2018 and Security Defenses - Cyber Security Informer

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. In November 2018, a GandCrab affiliate posted a screenshot on the Exploit[.]in The GandCrab identity on Exploit[.]in

Ransomware

Ransomware Accountability Cybercrime Passwords

Google Play Protect prevented 1.9 billion malware installs from Third-party stores in 2019

Security Affairs

FEBRUARY 13, 2020

In May 2017, Google introduced a security defense system called Google Play Protect to protect the devices running its mobile OS. billion, reported in the last two years ([ 2017 ], [ 2018 ]), they demonstrate the huge effort spent by the company to protect its users. billion malware installs from Third-party stores.

Malware

Malware Mobile Advertising Security Defenses

Vulnerability Recap 7/29/24 – Multiple Old Security Flaws Reappear

eSecurity Planet

JULY 29, 2024

A Microsoft SmartScreen vulnerability from earlier this year resurfaced, and a Docker flaw from 2018 is still causing issues in a newer version of the software. If you’re part of an IT or security team responsible for handling vulnerabilities, make sure your team has a way to be immediately updated when new issues arise.

Internet

Internet Internet Accountability Software

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

Security Affairs

NOVEMBER 3, 2022

In order to weaken the security defenses installed on the target machine, Black Basta targets installed security solutions with specific batch scripts downloaded into the Windows directory. aka BIRDDOG)’ It is a backdoor that was used by the FIN7 group since at least 2018, it also connects to a C2 IP address 45[.]67[.]229[.]148

Cybercrime

Cybercrime Ransomware Antivirus Malware

Dutch police arrested the author of Dryad and Rubella Macro Builders

Security Affairs

JULY 19, 2019

The Rubella Macro Builder crimeware kit appeared in the threat landscape on April 2018 and rapidly gained popularity in the cybercriminal underground. The macro might also purposely attempt to bypass endpoint security defenses. .

Malware

Malware Social Engineering Advertising Antivirus

Beyond Awareness: How to Cultivate the Human Side of Security

CyberSecurity Insiders

MAY 16, 2022

That investment requires shifting attitudes from general awareness of security, which most workers already have, to genuinely caring about it and seeing themselves as a true part of their company’s security defenses. In certain circumstances, anyone, even a security professional, can be hacked. About Amanda Fennell.

CSO

CSO Passwords Password Management Accountability

Cybersecurity Mergers Flatline. Here’s Why That Won’t Last.

eSecurity Planet

SEPTEMBER 7, 2023

Perimeter 81, which was launched in 2018, runs a converged network and security platform to manage in-office and remote workforces. Also read: Some Cybersecurity Startups Still Attract Funding Despite Headwinds Check Point Software Buys Perimeter 81 Check Point Software announced the purchase of Perimeter 81 in August.

Cybersecurity

Cybersecurity Marketing Software DDOS

APT trends report Q1 2021

SecureList

APRIL 27, 2021

On February 24, the National Security Defense Council of Ukraine (NSDC) publicly warned that a threat actor had exploited a national documents circulation system (SEI EB) to distribute malicious documents to Ukrainian public authorities. Domestic Kitten is a threat group mainly known for its mobile backdoors.

Malware

Malware Government Spyware Social Engineering

Weekly Vulnerability Recap – August 14, 2023 – Old or New, Vulnerabilities Need Management

eSecurity Planet

AUGUST 14, 2023

Cybersecurity and Infrastructure Security Agency (CISA) recently published an analysis of the top 12 vulnerabilities exploited in 2022. Seven of these vulnerabilities were discovered between 2018 and 2021 and remained unpatched! Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy.

Software

Software Malware Internet Internet

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

eSecurity Planet

JUNE 10, 2024

DarkGate, developed by RastaFarEye and active since 2018, exploits security holes in Microsoft Excel and HTML attachments to overcome defenses and deliver malicious payloads, primarily targeting healthcare, telecommunications, and finance sectors around the world.

Malware

Malware Authentication Software Telecommunications

Volt Typhoon Disrupts US Organizations, CISA Issues Alerts

eSecurity Planet

FEBRUARY 16, 2024

Using “ living off the land binaries ,” they conceal their operations within ordinary system characteristics, bypassing simple endpoint security protections. LotL emerged in 2018 and became a popular strategy among malicious actors due to its effectiveness in ensuring covert persistence and discovery evasion.

Internet

Internet Internet Network Security Cybersecurity

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

To remedy this vulnerability, Adobe recommends installing Update 16 for ColdFusion 2018 and Update 6 for ColdFusion 2021. The security bulletin was last updated August 25. The deserialization vulnerability has a high-severity CVSS score of 9.8. This vulnerability can lead to arbitrary code execution (ACE).

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – October 30, 2023 – Citrix & Cisco Haunted by Vulnerabilities

eSecurity Planet

OCTOBER 30, 2023

The problem: Similar to 2018’s Spectre processor vulnerability, the iLeakage vulnerability stems from Apple CPU performing speculative execution. The fix: Update vulnerable BIG-IP modules to versions that include the Hotfix as soon as possible.

Authentication

Authentication Mobile Accountability Software

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

To remedy this vulnerability, Adobe recommends installing Update 16 for ColdFusion 2018 and Update 6 for ColdFusion 2021. The security bulletin was last updated August 25. The deserialization vulnerability has a high-severity CVSS score of 9.8. This vulnerability can lead to arbitrary code execution (ACE).

VPN

VPN Authentication Mobile Firewall

Trending CVEs for the Week of February 4th, 2019

NopSec

FEBRUARY 6, 2019

Security researcher Alex Inführ discovered and disclosed a way to achieve a remote code execution as soon as a user opens a malicious ODT (OpenDocument Text) file and moves the mouse over the document, without generating any warning dialog. This CVE has been assigned a CVSS V3 base score of 7.8, Affected Products LibreOffice 6.1.0-6.1.3.1

Small Business

Small Business Security Defenses Software Media

Microsoft & Google Offer Discounted Cybersecurity Solutions to Rural Hospitals

eSecurity Planet

JUNE 18, 2024

There has been a 239% rise in hacking-related data breaches and a 278% surge in ransomware attacks between January 1, 2018, and September 30, 2023. million records were breached, marking a bad year for data security. In 2021, 45.9 2022 was even worse, with 51.9 million records compromised.

Cybersecurity

Cybersecurity Healthcare Computers and Electronics Data breaches

Barracuda SecureEdge SASE Review 2023

eSecurity Planet

SEPTEMBER 22, 2023

Recognizing the evolution in both cybersecurity and customer needs, Barracuda began to develop new capabilities as well as acquire complementary companies to deliver technology solutions for application security, cloud backups, firewalls, and more.

Firewall

Firewall Marketing Firmware Technology

Top 5 Strategies for Vulnerability Mitigation

Centraleyes

DECEMBER 6, 2023

According to Purplesec, ransomware attacks have increased by 350% since 2018, zero-day attacks were up by 55% in 2021, and out of the 30 million SMBs in the USA, over 66% have had at least 1 cyber incident between 2018-2020. Vulnerability management is a critical element of information security.

Risk

Risk Cyber Risk Software Information Security

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

eSecurity Planet

FEBRUARY 26, 2024

In 2018, British Airways was attacked by a group of hackers that used an XSS vulnerability in a JavaScript library. If you’re interested in learning more about security for other applications, not just web apps, read about the different types of application security.

Risk

Risk Financial Services Engineering Software

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

In 2018, Australia passed a Telecommunications and Other Legislation Amendment that permits a five-year jail penalty to be applied to visitors that refuse to provide passwords for all digital devices when crossing the border into Australia. Pressure on both professional and personal encryption can also be seen in government legislation.

Encryption

Encryption Passwords IoT Firewall

What Is API Security? Definition, Fundamentals, & Tips

eSecurity Planet

SEPTEMBER 8, 2023

wants to update the website’s programming and security features. Users weren’t compelled to change their passwords, but those who registered prior to 2018 should think about doing so on other websites as well. Users are urged to implement two-factor authentication for increased security because Discord.io

Authentication

Authentication Architecture Firewall Threat Detection

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

Increasing Regulation Decades of use and abuse of computer systems led to early regulation, such as Europe’s General Data Protection Regulation (GDPR) adopted in 2016 and California’s Consumer Privacy Act (CCPA) passed in 2018. While the EU leads in regulation, the US will also exert regulatory influence.

Cybersecurity

Cybersecurity CISO Government Technology

Cyber Security Informer

Who’s Behind the GandCrab Ransomware?

Google Play Protect prevented 1.9 billion malware installs from Third-party stores in 2019

Webinars

Trending Sources

Vulnerability Recap 7/29/24 – Multiple Old Security Flaws Reappear

Webinars

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

Dutch police arrested the author of Dryad and Rubella Macro Builders

Beyond Awareness: How to Cultivate the Human Side of Security

Cybersecurity Mergers Flatline. Here’s Why That Won’t Last.

APT trends report Q1 2021

Weekly Vulnerability Recap – August 14, 2023 – Old or New, Vulnerabilities Need Management

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

Volt Typhoon Disrupts US Organizations, CISA Issues Alerts

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – October 30, 2023 – Citrix & Cisco Haunted by Vulnerabilities

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Trending CVEs for the Week of February 4th, 2019

Microsoft & Google Offer Discounted Cybersecurity Solutions to Rural Hospitals

Barracuda SecureEdge SASE Review 2023

Top 5 Strategies for Vulnerability Mitigation

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

What Is Encryption? Definition, How it Works, & Examples

What Is API Security? Definition, Fundamentals, & Tips

5 Major Cybersecurity Trends to Know for 2024

Stay Connected