https://www.scmagazine.com/topic/distributed-workforce
SCM feed for Distributed Workforce
2024-03-29T14:26:36+00:00
https://files.scmagazine.com/logo/scm-horizontal-white-with-resource.png
Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved
tag:www.scmagazine.com:post,681058
Why cyber hygiene requires curious talent - Clea Ostendorf - ESW #355
2024-03-28T17:42:04-04:00
Adrian Sanabria
https://www.scmagazine.com/contributor/adrian-sanabria
Katie Teitler-Santullo
https://www.scmagazine.com/contributor/katie-teitler
2024-03-28T00:00:00-04:00
tag:www.scmagazine.com:post,709550
Apple ID ‘push bombing’ scam campaign hits cyber startup founders
2024-03-27T16:11:56-04:00
Laura French
https://www.scmagazine.com/contributor/laura-french
<p>Attackers trigger hundreds of password reset prompts in an attempt to take over iCloud accounts. </p>
2024-03-27T16:08:30-04:00
(Credit: CDPiC - stock.adobe.com)
tag:www.scmagazine.com:post,709522
Rockwell Automation posts advisories on 10 new bugs
2024-03-27T15:11:51-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>CISA encouraged security teams handling industrial control systems to review and mitigate the Rockwell Automation bugs.</p>
2024-03-27T14:19:02-04:00
(Adobe Stock)
tag:www.scmagazine.com:post,709414
Germany: Vulnerable internet-exposed Microsoft Exchange servers prevalent
2024-03-27T09:21:56-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Nearly 17,000 internet-exposed Microsoft Exchange servers across Germany were confirmed by the country's Federal Office for Information Security, or BSI, to have significant security issues, reports BleepingComputer.</p>
2024-03-27T09:21:51-04:00
tag:www.scmagazine.com:post,709411
Massive TheMoon bot campaign hits outdated routers, IoT devices
2024-03-27T09:18:59-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Attacks with an updated TheMoon botnet variant have impacted more than 40,000 end-of-life small office and home office routers and internet of things devices across 88 countries during the first two months of 2024, while the botnet's latest campaign earlier this month facilitated the compromise of over 6,000 Asus routers in less than three days, Security Affairs reports.</p>
2024-03-27T09:18:52-04:00
tag:www.scmagazine.com:post,699165
Third-Party Risk Management - BEC Compromises and the Cloud - Michael Swinarski - CSP #167
2024-03-28T15:36:10-04:00
Todd Fitzgerald
https://www.scmagazine.com/contributor/todd-fitzgerald
2024-03-26T10:00:00-04:00
tag:www.scmagazine.com:post,709069
Raspberry Pi exploited by novel GEOBOX tool
2024-03-26T07:37:44-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Stealthier attacks have been facilitated by threat actors through the utilization of several strategically positioned internet-connected GEOBOX devices.</p>
2024-03-26T07:37:39-04:00
tag:www.scmagazine.com:post,709080
New Tycoon 2FA PhaaS kit examined
2024-03-26T07:33:53-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Microsoft 365 and Gmail accounts have been increasingly targeted with attacks leveraging the new Tycoon 2FA phishing-as-a-service kit.</p>
2024-03-26T07:33:49-04:00
tag:www.scmagazine.com:post,709067
Novel MuddyWater phishing campaign hits Israel
2024-03-26T07:28:37-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Attacks commenced with the delivery of malicious emails with PDF attachments linking to file-sharing site-hosted documents, which when opened fetches an MSI installer-containing ZIP archive that prompts Atera Agent installation.</p>
2024-03-26T07:28:23-04:00
tag:www.scmagazine.com:post,708894
StrelaStealer malware hits more than 100 EU and US organizations
2024-03-25T14:25:06-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>Security pros say StrelaStealer uses control flow obfuscation — a technique that lets the threat actor better evade detection and reverse engineering.</p>
2024-03-25T14:24:21-04:00
The StrelaStealer malware has been updated to avoid detection. (Adobe Stock)
tag:www.scmagazine.com:post,708881
Cryptographic key theft likely with new side-channel attack against Apple chips
2024-03-25T12:25:15-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>BleepingComputer reports that threat actors could leverage the novel GoFetch side-channel attack to facilitate the exfiltration of secret cryptographic keys from devices running on Apple M1, M2, and M3 processors.</p>
2024-03-25T12:25:10-04:00
tag:www.scmagazine.com:post,708874
Massive StrelaStealer malware campaign hits US, Europe
2024-03-25T12:13:07-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>More than 100 organizations in the U.S. and Europe have been subjected to a far-reaching StrelaStealer malware attack campaign aimed at exfiltrating email account credentials that peaked from late January to early February, BleepingComputer reports.</p>
2024-03-25T12:13:02-04:00
tag:www.scmagazine.com:post,708424
Apple lawsuit: US officials say iPhone ‘monopoly’ undermines security
2024-03-21T18:09:24-04:00
Laura French
https://www.scmagazine.com/contributor/laura-french
<p>The antitrust suit disputes Apple’s position that its restrictive ecosystem protects users.</p>
2024-03-21T18:08:21-04:00
tag:www.scmagazine.com:post,708188
Mounting AceCryptor malware attacks target Europe
2024-03-21T06:42:28-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Organizations across Europe have been subjected to a deluge of attacks involving AceCryptor malware as part of campaigns that sought to exfiltrate email and browser credentials during the second half of 2023.</p>
2024-03-21T06:42:24-04:00
tag:www.scmagazine.com:post,707968
More countries join international spyware combating effort
2024-03-20T12:03:24-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Ireland has been a notable addition to the alliance being the headquarters of U.S.-sanctioned spyware firms Intellexa Limited and Thalestris Limited, while the inclusion of Japan and South Korea would help expand the partnership in Asia.</p>
2024-03-20T12:03:18-04:00
tag:www.scmagazine.com:post,707885
Document publishing sites leveraged in phishing attacks
2024-03-20T07:10:56-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Digital document publishing sites have been exploited by threat actors to facilitate new phishing attacks that better bypass email security controls.</p>
2024-03-20T07:10:51-04:00
tag:www.scmagazine.com:post,707886
NetSupport RAT distributed in novel phishing campaign
2024-03-20T07:10:04-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Intrusions commence with the delivery of salary-themed phishing emails with a Microsoft Word attachment.</p>
2024-03-20T07:09:59-04:00
tag:www.scmagazine.com:post,707679
Earth Krahang campaign compromised government servers in 23 countries
2024-03-19T11:29:50-04:00
Simon Hendery
https://www.scmagazine.com/contributor/simon-hendery
<p>The newly discovered China-linked APT group abused trust between governments.</p>
2024-03-19T11:15:45-04:00
The China-linked group Earth Krahang attacked allies of governments after compromising infrastructure. (Adobe Stock)