Various departments of the US Government have issued a joint advisory about MedusaLocker ransomware as part of their #stopransomware initiative. #StopRansomware: MedusaLocker | CISA Knowledge of circulating ransomware malware helps all organisations and individuals respond to the threats, when organisations that have been compromised, delay reporting the attacks or even …
Blockchain security
Often it the online processes around blockchain and cyrpto-currencies that are exploited by the threat actors, not the blockchain itself – which remains secure. Following a year of research, a report by Trail of Bits, commissioned by the US Government Defense Advanced Research Projects Agency (DARPA) shows that the blockchain …
Microsoft 365 timeouts to mitigate data leaks
Microsoft 365 administrators can now set a site wide timeout for users. This can be a benefit to mitigate data leakage from unmanaged machines left logged in. Microsoft 365 now prevents data leaks with new session timeouts (bleepingcomputer.com)
Credential stealer
The Raccoon Stealer malware is back with an updated version, with added functionality and capabilities. This malware is offered as malware-as-a-service (mimicking a legitimate business model), enabling less well equipped threat actors to implement sophisticated cyber security attacks. Expect the use of this malware to increase as threat actors, looking for …
Now the ransomware gangs are offering bug bounties
It is an accepted practice for software vendors to offer a bug bounty to people who discover a flaw in their software, and report it to them. The vendor can then, hopefully, fix the vulnerability before a threat actor can exploit it. Now the ransomware gangs are at it – …
Continue reading “Now the ransomware gangs are offering bug bounties”
