Move over REvil, Ragnar Locker, BlackMatter, Conti et al: Three lesser-known gangs account for the vast majority of ransomware attacks in the U.S. and globally
"While there seem to be legions of ransomware gangs, it turns out that just a handful of ransomware-as-a-service (RaaS) actors dominate the entire ecosystem of encryption-attack threats.,"
writes Becky Bracken in threatpost
"In fact, just three ransomware families, none of them household names, make up 64 percent of all threats detected, according to telemetry data collected by Bitdefender during August: WannaCryptor, Stop/DJVU and Phobos..."
Security firm points to a 'stalkerware' epidemic, new Nobelium group activity
Gareth Halfacree writes in
"Security specialist ESET's latest Threat Report warns of a massive increase in attacks on Remote Desktop Protocol (RDP) endpoints - and new activity from the Nobelium gang against European government organisations.
ESET's figures show attacks on RDP servers having gone up 103.9 per cent since its T1 report in June - it publishes three a year - representing a total of 55 billion detected brute-force attacks, thanks in no small part to a campaign focused on Spanish targets..."
Cybersecurity training trends reflect the urgent need for organizations of all sizes to harden their infrastructure against increasing external and internal attacks
Sarah Hunt writes in Datamation
"In 2020, some 37 billion records were compromised in nearly 4,000 reported data breaches, according to RiskBased Security's 2020 Year End Data Breach QuickView Report.
Organizations that fail to invest in cybersecurity training are leaving their networks more vulnerable..."
Last week was the 20th anniversary of the Open Web Application Security Project (OWASP), and in honor of that date, the organization issued its long-awaited update to its top 10 exploits.
"It has been in draft form for months and has been updated several times since 2003, and before its latest iteration, in 2017.
In the past two decades, OWASP has become a sprawling series of projects, tutorials, knowledge bases, and other tools that are incredibly useful for application developers, corporate security managers, and penetration testers. If you haven't spent much time browsing its content, I'd encourage doing so, as it's very worthwhile and a tremendous learning resource. It incorporates the work of hundreds of volunteers, spanning hundreds of local chapters who give their time and energy to help improve the quality of applications and stop potential cyberthreats. It now has more than 200 different projects that cover topics such as mobile security, various testing tools such as WebGoat, and honeypots..." - Security Boulevard
What is a botnet attack, and how do you stop one? A botnet (derived from 'robot network') is a large group of malware-infected internet-connected devices and computers controlled by a single operator.
Michelle Greenlee writes in
"Attackers use these compromised devices to launch large-scale attacks to disrupt services, steal credentials and gain unauthorized access to critical systems. The botnet command and control model allows the attacker(s) to take over operations of these devices in order to control them remotely. A botnet's strength is in the number of infected machines it contains. Attackers can control botnets remotely and receive software updates from them, using those updates to quickly shift their behavior...'
See all Archived IT News - Security articles
See all articles from this issue