On November 22, 2021, the Montana-based healthcare provider responded to suspicious activity and “evidence of unauthorized access” to one of the eight file servers used for business operations.
The cyber incident reporting bill would mandate that critical infrastructure operations alert the DHS within 72 hours of a hack and 24 hours if the organization made a ransomware payment.
Cybersecurity agencies released a joint cybersecurity advisory detailing malicious cyber operations by MuddyWater, which has been targeting a wide range of government and private-sector organizations in Asia, Africa, Europe, and North America. Among others, the CISA recommends organizations to use multi-factor authentication on a priority.
Mandiant tracked cybercriminals collaborating under the moniker UNC3313 deploying two new targeted malware to claim victims in the middle east. The group moves quickly to gain remote access by using ScreenConnect to intrude systems within an hour of initial compromise. Furthermore, the security firm has also provided YARA rules to identify malware patterns.
Researchers identified an improved version of the AnchorDNS backdoor, dubbed AnchorMail, being used in Conti ransomware attacks. Post-execution, AnchorMail creates a scheduled task for persistence that runs every 10 minutes. Experts recommend training your employees to spot phishing emails is also a part of an effective strategy.
The chipmaker company launched an investigation into the incident to determine the extent of the intrusion that confirmed that the attackers have stolen data from the chipmaker.
The group, whose members refer to themselves as ‘the Mx0nday’, have targeted the WordPress-hosted sites more than 100,000 times since February 24, when Russian troops officially invaded Ukraine.
The influence operation was terminated in January, prior to the start of the conflict, but at a time when tensions between Russia and Ukraine was rising due to the presence of Russian troops at the border.
The most commonly experienced impact of Log4j was the need for IT and security teams to work over the holidays to assess risk and make critical changes to protect infrastructure and data,
The investment round was led by Evolution Equity Partners and received participation from previous investors, including DNX Ventures, Fusion Fund, Incubate Fund, and J-ventures.