Tag Archive for: 12th

UK ranked 12th as the most cyber secure European country

/in


Indusface found out that the United Kingdom only ranked 12th most cyber secure European countries and the 40th in the global ranking, with an overall cyber security index score of 71.19/100.

The UK has an average of 680 phishing sites and 750 malware hosting sites per 100,000 urls, meaning that the chances of sites being fake or containing malware could be high.

Please find the full data including all countries here.

Top 10 most cyber secure European countries to work from

 

 

Rank Country DDOS  attacksper 100,000 Internet Users Phishing sites per 100,000 urls Malware  hosting sites per 100,000 urls Compromised  computers  per 100,000 internet users  Cyber security index score(/100)
= 1 Finland 79 320 430 47 82.45
= 1 Belgium 314 280 390 11 82.45
3 Austria 175 260 340 137 80.59
4 Switzerland   203 460 470 17 78.09
= 5 Sweden 94 410 390 736 76.31
= 5 Greece 386 370 440 25 76.31
7 Norway 475 340 490 14 75.51
8 France 50 610 850 31 74.92
= 9  Germany 177 480 570 75 73.89
= 9  Estonia 698 540 440 14 73.89

* Total DDOS Attacks were counted between 2015 to 2021. 

**Compromised computers = have been infected with the Gamarue botnetPlease see full methodology below

Indusface found out that Finland and Belgium share the title of the most secure European countries for businesses to allow employees to remotely work from, each with a cyber security score of 82.45 out of 100. 

 

Finland has received the second lowest number of DDOS attacks (79) during 2015 to 2021, only 29 attacks higher than France who has the lowest among the top 10 European countries. This is an important factor for businesses to consider as successful DDOS attacks could block your business sites and bring down all servers and connections you depend on. 

Contributing to Belgium’s top ranking is that it has the  lowest number of compromised computers per 100,000 internet users (11) in the country. Computers that have been infected with the Gamarue botnet open doors to hackers and make it easier for them to take control of your business data and devices. Belgium also has the joint second lowest malware hosting sites among all top 10 European countries, with an average of 390 sites per 100,000…

Source…

Ransomware-hit Rackspace email outage enters 12th day • The Register

/in


There’s no end – or restored data – in sight for some Rackspace customers now on day 12 of the company’s ransomware-induced hosted Exchange email outage.

In the service provider’s most recent update, posted at 0844 Eastern Time on Wednesday, Rackspace said it had hired CrowdStrike to investigate the fiasco, and noted it continues “to make all of our internal and external resources available to provide support to the remaining Hosted Exchange customers.”

Rackspace did not, however, say if or when it expects to recover people’s data that was lost or scrambled when ransomware hit its systems – an attack that took down some of Rackspace’s hosted Microsoft Exchange services on December 2. Since then, affected customers have been unable to get at their data held in the hosted service.

“We understand how important data recovery is to our customers,” Rackspace wrote. “In ransomware attacks, data recovery efforts do necessarily take significant time, both due to the nature of the attack and need to follow additional security protocols. We will continue to keep you updated on these efforts.”

Here’s a flavor of the customer sentiment right now:

The company also claimed to have transitioned more than two thirds of its customers to Microsoft 365, and, as it has in previous updates, Rackspace urged customers to migrate their users and domains to this environment.

“As a reminder, if you have not yet transitioned to Microsoft 365 or have not fully completed the transition, please leverage our support channels by either joining us in chat or by calling +1 (855) 348-9064 (INTL: +44 (0) 203 917 4743),” the update said. “Wait times continue to average less than 30 minutes.”

Some users, however, say it’s much longer. One…

Source…

Jamf unveils a range of new features at its 12th annual conference

/in


Jamf has kicked off its 12th annual Jamf Nation User Conference with more than 11,000 Apple administrators in attendance worldwide.

Jamf now serves more than 57,000 customers and runs on approximately 25 million devices worldwide.

“Over time, we’ve expanded our platform from Apple device management to Apple enterprise management, which we define as the space between what Apple creates, and the enterprise requires,” says Jamf CEO, Dean Hager.

“In doing so, we have a specific vision for the enterprise – a vision to empower individuals with technology that is enterprise-secure and consumer-simple while protecting personal privacy.”

The company says the office no longer limits today’s workforce, and with mobile employees comes an increased need to access resources seamlessly but securely. Some of the features announced include:

Jamf Private Access

Jamf Private Access is a true zero trust network access solution that replaces legacy conditional access and VPN technology, ensuring that business connections are secure after a user authenticates into their device. Jamf Private Access also enables non-business applications to route directly to the Internet or utilise Apple’s new iCloud+ Privacy Relay, preserving end-user privacy and optimising network infrastructure.                                  

Jamf and Google Cloud BeyondCorp enterprise integration 

Jamf announced a new integration with Google Cloud’s BeyondCorp Enterprise to bring device compliance to Jamf Pro and Google admins. This integration helps support and encourage employee choice initiatives by equipping admins with a powerful tool – context-aware access to company resources – by checking a devices management and compliance status with Jamf Pro.

With many organisations not going back to employees in the office full-time, security teams need to focus on protecting company resources when accessed externally. Jamf says with the increasing number of attacks on Apple devices, organisations need an Apple solution to keep users and resources safe, no matter the device they use or where they’re working from.

Jamf Threat Defense

Jamf launched Jamf Threat Defense, a mobile security solution that…

Source…

The Week in Ransomware – February 12th 2021

/in


Trojan

This week we saw another ransomware shut down its operation and a significant attack against Cyberpunk 2077 game developer CD Projekt Red.

Another operation known as Ziggy Ransomware shut down this week and released the decryption keys for victims. This shut down was due to increased concern about law enforcement action after the disruption and arrests in the Netwalker Ransomware operation.

We also saw a major attack against game developer CD Projekt Red from a ransomware group called HelloKitty. During this attack, the threat actors claimed to have stolen the alleged source code for the Witcher 3 and Cyberpunk 2077 games, which threat actors later put up for auction on a hacker forum.

Contributors and those who provided new ransomware information and stories this week include: @fwosar, @BleepinComputer, @jorntvdw, @DanielGallagher, @Seifreed, @serghei, @LawrenceAbrams, @malwrhunterteam, @demonslay335, @Ionut_Ilascu, @FourOctets, @malwareforme, @struppigel, @VK_Intel, @PolarToffee, @JakubKroustek, @M_Shahpasandi, @vxunderground, @BrettCallow, @chum1ng0, @Kangxiaopao. @Amigo_A_, @Intel_by_KELA, and @danusminimus.

February 7th 2021

Ziggy ransomware shuts down and releases victims’ decryption keys

The Ziggy ransomware operation has shut down and released the victims’ decryption keys after concerns about recent law enforcement activity and guilt for encrypting victims.

Telegram post

Albany ransomware attack threatens criminal cases

The 2019 ransomware attack on the city’s servers is now potentially affecting criminal cases after it was revealed that the city police department lost all digital copies of its 2018 internal affairs files.

New DarkWorld ransomware

xiaopao found a new ransomware called DarkWorld that appends the .dark extension and drops a ransom note named import.txt.

DarkWood

New Tortoise ransomware

Danus found the new Tortoise Ransomware that appends the .tortoise extension but does not appear to actually encrypt anything.

February 8th 2021

New DaddyCrypt JCrypt variant

xiaopao found a new JCrypt ransomware variant that appends called DarkWorld that appends the .daddycrypt extension and drops a ransom note named _RECOVER__FILES__.daddycrypt.txt.

February 9th 2021

New Dharma…

Source…