both the website, and the app, from credential stuffing attacks. External cybersecurity experts were also brought in, the company concluded. Hot Topic has more than 600 stores in the US and Canada, employing more than 10,000 people. More from TechRadar Pro What is credential stuffing, and how does it work?Here's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article

One in four industrial enterprises had to temporarily cease operations due to cyberattacks within the past year, suggesting operational technology must improve. The post Industrial Enterprise Operational Technology Under Threat From Cyberattacks appeared first on Security Boulevard. View the full article

A new report from CrowdStrike has found cyberattacks are getting faster, with breakout times down to an average of 62 minutes compared to an average of 84 minutes in 2023. 34 new threat actors have also joined the cyber scene, with a total of over 230 individual threat actors now tracked by the company. A new record breakout time was also recorded at just two minutes and seven seconds to jump from an infected host to another hose within the network. Hackers are following their targets into the cloud The report highlights the rapid increase in the speed of attacks and the use of AI assistance is “driving a tectonic shift in the security landscape and the world.” The human factor has increasingly become the main source of entry for threat actors, with interactive intrusions and hands-on-keyboard attacks increasing by 60%. Many threat actors have increased their use of social engineering and phishing campaigns to gain abusable credentials, and ultimately access to their target’s environment. As businesses continue their journey towards the cloud, threat actors have followed, with cloud intrusions increasing by 75% since last year. Threat actors are also seeking greater knowledge of the cloud itself, with the exploitation of cloud unique features experiencing a 110% increase. Threat actors are sowing further disruption by exploiting trusted relationships to compromise supply chains, allowing the actor to “cast a wide net” in its victim selection. CrowdStrike highlights successful attempts by the North Korean ‘Labyrinth Chollima’ to intrude trusted software as a delivery mechanism for data stealing malware. CrowdStrike also issues a warning to democracy as state-sponsored adversaries are highly likely to target critical upcoming elections. Russia, China, and Iran all have motivations to influence and disrupt elections and will likely launch disinformation campaigns that take advantage of geopolitical tensions and conflicts to influence voters and exacerbate societal fractures. Threat actors are stepping up their use of AI-generated content, including artificial images and video, to spread misinformation on social media. CrowdStrike expects increasing abuse of open-source or publicly available LLMs to continue, rather than threat-actors developing their own home-grown models. “Over the course of 2023, CrowdStrike observed unprecedented stealthy operations from brazen eCrime groups, sophisticated nation-state actors and hacktivists targeting businesses in every sector spanning the globe,” said Adam Meyers, head of Counter Adversary Operations, CrowdStrike. “Rapidly evolving adversary tradecraft honed in on both cloud and identity with unheard of speed, while threat groups continued to experiment with new technologies, like GenAI, to increase the success and tempo of their malicious operations. “To defeat relentless adversaries, organizations must embrace a platform-approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk.” More from TechRadar Pro Technical debt and cloud issues are the biggest barriers to digital transformation for many companiesThese are the best cloud firewalls and best cloud backup servicesHere is our guide to the best endpoint protection software View the full article

After reading the technical details about this zero-day that targeted governmental entities and a think tank in Europe and learning about the Winter Vivern threat actor, get tips on mitigating this cybersecurity attack.View the full article