Steve Zurier SC Media | Page 5 of 6

Steve Zurier

Most recent articles by Steve Zurier

Corporate VPNs in danger as vishing attacks target home workers

Multiple hacking gangs are preying on remote workforces and corporate VPNs through vishing attacks that are more efficient, dangerous and ubiquitous than ever, prompting the U.S. government to issue both a warning and advice on how to thwart them. “The news has spread throughout the hacker community and multiple groups are now doing this,” said…

SMBs imperiled as low-end RaaS grows more powerful

As Ransomware-as-a-Service (RaaS) has simultaneously grown more powerful and easier to use, just about anyone can launch successful, damaging ransomware attacks on organizations. Small and medium businesses are particularly vulnerable to the widening variety of tactics –from the “spray and pray” favored by Avaddon to the mass-market-based business model used by Dharma RaaS. “The skills…

More attackers trying to sabotage incident response tactics

The security industry needs to become more clandestine in its approach to incident response, making it harder for attackers to know that they are being tracked. At least that’s what researchers concluded in the fifth installment of VMware Carbon Black’s semi-annual Global Incident Response Threat Report, which also focused heavily on the impact of COVID-19…

Five ways to declaw the Meow bot

While the motivation behind the “Meow” bot attacks is unknown, the menace is still out there wiping out open source databases left unsecured on the internet, prompting Elastic to offer clear steps that organizations can take to safeguard their data. The bot came on the scene about two weeks ago when it was reported that…

Tech workforce in defense and aerospace targeted in latest phishing attack

A phishing lure disguised as a legitimate inquiry by a recruiter for a new job opportunity inserts a malicious template into an attached Word document, which then gathers intelligence on the target, usually a highly-skilled technology worker in the aerospace and defense industries. The attack, dubbed Operation North Star, was discovered by researchers in McAfee’s…

electric power

New York, Siemens to develop cyber Center of Excellence for utilities

Recognizing that the electric utility industry needs an industry-specific response to its cybersecurity challenges, the New York Power Authority (NYPA) and Siemens Energy plan to develop a Cybersecurity Center of Excellence that will focus on building practical security tools for small- and mid-sized utilities. Kenneth Carnes, vice president and CISO at NYPA, said many of…

Broadened CIA cyberattack powers put businesses on alert

The greater business community should be on higher alert for cyberattacks by nation-state actors after the report last week that President Trump signed a “presidential finding” around cyberwarfare that gives the CIA broader powers to launch cyberattacks against U.S. adversaries. After all, following the Stuxnet attack by the U.S. in 2009 the Iranians responded not…

New Tycoon ransomware leverages JIMAGE files, steals PII, encrypts Linux and Windows systems

A new strain of ransomware dubbed Tycoon seeks to take advantage of Java Image (JIMAGE) files that are internal to Java and would typically not raise any red flags for administrators and security managers. The discovery was brought to light by the BlackBerry Research and Intelligence Team in partnership with KPMG’s UK Cyber Response Services,…

Next post in Ransomware