eCrime campaigns outpace state-sponsored activity in first half of 2020

CrowdStrike has released an annual report that reviews intrusion trends during the first half of 2020 and provides insights into the current landscape of adversary tactics, which has been heavily impacted this year by the remote workforce environment o… Continue reading eCrime campaigns outpace state-sponsored activity in first half of 2020

Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says

Six suspected Chinese hacking groups have zeroed-in on entities in the telecommunications sector in the first half of this year, according to CrowdStrike research published Tuesday. While CrowdStrike did not identify the groups by name, attackers have likely been running their hacking operations in an effort to steal sensitive data about targets, or to conduct intellectual property theft, researchers at the threat intelligence firm determined. The telecommunications sector was among the top most-targeted sectors in the first half of 2020, the company said, alluding to behavior that aligns with previous espionage patterns from hackers with suspected ties to Beijing. Publication of the report coincides with a fresh warning from the U.S. Department of Homeland Security that a Chinese intelligence agency is exploiting known software flaws to gather information from U.S. federal agencies, and amid an ongoing U.S. government effort to safeguard research into a COVID-19 vaccine, which Chinese hackers are alleged to have […]

The post Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says appeared first on CyberScoop.

Continue reading Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says

BT Security announces critical security partners for global portfolio

BT Security has announced the key partners that it will work with going forward to provide industry-leading managed security services to customers. The decision follows BT’s largest-ever appraisal of its security suppliers, and a comprehensive review o… Continue reading BT Security announces critical security partners for global portfolio

How do I select an endpoint protection solution for my business?

Endpoint protection has evolved to safeguard from complex malware and evolving zero-day threats. To select an appropriate endpoint protection solution for your business, you need to think about a variety of factors. We’ve talked to several cybersecurit… Continue reading How do I select an endpoint protection solution for my business?

Hackers are still running coronavirus-related campaigns, CrowdStrike warns

Although many municipalities around the world have begun to ease up on stay-at-home orders, hackers are still running spearphishing and disinformation campaigns taking advantage of the pandemic. Adam Meyers, CrowdStrike’s Vice President of Intelligence, says nation-state and criminal spearphishing campaigns that leverage COVID-19 themed lures are still on the rise. “We’ve been seeing an increase of … behavior of social engineering where they’re impersonating things like the WHO, CDC, HHS, hospitals, healthcare [entities], and even insurance companies to entice people to click links or to click on on phishing [and] open files,” Meyers said Wednesday while speaking at the virtual CrowdStrike’s Fal.Con for Public Sector Conference, produced by FedScoop and CyberScoop. “This is an increasing problem and it demonstrates that the threat actors have found an unprecedented level of awareness around COVID-19…and they’re taking advantage of that and they’re capitalizing on it.” Hackers working for China, Russia, Iran, North Korea, Pakistan, […]

The post Hackers are still running coronavirus-related campaigns, CrowdStrike warns appeared first on CyberScoop.

Continue reading Hackers are still running coronavirus-related campaigns, CrowdStrike warns

Ransomware operators now threatening to publish stolen data in extortion demands

Ransomware attackers typically encrypt files with the promise of decryption if victims make good on hefty ransom demands. But the status quo among ransomware operators has been shaken in the last several months, and they’re now beginning to move away from just demanding ransoms from victims. They’re also running hack-and-leak operations, according to CrowdStrike. “[A] trend that we’re starting to see in the last couple of months is that when victims don’t pay the ransom … threat actors have actually been threatening to disclose their sensitive files. So they’re actually exfiltrating data from the victim and threatening to disclose it,” CrowdStrike vice president of intelligence Adam Meyers said Wednesday while speaking at the virtual CrowdStrike’s Fal.Con for Public Sector Conference, produced by FedScoop and CyberScoop. In at least one case, attackers auctioned stolen data to the highest bidder on a custom-built website, Meyers said. “This is an escalation in the ransomware operations where they’re now moving […]

The post Ransomware operators now threatening to publish stolen data in extortion demands appeared first on CyberScoop.

Continue reading Ransomware operators now threatening to publish stolen data in extortion demands

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet. Continue reading Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity