News November 30, 2022

Abuse of Privilege Enabled Long-Term DIB Organization Hack

2 min read - From November 2021 through January 2022, the Cybersecurity and Infrastructure Security Agency (CISA) responded to an advanced cyberattack on a Defense Industrial Base (DIB) organization’s enterprise network. During that time frame, advanced persistent threat (APT) adversaries used an open-source toolkit…

News November 16, 2022

Costa Rica State of Emergency Declared After Ransomware Attacks

2 min read - In late April, after weeks of major ransomware attacks, Costa Rica declared a state of emergency. Newly-elected President Rodrigo Chaves took this measure, usually reserved to deal with natural disasters, to free up the government to react more decisively to…

News November 9, 2022

Ransomware-as-a-Service Transforms Gangs Into Businesses

3 min read - Malware-as-a-Service is getting easier and easier to access, according to a recent threat report. Self-named the ‘Eternity Project’, this cyber threat group offers services from a Tor website and on their Telegram channel. They sell a wide variety of malware…

News November 2, 2022

UK Health System Email Accounts Hijacked to Steal Microsoft Logins

2 min read - Last summer, I noticed password reset notices in my email account that I didn’t send. I quickly realized that I was the victim of an account takeover. This happens when someone illegally gains access to your account, typically through compromised…

News October 26, 2022

LemonDuck Cryptojacking Botnet Targets API Security Gap

2 min read - A recent report reveals the well-known crypto mining botnet LemonDuck can target Docker to secretly mine cryptocurrency on the Linux platform. LemonDuck targets Microsoft Exchange servers to mine crypto, escalate privileges and move sideways in compromised networks. It takes advantage…

News October 19, 2022

CISA: Industrial Attacks Could Remotely Control Devices

2 min read - A joint federal Cybersecurity Advisory warns that certain advanced persistent threat actors can obtain full access to the industrial control system (ICS) and data acquisition (SCADA) devices. These systems, found in nearly every industrial sector, can then fall prey to…

News October 12, 2022

Ransomware Attackers Target U.S. Colleges and Universities

2 min read - U.S. colleges and universities are on high alert for cyberattacks. The FBI issued a warning for higher education in March 2021. Even with universities taking steps, several found themselves victims of BlackCat, also known as the ALPHV group. A Wave…

News October 5, 2022

Hiring and Retention in the Cybersecurity Workforce Remain Difficult

2 min read - According to a new survey, it keeps getting harder to hire and retain a cybersecurity workforce. The ISACA report revealed that 63% percent of surveyed security workers indicate they have unfilled positions. That’s an 8% increase compared to 2021. Meanwhile,…

News September 28, 2022

Texas A&M University Opens Center for Cybersecurity Innovation

2 min read - With the skills gap still impacting cybersecurity, universities look for new ways to prepare their students to succeed in the field. Because many cybersecurity skills are best learned with hands-on projects, students need computer labs designed for innovation in this…

News September 21, 2022

DOE Invests $12M in Cybersecurity Research for Energy Grid

2 min read - In June 2021, CNN asked U.S. Secretary of Energy Jennifer Granholm if U.S. enemies could shut down the power grid. She said they could. Meanwhile, the concern over energy grid attacks has increased with the Russian attack on Ukraine. Attackers…