After the pandemic, there have been new cyber breaches across the globe. Given the sensitivity of data that is being used daily, it is a must for every business to keep adapting to cybersecurity.
Find the latest cyber news for this week below
Ransomware as a Service (RaaS) is a business model. It is used by ransomware developers, in which they lease ransomware variants in the same way that legitimate software developers lease SaaS products. RaaS gives everyone, even people without much technical knowledge, the ability to launch ransomware attacks just by signing up for a service.
With RaaS evolving into a corporate structure, gangs are looking for negotiators. The role of negotiators is to extort victims into paying the ransom. This has become a trend in the ransomware ecosystem as threat actors expert at the art of negotiation emerge. Apart from negotiating, they manage the pressuring aspect by making calls, conducting DDoS attacks, and threatening to leak sensitive information.
Source Credit: cyware.com
A new report has been published recently which claims that a 0-day backdoor gives remote root shell access on Teradek IP video devices. The Teradek IP video devices are live streaming devices that generally encode video inputs to different streaming formats that are quite competent in Ethernet transport.
The firmware that is being attacked in this 0-day backdoor are mentioned below:-
Till now the security researchers are trying their best to find a proper patch for this attack, however, they have not yet found a proper fix.
But, till now there is no proper way to disable the backdoor and/or change hardcoded keys/passwords. That’s why there is only one way to mitigate it is to add an extra layer of protection to the web interface, as it restricts access to the web interface.
Even the security experts affirmed that they should try out the mitigation, as it will help them to keep themselves safe from this kind of backdoor.
Source Credit: cybersecuritynews.com
Emails are still an effective attack vector as attackers are upgrading their phishing techniques. A report released by Abnormal Security highlights the abnormal rise in brute force attacks as threat actors attempt to gain unauthorized access to email accounts.
Attackers are shifting from the traditional spray and pray technique to more targeted attacks. Successful brute force attacks enable threat actors to gain access to passwords, usernames, and passphrases. Once accessed, jeopardized accounts can be abused for extra attacks on partners, coworkers, and vendors to infiltrate other domains of an organization.
Advanced email threats are expected to continue for a long time in the future because of their success rates. As these attacks don’t possess conventional indicators of compromise, they fly easily under the radar. As threat actors are amping up their techniques, tactics, and procedures, it is time for organizations to move to proactive cybersecurity defense.
Source Credit: cyware.com