IT News - Security

REvil Gang Still Threating to Release More Data

Scott Ferguson writes in Data Breach Today, "A recent ransomware attack that targeted a law firm that serves celebrities may have been facilitated by a Pulse Secure VPN server that was not properly patched and mitigated against a well-known vulnerability, some security experts say.

The New York law firm of Grubman Shire Meiselas and Sacks, which represents many celebrities, including Lady Gaga, Madonna, Mariah Carey, U2, Bruce Springsteen and Mary J. Blige, is being extorted by the operators of the REvil ransomware variant who are asking for $42 million in ransom under the threat of releasing more documents it stole related to the firm's roster of clients..."


REvil Gang Still Threating to Release More Data

Scott Ferguson writes in Data Breach Today, "A recent ransomware attack that targeted a law firm that serves celebrities may have been facilitated by a Pulse Secure VPN server that was not properly patched and mitigated against a well-known vulnerability, some security experts say.

The New York law firm of Grubman Shire Meiselas and Sacks, which represents many celebrities, including Lady Gaga, Madonna, Mariah Carey, U2, Bruce Springsteen and Mary J. Blige, is being extorted by the operators of the REvil ransomware variant who are asking for $42 million in ransom under the threat of releasing more documents it stole related to the firm's roster of clients..."


With millions of employees now attempting to work from home, it's vital to challenge misconceptions about cybersecurity

"Imagine you're working at the front desk of a tech company when a woman walks through the front door and tells you she was just in a car accident," writes Zack Schuler in Dark Reading.

"You ask if there's anything you can do to help, but she says it wasn't serious and asks if you could direct her to a restroom.

You later discover that the woman inserted a flash drive into an unattended computer and infected your company's entire system with a destructive form of malware. Or at least that's what she could have done if the malware was real - this strange scenario was actually an elaborate demonstration (arranged by a cybersecurity professional I know) designed to show employees that not all cyberattacks are carried out remotely..."


With millions of employees now attempting to work from home, it's vital to challenge misconceptions about cybersecurity

"Imagine you're working at the front desk of a tech company when a woman walks through the front door and tells you she was just in a car accident," writes Zack Schuler in Dark Reading.

"You ask if there's anything you can do to help, but she says it wasn't serious and asks if you could direct her to a restroom.

You later discover that the woman inserted a flash drive into an unattended computer and infected your company's entire system with a destructive form of malware. Or at least that's what she could have done if the malware was real - this strange scenario was actually an elaborate demonstration (arranged by a cybersecurity professional I know) designed to show employees that not all cyberattacks are carried out remotely..."


IAM tools keep enterprises safe by ensuring only authorized users can access sensitive data and applications. Read this in-depth product overview of top tools on the market

Andrew Froehlich writes in SearchSecurity, "Modern identity and access management products help IT security professionals centrally manage access to all applications and files for employees, customers, partners and other authorized groups. This IAM-provided management is scalable across the entire corporate infrastructure, including the corporate LAN, wireless LAN, WAN, and even into public and private clouds. In many cases, IAM is a must-have for resources that fall under regulatory compliance rules..."

IAM tools keep enterprises safe by ensuring only authorized users can access sensitive data and applications. Read this in-depth product overview of top tools on the market

Andrew Froehlich writes in SearchSecurity, "Modern identity and access management products help IT security professionals centrally manage access to all applications and files for employees, customers, partners and other authorized groups. This IAM-provided management is scalable across the entire corporate infrastructure, including the corporate LAN, wireless LAN, WAN, and even into public and private clouds. In many cases, IAM is a must-have for resources that fall under regulatory compliance rules..."

No, malware cannot spread from devices sitting next to each other

Samantha Ann Schwartz writes in CIO Dive, "Before the coronavirus pandemic forced the workforce to work from home, employees conceded some flaws: There's a knowledge gap in security best-practices.

Four in 10 employees believe it's "maybe" possible for malware to infect devices that are "too close" to each other, according to a survey of more than 1,000 U.S. employees by Osterman Research in partnership with MediaPRO..."


No, malware cannot spread from devices sitting next to each other

Samantha Ann Schwartz writes in CIO Dive, "Before the coronavirus pandemic forced the workforce to work from home, employees conceded some flaws: There's a knowledge gap in security best-practices.

Four in 10 employees believe it's "maybe" possible for malware to infect devices that are "too close" to each other, according to a survey of more than 1,000 U.S. employees by Osterman Research in partnership with MediaPRO..."


By popular request here is my go-to list as a security professional

Steve Hollands writes in peerlyst, "The list contains tools and scripts for every purpose , attack or defence , windows , linux , MacOs , wireless , databases , android etc

I made this list so that you have a fast solution for every problem without having to do an extensive and time-consuming search for the right tool , especially when speed is of the essence in crisis situations

Of course this list doesn't cover everything but i hope it covers a very wide range that can help you when in need of a specific solution in your day to day life as a security professional..."


By popular request here is my go-to list as a security professional

Steve Hollands writes in peerlyst, "The list contains tools and scripts for every purpose , attack or defence , windows , linux , MacOs , wireless , databases , android etc

I made this list so that you have a fast solution for every problem without having to do an extensive and time-consuming search for the right tool , especially when speed is of the essence in crisis situations

Of course this list doesn't cover everything but i hope it covers a very wide range that can help you when in need of a specific solution in your day to day life as a security professional..."


Anecdotally, it has been clear for a while that enterprises are often leaving cloud storage repositories open due to oversight or error

Larry Dignan writes in ZDNet, "Now Verizon's security research shows that the "error" category is on the rise due to better reporting.

The plague of enterprises leaving cloud storage holding private data unprotected is starting to show up in the security statistics and is one of the few attacks on the rise, according to the Verizon Data Breach Investigation Report for 2020.

That reality is both good and bad, said Gabe Bassett, senior information security data scientist at Verizon Enterprise. The bad news is that misconfiguration errors still exist. The good news is that companies are reporting these breaches more and quantifying the issue. "I don't think it is a case of enterprises making more errors as much as them being reported more," said Bassett..."


Anecdotally, it has been clear for a while that enterprises are often leaving cloud storage repositories open due to oversight or error

Larry Dignan writes in ZDNet, "Now Verizon's security research shows that the "error" category is on the rise due to better reporting.

The plague of enterprises leaving cloud storage holding private data unprotected is starting to show up in the security statistics and is one of the few attacks on the rise, according to the Verizon Data Breach Investigation Report for 2020.

That reality is both good and bad, said Gabe Bassett, senior information security data scientist at Verizon Enterprise. The bad news is that misconfiguration errors still exist. The good news is that companies are reporting these breaches more and quantifying the issue. "I don't think it is a case of enterprises making more errors as much as them being reported more," said Bassett..."


Researchers shows most "flight-risk" employees planning to leave an organization tend to start stealing data two to eight weeks before they go

"More than 80% of employees planning to leave an organization bring its data with them," warns Kelly Sheridan in Dark Reading.

"These 'flight-risk' individuals were involved in roughly 60% of insider threats analyzed in a new study.

Researchers analyzed more than 300 confirmed incidents as part of the "2020 Securonix Insider Threat Report." They found most insider threats involve exfiltration of sensitive data (62%), though others include privilege misuse (19%), data aggregation (9.5%), and infrastructure sabotage (5.1%). Employees planning an exit start to show so-called flight-risk behavior between two weeks and two months ahead of their last day, the researchers discovered..."


Researchers shows most "flight-risk" employees planning to leave an organization tend to start stealing data two to eight weeks before they go

"More than 80% of employees planning to leave an organization bring its data with them," warns Kelly Sheridan in Dark Reading.

"These 'flight-risk' individuals were involved in roughly 60% of insider threats analyzed in a new study.

Researchers analyzed more than 300 confirmed incidents as part of the "2020 Securonix Insider Threat Report." They found most insider threats involve exfiltration of sensitive data (62%), though others include privilege misuse (19%), data aggregation (9.5%), and infrastructure sabotage (5.1%). Employees planning an exit start to show so-called flight-risk behavior between two weeks and two months ahead of their last day, the researchers discovered..."

See all Archived IT News - Security articles See all articles from this issue