Researchers at Lumen’s Black Lotus Labs are reporting on a newly discovered multistage remote access trojan (RAT) dubbed ZuoRAT. The RAT has been used to target remote workers via small office/home office (SOHO) routers that are rarely patched and so easy points of entry. Researchers first noticed the attacks in April of 2020, coinciding with the increase in remote work due to the pandemic, and has spread across North America and Europe mostly undetected since then. “… ZuoRAT and the correlated activity represent a highly targeted campaign against U.S. and Western European organizations that blends in with typical internet traffic…
ISBuzz Team
Geographic solutions ransomware attack impacts unemployment programs nationwide, security experts commented below.
Remote working and rise in ransomware drive IT leaders to manage risk with mandatory encryption Nearly three quarters require encryption of data held on removable media The number of UK organisations implementing data encryption as a core part of their cybersecurity strategy has continued to rise, with 32% introducing a policy to encrypt all corporate information as standard in the last year. In total,almost half (47%) of organisations now require the encryption of all data, whether it’s at rest or in transit. This is according to an annual survey of IT decision makers carried out by Apricorn, the leading manufacturer of software-free, 256-bit AES…
In light of the news that Macmillan, one of the largest book publishers in the US have been hit by a ransomware attack, security experts commented below.
Following the news that: 45% of Financial Services Customers Are Very Comfortable Using Non-Password Login Methods Customers Are Comfy Not Using Passwords | PYMNTS.com
Cybersecurity leaders are anticipating mass resignations within the year – here’s why Cybersecurity leaders are anticipating mass resignations within the year – here’s why | ZDNet
It has been reported that a new security vulnerability has been disclosed in RARlab’s UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive. Following responsible disclosure on May 4, 2022, the shortcoming was addressed by RarLab as part of version 6.12 released on May 6.
OpenSea, the largest NFT marketplace with more than $20 Billion in trading volume, disclosed a data breach Wednesday, warning users of phishing attacks that could target them due to a recent breach of most all of their customer email data. The online NFT marketplace says it has more than 600,000 users and possibly all of their emails were compromised. The company’s Head of Security, Cory Hardman, said that an employee of Customer.io, the platform’s email delivery vendor, downloaded email addresses belonging to OpenSea users and newsletter subscribers. Noting that all of the stolen emails were shared with an unauthorized external…
The one-year anniversary of the Kaseya ransomware attack is just around the corner on July 2nd. As we look back, cybersecurity leaders are able to analyze the events leading up to and during the attack in order to help prevent a future breach.
According to a new report from Tetra Defense, the Root Point of Compromise (RPOC) for attacks against U.S. companies was external exposure. Patchable and preventable external vulnerabilities were found to be responsible for the bulk of all attacks. 82% of incidents responded to by Tetra Defense were caused by the external exposure of a known vulnerability on the victim’s networkIncidents caused by unpatched systems cost organizations 54% more than those caused by employee errorLog4J/Log4Shell is still being actively exploited, but the significant global attention of the vulnerability has prevented ongoing widespread exploitationCompromised credentials still account for a number of incidents,…