fbpx

Cuba Ransomware Group Used Microsoft Developer Accounts to Sign Malicious Drivers

The ransomware gang was able to use signed malicious drivers to disable endpoint security tools. Microsoft has revoked the certificates. Microsoft suspended several accounts on its hardware developer program that signed malicious drivers used by a ransomware group called Cuba to disable endpoint security tools. The driver certificates have been Read more…

New Royal Ransomware Group Evades Detection With Partial Encryption

The tactics used by the Royal ransomware group allow for fast and stealthy encryption and share similarities with the defunct Conti group. A new ransomware group dubbed Royal that formed earlier this year has significantly ramped up its operations over the past few months and developed its own custom ransomware Read more…

Ransomeware: It’s Coming for Your Backup Servers

Compromised backup servers can thwart efforts to restore damage done by ransomware and give attackers the chance to extort payments in exchange for keeping sensitive stolen data secret. Backup and recovery systems are at risk for two types of ransomware attacks: encryption and exfiltration – and most on-premises backup servers are Read more…

Rackspace’s ongoing Exchange outage caused by security incident

https://www.bleepingcomputer.com/news/technology/rackspace-ongoing-exchange-outage-caused-by-security-incident/ American cloud computing services provider Rackspace says an ongoing outage affecting its hosted Microsoft Exchange environments and likely thousands of customers was caused by a security incident. The list of impacted services includes MAPI/RPC, POP, IMAP, SMTP, ActiveSync, and the Outlook Web Access (OWA) interface used to access the Hosted Exchange instance Read more…

8 Things to Consider Amid Cybersecurity Vendor Layoffs

Cybersecurity vendor layoffs raise several issues for CISOs and customers, not the least of which are security- and risk-related factors. Here are 8 things to consider if your security vendor has announced significant staff cuts. 2022 has been a heavy year for layoffs in the technology sector. Whether due to Read more…

How Remote Working Impacts Security Incident Reporting

Security teams must update their security incident reporting policies and processes to account for remote work or risk exposure to increased threats. The ability for employees to work remotely comes with many benefits, from better work-life balance to lower expenses to higher productivity. But a widely dispersed workforce can pose Read more…

Offboarding Processes Pose Security Risks as Job Turnover Increases: Report

Research from YouGov finds that poor offboarding practices across industries including healthcare and tech are putting companies at risk, including for loss of end-user devices and unauthorized SaaS application use. Organizations across multiple industries are struggling to mitigate potential risks – including loss of end-user and storage devices as well Read more…