How to Prevent Corporate Data Leaks in the Cloud

Forget shadowy attackers deploying bespoke zero-day exploits from afar. A risk that is far more real for organizations as they embark on ambitious digital transformation projects is human error. In fact, “miscellaneous errors” accounted for 17% of data breaches last year, according to Verizon. When it comes to the cloud, there’s one particular trend that stands out above all others: misconfiguration. It’s responsible for the leaks of billions of records every year and remains a major threat to corporate security, reputation and bottom line.

Mitigating this persistent human-shaped threat will require organizations to focus on gaining better visibility and control of their cloud environments – using automated tooling where possible.

continue reading: https://www.welivesecurity.com/2021/09/22/plugging-holes-how-prevent-corporate-data-leaks-cloud/

Conti Ransomware Attacks on the Rise, FBI, CISA, and NSA Warn

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed the increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations. (See FBI Flash: Conti Ransomware Attacks Impact Healthcare and First Responder Networks.) In typical Conti ransomware attacks, malicious cyber actors steal files, encrypt servers and workstations, and demand a ransom payment.

To secure systems against Conti ransomware, CISA, FBI, and the National Security Agency (NSA) recommend implementing the mitigation measures described in this Advisory, which include requiring multi-factor authentication (MFA), implementing network segmentation, and keeping operating systems and software up to date.

continue reading: https://us-cert.cisa.gov/ncas/alerts/aa21-265a

Sponsored by SwapToken.com – The Evolution In Virtual Coin Transfer

A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit

Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table (WPBT) affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and compromise the integrity of devices.

“These flaws make every Windows system vulnerable to easily-crafted attacks that install fraudulent vendor-specific tables,” researchers from Eclypsium said in a report published on Monday. “These tables can be exploited by attackers with direct physical access, with remote access, or through manufacturer supply chains. More importantly, these motherboard-level flaws can obviate initiatives like Secured-core because of the ubiquitous usage of ACPI [Advanced Configuration and Power Interface] and WPBT.”

continue reading: https://thehackernews.com/2021/09/a-new-bug-in-microsoft-windows-could.html

Ransomware Attackers Targeted This Company Then Defenders Discovered Something Curious

Cybersecurity researchers have detailed a ransomware campaign that clearly borrows attack techniques used by nation-state-backed hacking and cyber-espionage operations.

The campaign came to light when cyber criminals attempted to launch a ransomware attack against an unspecified product safety testing organisation. The attack was detected and stopped before it was successful, but provided cybersecurity researchers at eSentire with enough information to analyse the tactics, techniques and procedures being used.

continue reading: https://www.zdnet.com/article/ransomware-attackers-targeted-this-company-then-defenders-discovered-something-curious/

A Second Farming Cooperative Got Shut Down by Ransomware This Week

Crystal Valley is a leading farm supply and grain marketing cooperative focused on serving the needs of crop farmers and livestock producers in southern Minnesota and northern Iowa.

Crystal Valley has recently disclosed the fact that their company was targeted with a ransomware attack that led them to shut down IT systems, therefore making them unable to accept any payments using Visa, Mastercard, and Discover credit cards.

continue reading: https://heimdalsecurity.com/blog/farming-cooperative-shut-down-by-ransomware/

Finger New Apt Group, Famoussparrow, for Hotel Attacks

Researchers at security specialist ESET claim to have found a shiny new advanced persistent threat (APT) group dubbed FamousSparrow – after discovering its custom backdoor, SparrowDoor, on hotels and government systems around the world.

“FamousSparrow is currently the only user of a custom backdoor that we discovered in the investigation and called SparrowDoor,” ESET researcher and co-author of the report Tahseen Bin Taj explained in a prepared statement. “The group also uses two custom versions of Mimikatz. The presence of any of these custom malicious tools could be used to connect incidents to FamousSparrow.”

continue reading: https://www.theregister.com/2021/09/23/researchers_finger_new_apt_group/

Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers

More than one terabyte of data containing 5.5 million files has been left exposed, leaking personal information of over 100,000 customers of a Colombian real estate firm, according to cybersecurity company WizCase.

The breach was discovered by Ata Hakçıl and his team in a database owned by Coninsa Ramon H, a company that specializes in architecture, engineering, construction, and real estate services. “There was no need for a password or login credentials to see this information, and the data was not encrypted,” the researchers said in an exclusive report shared with The Hacker News.

continue reading: https://thehackernews.com/2021/09/colombian-real-estate-agency-leak.html

Telegram Becomes the New Dark Web, Here’s What Cybercriminals are Selling

Cybercrime trade on Telegram is exploding as cybercriminals take to the popular instant messaging app to buy, sell, and share stolen data and hacking tools. New research highlights that threat actors consider Telegram as their new channel of choice to conduct their evil businesses.

continue reading: https://cyware.com/news/telegram-becomes-the-new-dark-web-heres-what-cybercriminals-are-selling-4a631f3a

Vaccine Passports for Sale on the Dark Web

The battle against COVID has been waged for almost two years. With over 2 billion people around the globe now fully vaccinated, some countries have introduced a vaccine passport (certificate) program to allow people with proof of vaccination to travel, return to the office, and participate in public events.

For a time, the United Kingdom considered having nightclubs and other similar indoor venues require proof of vaccination for entry by the end of September. However, that idea has since been rescinded. In the United States, President Joe Biden recently mandated that certain members of the workforce be vaccinated, and proof of vaccination may be required. Other activities, like shopping or travel, may be impacted as people abuse the honor system. In the EU, digital COVID certificates already make travel between member states easier. 

continue reading: https://www.fortinet.com/blog/threat-research/vaccine-passports-for-sale-on-the-dark-web

Read more Cyber Security News at https://que.com/tag/cybersecurity/