Sixty-nine percent of organizations now manage more machine identities than human ones, with nearly half handling ten times as many. Machine identities—ranging from applications, databases, and bots to IoT devices and SaaS tools—are becoming more prevalent, with nearly three-quarters (72%) of security professionals acknowledging that managing these identities is more challenging due to poor internal processes and inadequate tools. As a result, 66% rely on manual processes for managing machine identities, straining already limited IT and security resources. These were some of the key findings of recent research by SailPoint Technologies called “Machine Identity Crisis: The Challenges of Manual Processes…
ISB Staff Reporter
Cybercriminals are leveraging increasingly sophisticated attack methods, including the strategic deployment of infostealers, research from Check Point Software’s October 2024 Global Threat Index reveals. The report also notes that the ‘Lumma Stealer’ malware, which leverages fake CAPTCHA pages to infiltrate systems through phishing and cracked game downloads, has surged to 4th in Check Point’s monthly global malware rankings. Once installed, it exfiltrates sensitive data, underscoring the effectiveness of today’s infostealers. Maya Horowitz, VP of Research at Check Point Software, says these findings highlight the need for more advanced cybersecurity defenses. “The rise of sophisticated infostealers underscores a growing reality. Cybercriminals…
Researchers at cybersecurity firm Perception Point have identified a new type of two-step phishing attack that exploits Microsoft Visio files (.vsdx) and Microsoft SharePoint. This strategy uses the .vsdx format to embed malicious URLs, effectively bypassing conventional security measures and targeting sensitive user credentials. How Two-Step Phishing Leverages Microsoft Visio Microsoft Visio, a widely used tool for creating diagrams like flowcharts and process maps, saves files in the .vsdx format, which has traditionally been considered a low-risk file type. However, recent phishing attacks have transformed these files into delivery vehicles for credential theft by embedding malicious URLs. Phishing attacks have…
Fortinet’s FortiGuard Labs has uncovered a sophisticated phishing campaign distributing a new variant of the Remcos Remote Access Trojan (RAT). The campaign begins with a phishing email containing a malicious Excel document designed to exploit vulnerabilities and deliver the Remcos malware onto victims’ devices. Remcos is a commercial remote administration tool (RAT) readily available for purchase, offering features intended for legitimate remote management of computers. However, it has become a powerful tool in the hands of cybercriminals, who misuse it to access sensitive information, control victim devices, and execute further malicious activities. This latest campaign showcases Remcos’s evolving tactics in…
The US Department of Justice, in collaboration with international law enforcement partners, has launched a major crackdown on RedLine and META, two of the world’s most prolific infostealer malware variants responsible for stealing sensitive data from millions of victims worldwide. In partnership with the Netherlands, Belgium, Eurojust, and other global agencies, the Department of Justice announced an extensive international operation aimed at dismantling the infrastructure supporting RedLine and META infostealers. This joint effort, coordinated through Europol’s Joint Cybercrime Action Taskforce (JCAT) and dubbed “Operation Magnus,” involved the seizure of domains, servers, and Telegram accounts utilized by the malware operators. Infostealers…
Three malicious packages uploaded to the npm registry were discovered to harbor BeaverTail, a JavaScript downloader and information stealer associated with a continuing North Korean campaign known as Contagious Interview. The packages—passports-js, bcrypts-js, and blockscan-api collectively amassed 323 downloads, and have been linked to threat actors from the Democratic People’s Republic of Korea (DPRK), also known as North Korea. According to a report from Palo Alto Networks’ Unit 42, the BeaverTail malware is associated with an ongoing cyber campaign dubbed Contagious Interview, which specifically targets job-seekers in the U.S. tech industry. In this scheme, victims are lured into participating in…
Cyware, a provider of threat intelligence management and cyber fusion solutions, has teamed up with ECS, a player in technology solutions for US public sector and defense organizations, to bolster government cybersecurity through an enhanced Intel Exchange platform. This partnership aims to tailor Cyware’s threat intelligence offerings for federal agencies, promoting collective defense and safeguarding critical national infrastructure. The collaboration will leverage ECS’s extensive expertise in public-sector cybersecurity to refine Cyware’s Intel Exchange, enabling government entities to adapt quickly to evolving threats. Key developments include upgrades to Cyware’s Threat Intel Risk Score engine, designed to accommodate the complex demands of…
The US Cybersecurity and Infrastructure Security Agency (CISA) has announced a set of proposed security requirements aimed at protecting Americans’ sensitive personal data and government-related information from foreign adversaries. These measures are part of the implementation of Executive Order 14117, signed by President Biden earlier this year, which seeks to mitigate the national security risks associated with unauthorized access to sensitive US data. The new guidelines focus on businesses and organizations involved in “restricted transactions” that handle large volumes of sensitive personal or government-related data. These entities could include technology developers, AI firms, cloud service providers, telecommunications companies, financial institutions,…
The manufacturing industry has emerged as the most targeted by cyber attacks, accounting for more than 25% of incidents across the top 10 sectors, with 45% of these involving malware. The industry’s appeal to malefactors has grown, largely due to its interconnectedness—dependent on elements ranging from raw materials to logistics—its low tolerance for operational disruptions, and the high value of intellectual property stored in its systems, which competitors could exploit to save millions. This was revealed by KnowBe4’s latest report, dubbed “Manufacturing: Maintaining Stability As Cyber Threats Explode in Volume and Sophistication.” The study delves into the state of cybersecurity…
On Friday, Eskenzi PR announced the winners of the 2024 Security Serious Unsung Heroes Awards in a ceremony held at Balfour St Barts in London. The event, now in its ninth year, recognized the work of cybersecurity professionals, educators, and advocates who play crucial roles in protecting online systems and promoting diversity within the industry. List of 2024 Winners: Sponsors for the event included KnowBe4, Check Point Software, ThinkCyber, Hornetsecurity, and Pulse Conferences. Irvin Shillingford, Regional Manager for Northern Europe at Hornetsecurity, acknowledged the importance of the Security Serious Unsung Heroes Awards in acknowledging the efforts of important, underappreciated cybersecurity…