Tag Archive for: summer

Novel malware attacks were up 70% during summer 2023

/in


Over the summer, double extortion became the standard operating procedure for ransomware gangs, BlackBerry reports.

This growth in novel malware attacks shows that hackers are diversifying their tactics and tools to bypass security measures, “especially those used in legacy, signature-based solutions,” BlackBerry reported. Credit: Bigstock

New malware attacks were up 70% during the summer, according to a Global Threat Intelligence report from BlackBerry Ltd., which noted growth in novel malware attacks shows that hackers are diversifying their tactics and tools to bypass security measures, “especially those used in legacy, signature-based solutions.”

The company claimed its AI-powered cybersecurity tools stopped approximately 26 cyberattacks and 2.9 unique malware samples per minute from June-August 2023. For comparison, the period stretching March-May 2023 saw an average of 1.7 unique malware samples per minute, while December 2022-February 2023 saw an average of 1.5 malware samples per minute.

During the period, finance, health care, government and critical infrastructure were the most targeted industries.

Many of the attacks against the finance industry, which includes banks, insurance companies and cryptocurrency exchanges, leveraged previously deployed malware. BlackBerry noted this is a common tactic in widespread cybercrime campaigns.

“In the financial services industry, the process of approving software updates and applying patches often follows a lengthy hierarchical chain, which can be time consuming for IT staff,” the report authors noted. “This extended approval process exposes the systems and data to the unpatched vulnerabilities for longer periods of time, giving bad actors a window of opportunity to take advantage of these flaws.”

Source…

High-profile summer attacks linked to same aggressive ransomware group

/in


The threat group behind some of the most high profile, identity-based cyberattacks this year is also “one of the most dangerous financial criminal groups” currently in operation, Microsoft researchers said in a Wednesday report.

The group, which Microsoft identifies as Octo Tempest and other researchers identify as Oktapus, Scattered Spider and UNC3944, uses multiple forms of social engineering to gain access to organizations’ infrastructure, steal corporate data and extort victims for ransom payments, according to Microsoft Threat Intelligence.

The collection of young, native English-speaking threat actors, which was initially observed in 2022 and affiliated with the ransomware-as-a-service operation ALPHV or BlackCat in mid 2023, has claimed responsibility for major attacks against MGM Resorts, Caesars Entertainment and Clorox in the past few months.

Microsoft researchers said similar social-engineering techniques resulted in attacks against four Okta customers’ environments in late July and August.

While those attacks directly targeted Okta customers for the initial point of intrusion, a more recent string of attacks against Okta customer environments occurred when a threat actor used a stolen Okta support system administrator credential to access authentication tokens for customers, including BeyondTrust, Cloudflare and 1Password.

The report also pointed to the group’s recent focus on VMware ESXi servers, virtualization infrastructure lacking security tools which have been hit by a spree of attacks this year.

The threat actors are responsible for wide-ranging campaigns using adversary-in-the-middle techniques, social engineering and SIM swapping. Industries most recently targeted for extortion include gaming, hospitality, technology, financial services, managed service providers and manufacturing, according to Microsoft.

“The well-organized, prolific nature of Octo Tempest’s attacks is indicative of extensive technical depth and multiple hands-on-keyboard operators,” Microsoft Threat Intelligence said in the report.

Microsoft joins other threat researchers in describing the group as prevalent, highly…

Source…

GenCyber: NSA sets up summer camps to teach kids to hack

/in



Steve Kelman finds the normally secretive agency’s camps an intriguing way to offer a taste of cybersecurity careers to middle and high school students.

Source…

Cybersecurity summer – University at Buffalo

/in


BUFFALO, N.Y. —  In a world gone digital, 42 tech-savvy teens came together for a free week of hands-on cybersecurity activities at the University at Buffalo’s GenCyber camp.

This year’s camp, held from June 27 to July 1, marked the return to an in-person event for the first time since 2019. The COVID-19 pandemic sidelined the program in 2020, and it was held virtually in 2021.

The goal of GenCyber is to encourage students to pursue career opportunities in cybersecurity, a profession that’s growing in demand as government agencies, businesses and other organizations face growing cyberthreats.

“Professionals with computer security skills are in high demand, making the field an attractive career option,” says David Murray, clinical professor of management science and systems in the UB School of Management. “As data breaches continue to regularly make headlines, the students who learn these skills will have better career options and will be prepared to effectively navigate our world of rapidly evolving technology.”

Each day, a capacity crowd of middle and high school students from 19 area schools learned about a wide range of cybersecurity topics.

The campers heard presentations from industry professionals, built a computer network using credit-card-sized Raspberry Pi computers and defended the network from a simulated cyberattack.

They also learned about Google hacking, HTML, encryption, web servers, system administration, computer virtualization and best practices for passwords.

Students who successfully completed the camp received a certificate of achievement at an awards presentation Friday afternoon.

GenCyber is presented by the UB School of Management, the UB School of Engineering and Applied Sciences, and the Center of Excellence in Information Systems Assurance Research and Education (CEISARE) at UB, with sponsorship from the NSA, the National Science Foundation and businesses.

Students who successfully completed UB’s 2022 GenCyber camp are:

Spencer Brace of Amherst High School; Abigail Smith and Olivia Smith of Buffalo Seminary; Siddharth Honwad and Emma Zhang of Casey Middle School; Etienne Bohlen, Duncan Schiff, Tristan Tortora, Sebastian Wick-Panek and Casey…

Source…