"MoonPeak," a newly discovered Remote Access Trojan (RAT) family, has been linked to the North Korean threat group "UAT-5394." Cisco Talos research shows that this sophisticated malware, based on the open source "XenoRAT," is actively being developed to avoid detection and improve functionality.
Join us for the 2024 National Cybersecurity Education Colloquium (NCEC) in St. Louis, Missouri from October 7-10, 2024. The main goal is to tackle the increasing need for cybersecurity education, training, and workforce development in the nation. Please be aware that ELF participation is by invitation only and subject to approval. Reserve your spot by registering now! The registration deadline is September 17, 2024, at 11:59 p.m. ET.
The Rowdy Datathon is a weekend-long, overnight event focused on data science where students can network, learn about data science, code, and collaborate! Team up with other students to tackle a data science challenge for a chance to win prizes!
Attend workshops, mini events, socials, and network! Attendance is FREE and all meals, snacks, and drinks are provided. We welcome students from all disciplines, backgrounds, and technical levels!
Class action litigation claims administration firm Arden Claims Service recently started notifying about 139,000 individuals that their personal information was stolen during an October 2023 data breach. The incident was discovered on October 17, when the firm noticed unusual activity in an email account. During an investigation, the company found that a third party “acquired certain data without authorization on or about October 3”.
According to security researchers at Malwarebytes, most ransomware attacks now occur between 1 am and 5 am to catch cybersecurity teams off guard. To compound the challenge for network defenders, the researchers claimed it takes less time than ever to complete the entire ransomware attack chain, from initial access to encryption. The researchers noted that it used to take weeks to work through all these steps to conduct a successful ransomware attack, but now it takes only hours.
According to security researchers at Barracuda Networks, more than a fifth (21%) of ransomware attacks targeted healthcare in the past 12 months, up from 18% in the previous year. The researchers analyzed 200 reported ransomware incidents from August 2023 to July 2024 during the new study. The researchers also found that local government municipalities are also a highly targeted sector, at 17%. Ransomware incidents affecting the education sector fell from 18% in 2022-23 to 9% in 2023-24.
The Remote Authentication Dial-In User Service (RADIUS) protocol, a widely used security protocol dating back to the days of dial-up Internet, has been found to contain vulnerabilities that leave many networked devices exposed to an attack and enable an adversary to gain control of traffic on an organization's network.
"Hacks & Hops is an information security event series hosted by FRSecure. A far cry from your average IT conference, Hacks & Hops features engaging talks from industry-leading experts, bringing security professionals together to learn and network over food and craft brews."
According to Abnormal Security, threat actors are using popular file-hosting or e-signature solutions to trick victims into revealing private information or downloading malware. A file-sharing phishing attack involves a cybercriminal posing as a familiar colleague, file-hosting solution, or e-signature solution and sending a malicious email with a link to what seems to be a shared file or document. Clicking on the link starts the second phase of the attack, which may involve stealing login credentials or infecting the target's device with malware.
Joseph K. Nwankpa, Miami University Associate Professor of Information Systems and Analytics, points out that default privacy settings are a potential risk to user privacy. As a cybersecurity scholar, he finds that many apps' privacy settings can often increase the vulnerability of end users to data exposure despite appearing to enable privacy. According to Nwankpa, these apps intentionally have complicated default privacy settings that make the user's information more public than private. Users are often unaware of the additional steps required for optimal privacy settings.