Tag: Cyber Threats

Iran cited as growing threat in cybersecurity landscape

In the new Accenture Cyber Threatscape Report 2018, Iran is cited as an emerging player in the cyberattack space. The cybersecurity firm’s iDefense threat intelligence team says it has seen a “significant” uptick in not only cyberattacks but also cyberespionage campaigns launched by hackers in the country.

During the first half of 2018, Accenture says attacks emerging from Iran grew and this trend is likely to continue. The researchers say that state-sponsored attacks, in particular, have increased — and together with hacktivists in the country, they represent a “disruptive or destructive cyberthreat against the United States, Europe, and the Middle East.”

Read more about the findings of the new report by Accenture on ZDNet.

TSMC says it recovers 80 percent of capacity after virus shuts down plants

Semiconductor manufacturer TSMC said that it has recovered about 80 percent of its equipment hit by a computer virus last Friday. TSMC, which makes the processors that power Apple’s iPhone, had to shut down its fabrication plants due to the virus outbreak.

The company said it expects a full recovery on Aug. 6. In a statement, TSMC said it “contained the problem and found a solution.” According to the company “This virus outbreak occurred due to misoperation during the software installation process for a new tool.”

Read more about the virus outbreak at chipmaker TSMC, which supposedly did not lead to data integrity and confidential information being compromised, on ZDNet.

4 Reasons Why Companies Are Failing at Incident Response

The cybersecurity threat landscape continues to evolve and expose companies in all sectors to breaches. In 2018 alone, a diverse range of companies have been victimized.

Not only are threats escalating in scope and sophistication, new smart technologies — particularly those leveraging the Internet of Things — can add fuel to the fires that security staff need to fight. These are often not fully tested for security flaws, which create hard-to-defend gaps for companies trying to proactively defend and protect their networks and assets. In addition to prevention becoming increasingly difficult, many organizations are also failing at incident response.

Read about the four main reasons why organizations struggle to detect, contain, and remediate threats, on DarkReading.

Every Week Is Shark Week in Cyberspace

Your odds of being attacked by a shark are zero if you never venture into the ocean — which is far lower than the odds of being cyber hacked even if you never go online. After all, you could still become a victim of identity theft without ever wading unto Internet waters.

The point is this: Fear the cyber shark far more than the great white, tiger, or bull shark, whose majesty was celebrated this week during the Discovery Channel’s Shark Week, as it has every year since 1987. So, what can Shark Week teach us about cybersecurity?

Read about four cybersecurity areas to focus on in honor of Shark Week to protect your data, identities, and credentials, on DarkReading.

Risks grow, yet security is still an afterthought in many IoT strategies

Trend Micro released survey findings that show businesses are most concerned about losing customer trust in the event of an Internet of Things related cyber attack, however they remain unprepared. The survey, which was issued to 1,150 IT and security decision makers across the globe, indicates major discrepancy between the investment in IoT systems and security to protect them.

As the growing number of connected devices opens businesses up to additional cyber threats, close to half (43%) of IT decision makers and security decision makers say that security is an afterthought when implementing IoT projects.

Read more about the findings of the new survey by Trend Micro on Help Net Security.

ERP security warning as hackers step up attacks on systems

The US Department of Homeland Security has warned businesses of the growing risk of attackers targeting enterprise resource planning (ERP) systems. An alert posted by the United States Computer Emergency Readiness Team (US-CERT) warned that attackers are seeking to exploit vulnerabilities in ERP systems to access sensitive information.

ERP systems make an appealing target for hackers, as they run business-critical processes and house sensitive corporate information, which can be used for cyber espionage, sabotage, and fraud.

Read more about the US DHS warning that threat actors are looking to target ERP systems on ZDNet.

Ransomware Infection Cripples Shipping Giant COSCO’s American Network

A ransomware infection has crippled the US network of one of the world’s largest shipping giants —COSCO (China Ocean Shipping Company). “Due to local network breakdown within our America regions, local email and network telephone cannot work properly at the moment,” said the company in a press release. “For safety precautions, we have shut down the connections with other regions for further investigations.”

But while the company described the incident as a “network breakdown,” according to internal emails seen by several maritime news sites [12], the company referred to the incident as a ransomware infection.

Read more about the ransomware attack on shipping giant COSCO’s American network on BleepingComputer.

8 types of malware and how to recognize them

People tend to play fast and loose with security terminology. However, it’s important to get your malware classifications straight because knowing how various types of malware spread is vital to containing and removing them.

Read a concise malware bestiary covering Viruses, Worms, Trojans, Hybrids, Ransomware, Fileless malware, Adware and Spyware, with basic advice for finding and removing malware when you’ve been hit, on CSO.

Banking malware finds new life spreading data-stealing trojan

The group behind a notorious banking trojan have expanded their operations are are now offering to deliver other forms of malware on behalf of other attackers. The Mealybug hacking operation has been active since at least 2014 and is known for its custom-built Emotet trojan, a form of self-propagating malware which has mostly targeted banking customers across Europe.

But now Mealybug has changed its approach to cyber crime, with a shift towards using Emotet as a way for other groups to steal information with the US by far the biggest market for this malicious activity, accounting for 90 percent of detections.

Read more about the evolution of Emotet from banking trojan to distributor of threats for other malicious actors, which has been detailed by researchers at security company Symantec, on ZDNet.

Cybersecurity rundown: The 5 most critical threats to businesses in 2018

In the midst of businesses becoming GDPR compliant, cybersecurity measures have moved from purely technical, to political, according to a new report from AlienVault. The company surveyed 900 security professionals at the Infosecurity Europe 2018 conference to gain insight into the current state of cybersecurity threats.

Some 56% of respondents said they believe that cybersecurity is becoming a political pawn. This shift indicates that cybersecurity isn’t only infiltrating personal lives, but society as well. However, data issues like GDPR compliance shouldn’t be the only focus for businesses.

Read about the top five cybersecurity concerns for professionals in 2018 on TechRepublic.