A financially-motivated threat actor notorious for its cryptojacking attacks has leveraged a revised version of their malware to target cloud infrastructures using vulnerabilities in web server technologies, according to new research. Deployed by the China-based cybercrime group Rocke, the Pro-Ocean cryptojacking malware now comes with improved rootkit and worm capabilities, as well as harbors new…
Read more
Come gestire il data breach: le regole nelle Linee guida EDPB
L’EDPB con le nuove linee guida sulla gestione del data breach offre un utile vademecum per far fronte alle violazioni dei dati: il documento include casi concreti di attacchi ransomware, per esempio verso ospedali o trasporti pubblici, e spiega in che modo comportarsi. https://www.agendadigitale.eu/sicurezza/privacy/privacy-come-gestire-il-data-breach-le-regole-nelle-linee-guida-edpb/ EDPB guidelines on examples regarding data Breach
Read more
Hacker lasciano in piena vista le credenziali di rubate attraverso una campagna di phishing.
Dal noto blog di Checkpoint Cyber-crime is a complex landscape, but when it comes to actually launching cyber-attacks, there are three main techniques that criminals have relied on for decades to help them get around organizations’ defenses and into their networks: phishing, credentials theft and business email compromise. According to Verizon’s Data Breach Investigation Report, these…
Read more
NIST – Data Integrity Recovering from Ransomware and Other Destructive Events
Executive Summary Data integrity attacks have compromised corporate information including emails, employee records, financial records, and customer data. Destructive malware, ransomware, malicious insider activity, and even honest mistakes all set the stage for why organizations need to quickly recover from an event that alters or destroys data. Businesses must be confident that recovered data is…
Read more