An international law enforcement campaign that began in 2020 culminated in the infiltration and control of the botnet's infrastructure, with a beneficial payload delivered to infected devices that scrubs the Emotet malware.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Hackers exploited Pulse Connect Secure VPN vulnerabilities to collect passwords, install web shells, and bypass multi-factor authentication on victims’ networks, including federal agencies.
Move to mass remote working in 2020 has only made the data loss problem worse. 59% of IT leaders reported an increase in email data loss since the pandemic began.
In many ways, the benefit of cloud computing is also its main drawback. How can organizations keep their IT environments secure while leveraging the full benefits of a cloud-native approach?
The Biden administration has announced a 100-day plan aimed at rapid improvement of US power grid cybersecurity. The administration made reference to "bold" moves and laid out some of its general proposals.
Imperva found that bot traffic accounted for 40% of internet activity. Malicious scripts were responsible for 26% of website visits and could interfere with the COVID-19 vaccine.
Insurance giant Geico mailed notifications of a data breach to its customers, indicating that an unknown number of driver's license numbers were compromised and might be used for fraudulent unemployment claims.
Researchers discovered apps infected with Joker malware on Huawei’s AppGallery. The affected apps subscribe users to mobile premium services and were downloaded more than 500,000 times on Huawei Android phones.
Newly released Cybersecurity Maturity Model Certification (CMMC) framework will require third-party assessment of mandatory practices and requirements to strengthened cybersecurity infrastructure for the DoD and its more than 300,000 contractors.
Study from HP reveals that nation-state cyber attacks have not only doubled since 2017, but are also increasingly incorporating attacks on physical assets (such as infrastructure).










