Wednesday, October 27, 2021

You definitely don't want to play: Squid Game-themed malware is here

The stakes may not be as high as in the hit Netflix show, but you could still lose your data or identity if you fail to follow the rules for dodging the latest brand of pop-culture-themed scams.

Phishing attack exploits Craigslist and Microsoft OneDrive

A phishing campaign took advantage of the mail relay function on Craigslist, which allows attackers to remain anonymous, Inky says.

9 key security threats that organizations will face in 2022

Supply chain attacks, misinformation campaigns, mobile malware and larger scale data breaches are just some of the threats to watch for next year, Check Point Software says.

Companies that pay ransomware attackers get thumbs down from consumers

More than half of those surveyed by data management firm Cohesity said that companies that pay the ransom in an attack encourage ransomware and bad actors.

REvil ransomware group reportedly taken offline by multi-nation effort

Law enforcement officials and cyber specialists hacked into REvil's network, gaining control of some of its servers, sources told Reuters.

What to do if your small business is a victim of a cyberattack

Immersed in the throes of a cyberattack is not the time to figure out how to respond. An expert offers suggestions on how to create a company-specific incident-response plan.

Train to qualify for elite positions in the high-demand field of cybersecurity

You don't have to go back to school or blow your budget to train for a career in cybersecurity, which is in high demand right now.

How IT pros can set boundaries and protocols

From managing backups and Linux distributions to troubleshooting hard drive failure and protecting company data, it's easy to see why IT pros are overwhelmed and overworked.

How to digitally sign email in Apple Mail

Adding a digital signature to your email is just one simple step you can take in your journey for more secure communications. Jack Wallen shows you how this is done in the latest version of Apple Mail.

Microsoft bought CloudKnox because hybrid multicloud identity is complicated

Managing passwords and privileged access is bad enough for people—but that's going to be dwarfed by the problem of dealing with non-human identities.

Tech support scams top list of latest phishing threats

Tech support scams work because they try to trick people into believing there's a serious security crisis with their computers, says Norton Labs.

Aruba introduces the industry's first distributed services switch

The new CX 10000 integrates security services, like a firewall, directly into a one-unit network switch deployable anywhere security and other services need to reside.

How to proactively detect and prevent ransomware attacks

Two out of three organizations surveyed by ThycoticCentrify were hit by a ransomware attack over the past 12 months, and more than 80% reportedly opted to pay the ransom.

How to keep your data off the Dark Web

Traditional security solutions are no longer enough to protect your organization from a data breach, Bitglass says.

Top 5 tips for dealing with supply-chain disruptions

Weather events and port issues have caused major disruptions in the global supply chain. Tom Merritt gives us five ways to deal with it.
The Register

China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks

FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…

150 People Arrested in US-Europe Darknet Drug Probe

Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday. read more

Free Tool Helps Security Teams Measure Their API Attack Surface

Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.

SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike

Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.

North Korea's Lazarus Group Turns to Supply Chain Attacks

State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.