Search Results: malware

Emotet Pivots From Office Macros to OneDrive URLs and PowerShell, Security Researchers Warn

With Microsoft taking action preventing the malicious use of Office macros, the Emotet operators are turning to OneDrive URLs and PowerShell.

April 27, 2022 Zachary Comeau Leave a Comment

Notorious botnet Emotet is reportedly testing out new attack methods that bypass new Microsoft protections against Macros in Office documents and leverage OneDrive URLs and PowerShell. The Emotet botnet began its reemergence in November 2021 after its January 2021 takedown by a multinational coalition of law enforcement, with the group associated with the botnet targeting […]

Trellix Finds Escalation of Cyberattacks Targeting Critical Infrastructure as Geopolitical Tensions Rise

April 27, 2022 TechDecisions Staff Leave a Comment

New Report Details Wiper Malware Aimed at Ukraine and Upsurge in Cyber Threats from Likely Russian-backed Actor in the Fourth Quarter of 2021 News Highlights Advanced persistent threat (APT) actors most often targeted the transportation and shipping sectors in Q4 2021. APT29, believed to conduct operations for Russian government entities, ranked most active among nation-state […]

insider threats, military document leak, Jack Teixeira, insider risk

Insiders Pose Cybersecurity Threat to Healthcare

The average cost for credential theft was more than $871,000 for each incident associated with an insider, warns HHS.

April 26, 2022 TD Staff Leave a Comment

The U.S. Department of Health and Human Services (HHS) Cybersecurity Program Office of Information Security warned healthcare facilities on Thursday about vulnerabilities to insider threats. HHS cited a 2020 study from Ponomon, which found that 61% of data breaches involving an insider are primarily unintentional, caused by negligent insiders. Nearly 14% of breaches, however, are […]

More Than 100 Lenovo Laptops Vulnerable to Firmware Bugs

Security researchers have discovered three UEFI firmware vulnerabilities impacting more than 100 different models of Lenovo consumer laptops.

April 20, 2022 Zachary Comeau Leave a Comment

Security researchers have discovered three Unified Extensible Firmware Interface vulnerabilities impacting more than 100 different models of Lenovo consumer laptops that could allow attackers to deploy and execute malware. According to Slovakia-based cybersecurity firm ESET, two of the discovered firmware bugs affect UEFI firmware drivers originally designed to only be used during the manufacturing process […]

Hackers Adapting Despite Improved Detection, Mandiant Says

Mandiant says in its M-Trends report that it is tracking 1,100 new threat actors and over 700 new malware families in the past year.

April 19, 2022 Zachary Comeau Leave a Comment

Although the IT software supply chain and the technologists tasked with using those tools to keep organizations safe from cyberattacks continue to innovate, hackers are also adapting their techniques to target and infiltrate organizations’ IT environments, according to cybersecurity firm Mandiant’s M-Trends report. The company’s M-Trends 2022 report, based on investigational metrics between Oct. 1 […]

Human hand with magnifying glass found spam email with skull and cross bones computer virus on laptop computer. ZLoader attack

How to Identify and Defend Against ZLoader Attacks

Microsoft is warning of ZLoader attacks— here's how to spot it and defend against the disabling security and antivirus trojan.

April 14, 2022 TD Staff Leave a Comment

Microsoft 365 Defender Threat Intelligence Team has released details and a warning about the ZLoader Trojan. The ZLoader trojan, known for its ability to evolve and change from campaign-to-campaign, is said to be derived from the Zeus banking trojan first discovered in 2007. Microsoft says ZLoader is an attacker’s tool of choice— it has defense […]

Why Healthcare Needs Better Data Security

A staggering 44,993,618 healthcare records were exposed or stolen in 2021, organizations must be more proactive in securing patient data.

April 12, 2022 Brian Foy Leave a Comment

As the healthcare industry accelerates into an increasingly digitized world, cyber breaches exposing confidential patient data are becoming more commonplace. In fact, according to the Department of Health and Human Services’ Office for Civil Rights’ breach portal, a staggering 44,993,618 healthcare records were exposed or stolen in 2021. The implications of these security breaches are […]

Spring4Shell Being Exploited To Spread Mirai Botnet

Security researchers with cybersecurity firms say hackers are actively exploiting the Spring4Shell bug to deploy the Mirai botnet malware.

April 11, 2022 Zachary Comeau Leave a Comment

Security researchers with cybersecurity firms say hackers are actively exploiting the Spring4Shell vulnerability to deploy the Mirai botnet malware. In a research report detailing the exploits, Tokyo-based cybersecurity firm Trend Micro says it has observed the exploitation since the start of this month after the remote code execution bug (CVE-2022-22965) in the Spring Framework was […]

China, Hacking, Microsoft, Routers, Volt Typhoon

Report: Advanced Threats Detected Rise 33% in Q4

WatchGuard Technologies' Internet Security Report finds that attacks are increasing and a 2018 Office exploit is being exploited.

April 7, 2022 Zachary Comeau Leave a Comment

If the fourth quarter for 2021 is any indication, 2022 will be another year that cybersecurity and IT professionals would want to forget, as advanced network attacks increase by 33% in the fourth quarter, indicating a higher level of zero day threats than ever before, reports WatchGuard Technologies. In a new analysis of the fourth […]

FBI Takes Down Russian GRU Sandworm Botnet: What You Need To Know

The FBI obtained a court order to remove Russian botnet malware from firewall devices from thousands of victims. Here's what you need to know.