Making Choices for Stronger Vulnerability Management
Through our honeypot data and view into our cyber insurance policyholders' attack surfaces, security tools, and workflows, Coalition has identified the key technology choices that place businesses at risk — as well as the choices that are proving most effective.
Cyber_Security_Channel
Ransomware Attack Disrupts Operations Across London Hospitals
The UK National Health Service (NHS) also weighed in with a statement on Tuesday, noting that the incident forced hospitals to "prioritize" urgent work.
Emergency services across the UK continued to be available as usual, and the NHS directed patients to attend scheduled appointments unless informed otherwise.
Cyber_Security_Channel
📩 CyberWeekly by Hacklido — Issue №2; 8th of June, 2024
Not much time has passed since we shared the first Issue of the CyberWeekly Newsletter from our partners at Hacklido.
A couple of days ago, they already published the second Issue from this helpful project.
It includes insights on the following topics:
• Mentorship in CTF
• Intel/AMD CPU internals
• Python for hackers — 10 projects
• Windows 11 TotalRecall dump tool
• Android Binder CVE — 2023-20938
• Finding your purpose in cybersecurity
And a lot more inside...
The full version can be found here.
-----
→ If your company / project / community wants to become a partner of Cyber Security News, feel free to reach out: @cybersecadmin
Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
This consisted of a Golang-based backdoor codenamed BRICKSTORM.
They were present within the rogue VMs and two web shells referred to as BEEFLUSH and BUSHWALK, allowing UNC5221 to execute arbitrary commands and communicate with command-and-control servers.
📷 Image Credit: The Hacker News
Cyber_Security_Channel
This New Hacker Group is Targeting Software Developers With Phony Job Offers and Fake Projects
Microsoft said the group is backed by North Korea.
When it was first spotted, there was a lot of overlap between Moonstone Sleet and other North Korea-backed hacking groups.
Since then it has shifted to its bespoke infrastructure and attacks.
Cyber_Security_Channel
Attackers Target Check Point VPNs to Access Corporate Networks
They're also useful for malicious purposes. Rather than having to, say, exploit a publicly facing server, or a zero-day vulnerability, a hacker could use a remote access VPN for clean, unfettered access to an organization's IT environment.
From there, they could begin establishing persistence, probing for vulnerabilities, and much more.
How, though, do they get access to that VPN connection in the first place?
Cyber_Security_Channel
International Malware Takedown Seized 100+ Servers
Between May 27 and May 29, police arrested four people, seized more than 100 servers and took control of more than 2,000 domains.
Arrests were made in Ukraine and Armenia, and servers were taken down or disrupted in Bulgaria, Canada, Germany, Lithuania, the Netherlands, Romania, Switzerland, the United Kingdom and the United States.
Cyber_Security_Channel
ℹ️📸 Cyber Security News as a Media Partner for Conferences and Events!
It has been an honour to serve as the official Media Partner and Exhibitor of the Cybersec Europe 2024 Conference in Brussels, Belgium (29th-30th of May, 2024).
From speaker announcements and exclusive content to live coverage and booth materials, it has been a truly productive and mutually beneficial partnership.
Our team hopes that you enjoyed all the content around the Conference and found it interesting!
Thank you to everyone who made this collaboration happen!
P.S. Case Study about our work with Cybersec Europe 2024 is coming soon...
-----
🌐 Would you like Cyber Security News to become a Media Partner of your Conference/Event?
📩 Contact us to discuss the details → @cybersecadmin
-----
@Cyber_Security_Channel
🤝 High-end Networking Service at the Cybersec Europe 2024 Conference
Throughout the convention, the Brussels Expo venue was equipped with a 'VIP Lounge' and the 'First Class Lounge', providing optimum spots for meetings and communication arrangements with other attendees.
In addition to the unqiue features such as noise isolation, both areas contained a wide selection of snacks and drinks for guests to enjoy during breaktimes.
@Cyber_Security_Channel
☕️ Okta’s exhibition space at Cybersec Europe 2024
The comapny followed a classic approach of larger corporations, and has included a Snack & Beverage stand in addition to the information and demo booth.
@Cyber_Security_Channel
🌐 One of the many renowned and recognized companies that were exhibited at the Cybersec Europe 2024 Conference – Amazon Web Services.
@Cyber_Security_Channel
☂️ Elegant stand by Agisko at the Cybersec Europe 2024 Conference.
@Cyber_Security_Channel
🇧🇪 The venue, where the Cybersec Europe 2024 Conference took place on 29th-30th of May
Pavilion number 5 of the Brussels Expo convention center is located opposite to a famous tourist attraction, proclaimed as the ‘Symbol of Brussels’ – Atomium.
@Cyber_Security_Channel
🎙️ The Main Stage hosted two Impact Panels throughout the double-day event
[Day 1] — ‘The impact of generative AI cybersecurity: are you prepared?’
[Day 2] – ‘Detection response and recovery’
🇪🇺 ‘Building an operational public – private cooperation among Cybersecurity Communities in Europe’
Luigi Rebuffi from ESCO and Women4Cyber spoke on the above topic as the first Main Stage keynote speaker of the second day at Cybersec Europe 2024.
@Cyber_Security_Channel
New North Korean Hacking Group Identified by Microsoft
To compromise its victims’ IT systems, Moonstone Sleet employs a combination of tried-and-tested and new techniques, including setting up fake companies and job opportunities to engage with potential targets, deploying trojanized versions of legitimate tools and creating malicious games.
Cyber_Security_Channel
IoT Vulnerabilities Skyrocket, Becoming Key Entry Point for Attackers
The riskiest devices observed in this category were:
— Electrocardiographs
— Medical information systems
— Medication dispensing systems
— Picture archiving and communication systems (PACS)
— Digital imaging and communications in medicine (DICOM) workstations
Cyber_Security_Channel
The Murky World of Password Leaks – and How to Check if You’ve Been Hit
Where does that leave us?
Perhaps the key takeaway is that even if you apply stringent personal security measures, your account credentials can still get caught up in such collections, primarily due to breaches at large companies.
This begs the question – how can you find out if your credentials have been compromised? Read on.
Cyber_Security_Channel
How Do Password Managers Work and Why Do You Need One?
But suppose you’re like many people who resort to reusing their old passwords to create new accounts.
In that case, it’s safe to say that it’s only a matter of time before your data and online accounts are compromised.
And by extension, once your overused passwords are discovered, all the accounts associated with them are at risk.
Cyber_Security_Channel
📩 CyberWeekly by Hacklido — Issue №1; 1st of June, 2024
At the beginning of the first month of the summer, our partners released a new version of their Newsletter.
It includes materials on the following topics:
• FlyingYeti
• Bug Bounty in 2024
• Hacking via WordPress
• Flipper zero cheat sheet
• Cybersecurity job updates
• Detecting Sandwich attacks in Ethereum
And much more...
You can find the full version of this release here.
-----
✨ If your company / project / community wants to become a partner of Cyber Security News, feel free to reach out: @cybersecadmin
-----
@Cyber_Security_Channel
Newly Detected Chinese Group Targeting Military, Government Entities
Spear-phishing emails employed in attacks over the past year included malicious archives containing LNK files designed to execute malicious commands instead, leading to the deployment of malware.
Cyber_Security_Channel
90+ Malicious Apps Totaling 5.5M Downloads Lurk on Google Play
Further, Zscaler's analysis shows that the apps most commonly used to hide malware on the mobile app store are tools such as the ones behind which Anatsa lurks, followed by personalization and photography apps.
Cyber_Security_Channel
📺 The Cyber Security News Booth at the Cybersec Europe 2024 Conference!
Our Team was happy to represent the Cyber Security News community with a booth that was located at the Partner Pavilion, next to the Main Stage.
It was a pleasure to serve as the Exhibitor at the Brussels Expo site, near prestigious 'neighbours' — companies and organisations such as:
• ISACA
• Women4Cyber
• European Cyber Security Organisation (ECSO)
• Solvay Brussels School of Economics and Management
Additionally, thank you very much to the Royal Jaarbeurs Team & Mick den Dijker for the opportunity and such a professional organisation throughout the event!
@Cyber_Security_Channel
💻 The 'Start-Up Zone' at the Cybersec Europe 2024 Conference
A professional, well-organized area within the Expo hall, encompassing a variety of innovative businesses from all around Europe, and beyond.
It was a pleasure to see Mitigant, Threat Exposure and Mindflow, as well as talking to Berilo, heylogin and ControlCase, among many other progressive ventures from the Start-Up ecosystem.
@Cyber_Security_Channel
🦾 ‘Xperts on tour: choosing the right cybersecurity technology’
Another insightful panel which was presented by Stijn Van Hoof and Davy De Mits.
📅 29th of May, 2024
📍 Brussels Expo
The two specialists from Exclusive Networks spoke on The Heroes Stage during the first day of the Cybersec Europe 2024 Conference in Brussels, Belgium.
@Cyber_Security_Channel
🤖 ‘Cybersecurity in the Age of AI’ – by Scott McKinnon from Palo Alto Networks
Still thinking about the two-day Conference, Cybersec Europe 2024, our team attended earlier this week.
One of the many sessions was presented by the Chief Security Western Officer of Palo Alto Networks in Theatre 6, tackling a very relevant topic of artificial intelligence in relation to Cyber Security.
@Cyber_Security_Channel
🔊 Founder of ‘heylogin’ and a Business Development Manager from ‘ControlCase’ pitching their Start-Ups on The Heroes Stage (Day 1)
Throwback to our time in Brussels, at Cybersec Europe 2024.
It was great to connect with Dominik Shurmann and Karolien Holsters within their companies’ booths, in the ‘Start-Up Zone’, at Day 2 of the event.
@Cyber_Security_Channel
🔔 ‘Revolutionizing human security with ethical brain hacking’ by Anastasia Tretyak
An insightful keynote story from an EY representative.
Very professional integrations of storytelling, supported by relevant visual examples in order to keep the audience hooked.
One of the most memorable performances of Cybersec Europe 2024 for the Cyber Security News team.
@Cyber_Security_Channel
🔎 Marijke Verhavert on the Main Stage with the presentation about “The future of cybersecurity”
Another speaker from the local Belgian Cyber Security environment, on behalf of TomorrowLab, sharing their viewpoints with the Cybersec Europe 2024 audience.
@Cyber_Security_Channel
🎤 Maarten van Wijk opened the Main Stage at 11:00
This introduction kickstarted the second and final day of the Cybersec Europe 2024 Conference.
@Cyber_Security_Channel