Stay updated with breaking news from ஜோசப் நியூமன். Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
); //]]>// > By John P. Mello Jr. Mar 16, 2021 6:05 AM PT Malicious online actors used email as their prime vehicle for delivering malware to their victims in the last quarter of 2020, HP and Bromium reported Tuesday. The HP-Bromium Threat Insights Report found that 88 percent of malware was delivered by email into its targets inboxes, many times evading measures at email gateways to filter out the infected correspondence. Ultimately, attackers are taking advantage of the fact that it s normal to share and open documents by email, observed Alex Holland, a senior malware analyst at HP. Finance and IT departments tend to be heavy users of macros to automate business processes, so banning them across the board often isn t a realistic option, he told TechNewsWorld. ....
The Hackers Microsoft says it started tracking the campaign by this North Korean-linked group in mid-2020. The hackers started by building a reputation in the security research community through Twitter by retweeting and posting high-quality security content and other material related to exploit research. The hackers controlled other social media accounts and used these to amplify the other posts, Microsoft says. After building their reputation, the hackers started approaching potential targets on Twitter and LinkedIn, according to Microsoft. The conversations were often seemingly innocuous, asking security questions or talking about exploit techniques, the company says. Attack Techniques Once the hackers contacted researchers about working on a project, they shared Microsoft s Visual Studio integrated development environment tool. That tool included source code for exploiting a vulnerability, as well as an additional Dynamic Link Library file that would be e ....
The sprawling reach of the SolarWinds malware attack, widely attributed to Russia, reignited the debate about appropriate response from private sector organizations to cyberattacks from nation states. (Sergey Pyatakov – Host Photo Agency via Getty Images) The sprawling reach of a malware campaign that hit government agencies and businesses using SolarWinds, and potentially other attack vectors according to recent reports, inspires new questions about appropriate response from private sector organizations. Many enterprises, particularly those in tech and security, have tremendous insight into the workings of their own systems and the intrusions that might occur, which some believe puts them in a particularly unique position to hack back at attackers. Doing so, however, could bring a host of problems. ....
The Biden administration also proposes spending $1 billion for several other cybersecurity and IT initiatives, including: $200 million for the rapid hiring of security experts to work for the Office of the U.S. Chief Information Security Officer as well as the Digital Service unit in the White House; $300 million to fund additional IT projects within the GSA; $690 million for a CISA project designed to improve monitoring and incident response across federal agencies. The proposed new spending on security and IT improvements is in direct response to the SolarWinds supply chain hack, which has affected federal agencies, including the Treasury, Commerce, Homeland Security, Justice and Energy departments, as well as numerous private firms. Biden said earlier the hacking incident reflected a gap in U.S. cybersecurity capabilities (see: ....
President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy ....