Entries by govanguard

Fresh APT Harvester Reaps Telco, Government Data

A previously unseen advanced persistent threat (APT) group dubbed Harvester by researchers is attacking telcos, IT companies and government-sector targets in a campaign that’s been ongoing since June. According to a Symantec analysis, the group sports a veritable cornucopia of advanced and custom tools, and it’s on a quest to carry out espionage activities in […]

Source

Lyceum APT Returns, This Time Targeting Tunisian Firms

The Lyceum threat group has resurfaced, this time with a weird variant of a remote-access trojan (RAT) that doesn’t have a way to talk to a command-and-control (C2) server and might instead be a new way to proxy traffic between internal network clusters. Kaspersky’s Mark Lechtik – senior security researcher at the company’s Global Research […]

Source

Feds Warn BlackMatter Ransomware Gang is Poised to Strike

Federal authorities are warning businesses to shore up cybersecurity defenses as it carefully monitors the reemergence of the DarkSide ransomware gang, believed responsible for the crippling Colonial Pipeline attack in May 2021. The ransomware-as-a-service gang has regrouped under the moniker BlackMatter, according to a joint advisory posted Monday by the Cybersecurity and Infrastructure Security Agency […]

Source

United States: Recasting a Boilerplate Provision

It was dicta that launched a thousand provisions. In a 2010 decision adjudicating the leadership structure of counsel representing the plaintiff stockholder class challenging a controller stockholder merger, Vice Chancellor J. Travis Laster of the Delaware Court of Chancery proposed that “if boards of directors and stockholders believe that a particular forum would provide an […]

Source

Time to Build Accountability Back into Cybersecurity

In the age of remote work — where hybrid teams work out of offices, houses and coffee shops using a multitude of devices — presents challenges in terms of understanding who’s responsible for ensuring proper cyber-hygiene across the perimeter-less footprint. Suffice it to say that cybersecurity has become a massive headache for many organizations. It’s […]

Source

Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?

A month ago, the FBI, CISA and the U.S. Coast Guard Cyber Command (CGCYBER) warned that state-backed advanced persistent threat (APT) actors are likely among those who’d been actively exploiting a critical flaw in a Zoho-owned single sign-on and password management tool since early August. At issue was a critical authentication bypass vulnerability in Zoho […]

Source