GUEST RESEARCH: Threats against the manufacturing sector continue to persist—from ransomware groups that steal victim’s data before encrypting it to nation-state attackers seeking technology secrets and to company insiders looking for information to grab and sell to the highest bidder. Crippling ransomware attacks can even halt assembly lines and disrupt supply chains.
GUEST OPINION by Hayley Turner Director of Industrial Security - APAC at Darktrace: “Double Extortion” might sound like the title of a cheap airport thriller, but it’s a fast-growing component of the current ransomware explosion. While a year and a half ago, only one knownthreat actor used the tactic, there are now more than 16 ransomware groups actively using it.
A second case of NSA exploits being customised and used for attacks, before they were leaked on the Web by a group known as the Shadow Brokers in 2017, has come to light, this time following research by the Israel-based cyber security firm Check Point Research.
Cyber security vendor FireEye has a considerable amount of egg on its face after the tools used by its Red Team — an attack unit — have been stolen by a group that it claims is a "highly sophisticated state-sponsored adversary".
It's surprising that global cyber security firm Sophos has hidden from public view the fact that it has suffered a security breach which is said to have taken place during the week.
The US National Security Agency says it has no information on the probe into a leak of exploits by a group known as the Shadow Brokers back in 2016. The investigation was reported to have been going on for 15 months in November 2017.
After what seems like an eternity, a security company has dared to mention the unmentionable: the US does have advanced persistent threats or nation-state attack groups which are active.
Microsoft appears to have bungled the release of details of flaws in its operating systems and application software this month, with details of a wormable flaw in the SMB protocol leaking online even though the company did not release a fix for it as part of its normal monthly patch Tuesday.
Last week, Microsoft chief executive Satya Nadella visited Australia and it is fair to say that he received such a lot of puffs in the media that he could well have thought he had landed in a bakery.
The infamous ransomware WannaCry, which burst on to the world stage in May 2017, is still very much alive and infecting Windows PCs, but a zipped portion appears to have gotten corrupted, preventing its encryption and ransom note creation components from working.
British security researcher Marcus Hutchins has been freed by authorities in the US, having been adjudged to have already served the one year jail time that was imposed on him, and only subject to a further year of supervision.
The row between information security professionals and The New York Times, over an article it ran recently, claiming that a ransomware attack on local government offices in Baltimore, Maryland, was carried out through the use of a leaked NSA exploit known as EternalBlue, has moved in a different direction, with some of the infosec people themselves coming under attack – from their peers.
A number of information security professionals in the US have sharply criticised The New York Times over an article it ran recently, claiming that a ransomware attack on local government offices in Baltimore, Maryland, was carried out through the use of a leaked NSA exploit known as EternalBlue.
Microsoft has warned of the likelihood of another WannaCry-like episode if a remotely exploitable vulnerability in its Remote Desktop Services, announced as part of its monthly updates for May, is not patched as soon as possible.
British security researcher Marcus Hutchins faces up to 10 years in jail after pleading guilty to two of the 10 charges facing him in the US – creating banking trojans in the years before he took up a career in infosec.
The increasing frequency of cyber attacks is leading to mass complacency, the chief technology officer of the APAC operations of an Israeli firm has warned, adding that this is contributing to an apathetic mindset that “the worst has already happened”, which is extremely dangerous.
British security researcher Marcus Hutchins will finally have a chance to face a jury trial, with a date of 8 July being set for him in court in Milwaukee, nearly two years after he was arrested in Las Vegas.
The Melbourne Heart Group, a medical unit located at Cabrini Hospital in the Melbourne suburb of Malvern, has been hit by a Windows ransomware attack that has resulted in about 15,000 patients being locked.
A well-known security researcher claims that there is a massive conflict of interest in the UK's National Cyber Security Centre being a part of the the country's main spy agency, GCHQ, because the focus of the two organisations is at odds with each other.
British security researcher Marcus Hutchins, who is awaiting trial in the US over allegations that he created and help distribute a banking trojan, has claimed that on one occasion in the past he located and contacted an attacker who had launched a massive DDoS attack in the UK, and asked the individual who was behind it to desist from doing so, a request that was ultimately heeded.
I've gone to No Landline at all (never thought that would happen) with a 100GB/month mobile plan which includes unlimited[…]
I too have a copy of the document.
I wasn’t speaking for Labor. I was speaking as a fellow journalist aware of what actually happened. I don’t know[…]
No, you do not. I have not linked to any source. Some random quote is irrelevant to this story.
Why wasn't it sent to us? It was sent to some small outlets that are definitely not mainstream. How can[…]