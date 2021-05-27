Cancel
CreatorsPublishersAdvertisers
View more in
Public Safety

Your May 2021 Security Intelligence Roundup: The DarkSide Ransomware Attack, Better Zoom Meetings, and How To Secure OpTech

By Megan Crouse
securityintelligence.com
 6 days ago

Cover picture for the articleGas shortages caused panic after the Colonial Pipeline attack two weeks ago. This highlights how digital attacks can break into the real world in a big way. Specifically, the Colonial Pipeline attack blends crypto-locking data with data exfiltration and extortion, as well as other threats to infrastructure. How did the attackers do it, and what makes them different from other ransomware gangs?

securityintelligence.com
IN THIS ARTICLE
#Infrastructure Security#Endpoint Security#Information Security#Hacking Attacks#Cybersecurity#Data Access#Security Systems#Better Zoom Meetings#Ibm#Xdr#Security Intelligence#Darkside Ransomware#Digital Attacks#Attackers#Crypto Locking Data#Endpoint Attacks#Password Protection#Physical Threats#Automation#Physical Access Points
YOU MAY ALSO LIKE
News Break
Zoom
News Break
Social Security
News Break
Public Safety
News Break
Economy
News Break
Netflix
Related
Public SafetyNetwork World

The Best Defense Against Ransomware Attacks: Protect your Human Attack Surface

The recent Colonial Pipeline attack exposed to the entire nation the daunting threat that ransomware poses to both public and private infrastructure. While gas pumps ran dry and fuel prices spiked, many wondered for the first time how something like this could happen. We in cybersecurity understand all too well. Unfortunately, despite millions spent on security tools and technology over the last decade, the “last mile” of hardening our defenses remains stubbornly difficult to mitigate: human error. The human attack surface is defined as the sum total of people's actions, access, and security controls that impact your organization’s risk. Until we do more to address this unprotected front in cybersecurity, the threat of ransomware incidents equal or worse than Colonial loom large.
Public Safetycisco.com

Adding Data Security in the Age of Ransomware Attacks

News of ransomware attacks has become all too common in this modern age of cyberattacks. Some say it’s not a question of if you’ll be hit by a ransomware attack, but when. Such was the case with Sky Lakes Medical Center. On October 26, 2020, an employee at the medical center clicked on an innocent-looking link to a Google doc delivered in a disguised phishing email. The employee did not know this link pointed to a malicious site that dropped the Ryuk ransomware payload into the medical center’s network and systems.
Industrycampussafetymagazine.com

What The Colonial Pipeline Ransomware Attack Says About Infrastructure Security

The ransomware attack against Colonial Pipeline that sent shockwaves throughout the U.S. economy and jacked up fuel prices across the country is a stark warning that ransomware and other cyberattacks continue to pose a significant threat our critical infrastructure. Cybercriminals were emboldened in 2020 as organizations were dealt an increased...
Oldsmar, FLhackaday.com

This Week In Security: Watering Hole Attackception, Ransomware Trick, And More Pipeline News

In what may be a first for watering hole attacks, we’ve now seen an attack that targeted watering holes, or at least water utilities. The way this was discovered is a bit bizarre — it was found by Dragos during an investigation into the February incident at Oldsmar, Florida. A Florida contractor that specializes in water treatment runs a WordPress site that hosted a data-gathering script. The very day that the Oldsmar facility was breached, someone from that location visited the compromised website.
Public Safetymytechdecisions.com

How To Prevent Critical Infrastructure Business Disruption From Ransomware Attacks

With a renewed focus on preventing and mitigating the impacts of ransomware, the U.S. Cybersecurity and Infrastructure Security Agency has released a new report on the indications of compromise and best practices for preventing business disruption, which a particular focus toward critical infrastructure operators. This comes after Colonial Pipeline was...
Public Safetycyberdefensemagazine.com

How to Prevent Ransomware Attacks On Industrial Networks

Insights into Ransomware attacks, how they spread in industrial networks, and how to prevent them from happening. Since the outbreaks of Wannacry & NotPetya ransomware attacks in 2017, we’ve been witnessing daily occurrences of attacks affecting OT networks that originated on the IT side. The U.S. National Security Agency (NSA) also highlighted this issue for this very simple reason. It works.
Technologyautomation.com

Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works

Nozomi Networks Labs has studied the internals of the DarkSide executable and today we’re sharing our findings to reveal the techniques used by its machine code in three areas: the selection of victims and files, ensuring anonymity and anti-detection, and preventing data restoration. We also provide IoCs and decryption script to help you detect DarkSide.
Schaumburg, ILPosted by
The Associated Press

ISACA Survey: IT Security and Risk Experts Share Ransomware Insights in the Aftermath of the Colonial Pipeline Attack

SCHAUMBURG, Ill.--(BUSINESS WIRE)--May 24, 2021-- In the aftermath of the Colonial Pipeline attack, global IT association and learning community ISACA polled more than 1,200 members in the United States and found that 84 percent of respondents believe ransomware attacks will become more prevalent in the second half of 2021. This...
Public SafetyBirmingham Star

Ransomware Moves from Economic Nuisance to National Security Threat

WASHINGTON - The recent cyberattack on Colonial Pipeline, the operator of the largest petroleum pipeline in the U.S., shows how internet criminals are increasingly targeting companies and organizations for ransom in what officials and experts term a growing national security threat. These hackers penetrate victims' computer systems with a form...
Fraud CrimesNew Scientist

Ransomware attacks are becoming more common – how do we stop them?

On 7 May, hackers forced a major oil pipeline in the US to shut and prompted US president Joe Biden to declare a state of emergency. Within hours of the hack, which started the day earlier, Colonial Pipeline Company paid a ransom of 75 bitcoin – worth $4.4 million at the time – to recover the data being held hostage.
Softwaresecurityboulevard.com

Vulnerability Management is the Key to Stopping Attacks

Vulnerability Management (VM) is the process of proactively finding, evaluating, and mitigating security vulnerabilities, weaknesses, gaps, misconfigurations, and errors in the organization’s IT environment. The process typically extends to the entire IT environment including networks, applications, systems, infrastructure, software and third-party services, among others. Given the high costs involved, organizations simply cannot afford cyber-attacks and data breaches. Vulnerability Management, when properly planned and executed, enables organizations to stop attacks effectively and save millions of dollars.
Marketssecurityboulevard.com

Data Breach at German Supermarket Chain tegut

The German supermarket chain “tegut” was recently the target of a cyberattack (source in German) and on April 24 the company activated emergency procedures that shut down their entire central IT network and disconnected it from the internet. While done to limit the exposure of sensitive data, these measures also had side effects including gaps in their supply chain and other services that lasted for weeks. Despite these mitigation efforts, the attackers have already begun to publish company and customer data on the dark web.
Softwaremsspalert.com

Sumo Logic Unveils AWS Cloud SIEM Solution

Sumo Logic, a security information and event management (SIEM) solutions provider that works with MSSPs, has announced Sumo Logic Cloud SIEM Powered by AWS. The offering integrates Sumo Logic’s compliance, security analytics and cloud SIEM technologies with AWS security services and cloud-based SaaS and on-premises security services, the company said. It provides insights that organizations can use to eliminate security blind spots across multi-cloud and hybrid environments.
Softwaretechxplore.com

Automated detection of security vulnerabilities in cloud applications

Cloud computing is a growing market. But cyberattacks on cloud software systems are on the rise, too, as these applications often contain security vulnerabilities that hackers are able to exploit. CodeShield software—which is produced by the company of the same name—uncovers these vulnerabilities and fixes them using automated methods. CodeShield is a spin-off of the Fraunhofer Institute for Mechatronic Systems Design IEM and the Heinz Nixdorf Institute at Paderborn University.
EconomyMySanAntonio

Coalition Partners With SentinelOne to Protect Customers From Ransomware and Cyber Threats

SAN FRANCISCO (PRWEB) June 01, 2021. Coalition, the leading cyber insurance and security company, and SentinelOne, a leading automated endpoint detection and response (EDR) provider, today announced a partnership to offer a combined solution of best-in-class threat monitoring and cyber insurance to protect organizations from ransomware. The partnership offers customers of both Coalition and SentinelOne financial incentives to adopt EDR solutions and cyber insurance to promote a more holistic risk management strategy.