Hybrid Models and Ransomware – A Marriage Made in ????

The new model as companies reopen after the pandemic is a hybrid, some days in the office and some days working from home. But working from home is not as secure as working in the office and ransomware attackers know that and have been taking advantage of it with ransomware attacks growing significantly.

 

Hybrid models more susceptible to ransomware


Ransomware Payments Trigger Repeat Attacks; Cybereason Research Shows

Paying the ransom is not the end of the problems. It meant a second ransomware attack for 8 out of 10 companies. 

 

Paying a Ransom gives the key and another attack


Required MFA Is Not Sufficient for Strong Security: Report

Multi-Factor Authentication, MFA, has been publicized as much more secure than passwords alone. And it is. But only if deployed properly. Hackers have already found ways to bypass MFA in badly implemented cases. 

 

MFA only effective if done right


Your Pricey Peloton Has Another Problem For You To Sweat Over

Hackers have compromised the expensive exercise bikes commandeering the camera and microphone to spy on users. Adding to the problems, apps can be added that are infected and controlled by the hackers. 

 

Peloton's Watching and Listening to You


Kaspersky Details Iranian Domestic Cyber-Surveillance Operation

Security research firm Kaspersky found an Advanced Persistence Threat actor that has been operating in Iran with cyber surveillance of at least 6 years. The malware was designed to be used in Iran on services popular in Iran. 

 

Iranian Attackers Conduct Domestic Surveillance


Cyber Insurance Won’t Cover Everything

Cyber insurance is still necessary, but coverage is expected to change. AXA will no longer cover ransomware payments for companies in France. This trend is expected to spread. 

 

Cyber Insurance getting more restricted


WordPress Discloses Critical Zero-day in Fancy Product Designer Plugin

A vulnerability in Fancy Product Designer, a WordPress plugin installed on over 17,000 websites has been discovered and is being actively exploited. 

 

WordPress plugin being exploited

 


Chinese Hackers Using Previously Unknown Backdoor

A new backdoor has been discovered in Windows systems. It collects live data from the compromised system. This malware has been broken down into parts that individually appear harmless making it difficult to detect. 

 

New Windows backdoor discovered


Processor Morphs Its Architecture to Make Hacking Really Hard

From the good news department, researchers developed a computer processor that changes its architecture on the hopes of foiling many types of attacks.

 

New Architecture Morphs to defeat hacking


Ransomware Attack Hits Nantucket, Martha's Vineyard Ferry Service

Nantucket and Martha’s Vineyard are two islands off the coast of Massachusetts that are major tourist spots. This attack is designed to coincide with the start of the tourist season, a major source of income to the islands. 

 

Ransomware hits tourist ferry service


Tools Alone Are Not The Answer

Everyone has at least one tool on their computer. Yet breaches continue. Why? Cyber protective tools are necessary but are only one part of a holistic cyber protection plan. 

 

Tools alone are not the answer

 


Vulnerable Protocols Leave Firms Open to Further Compromises

Many companies are using old software with major vulnerabilities. Companies may keep systems facing the internet up to date, but internal systems are something else. A recent survey showed outdated protocols in use at 9 out of 10 companies. 

 

Out-of-date internal protocols aid cybercriminals

 


Firms Struggle to Secure Multi-cloud Misconfigurations

The move to the cloud was accelerated by the pandemic as way to cope with changing workloads, more remote users and other changes. It did help in many ways. In that rush cyber protections were missed resulting in breaches or information left visible without the need for a breach.   

 

Multi-Cloud environments add to cyber vulnerabilities

 


Application Attacks Spike as Criminals Target Remote Workers

The rapid transition to the cloud due to the pandemic imposed Work from Home shift gave rise to another major shift; cybercriminals’ focus on remote workers and their additional vulnerabilities. 

 

Remote Workers Targeted by Cybercriminals


CNA Financial Pays $40 Million in Ransom After Cyberattack

Companies of all sizes are vulnerable to ransomware. The $40 million ransom shows the size of the ransom gets bigger as the victim size gets bigger. 

 

CNA Pays $40 Million Ransom