Tag: check point security
Shoring up SMEs Cyber-Defenses
In an exclusive interview with Cyber Intelligence, CEO and co-founder of cybersecurity firm EyeR, Sean Tsvik, explains what small-to-medium-sized organizations (SMEs) can do to protect their systems and customers’ critical data from increasingly sophisticated cyber-attacks. They should start by using a managed detection and response (MDR) service. That allows medium-sized organizations to protect themselves against increasingly sophisticated cyber-attacks without paying high salaries to in-house cyber experts. MDR services work out costing only a couple of dollars per endpoint and are by far the best starting point for small-to-medium-sized companies looking to strengthen their cyber defenses. Small organizations can also benefit from moving to the cloud as this leaves even fewer endpoints to secure.
AI enables ransomware boom
A new ransomware group, named Funksec, is the latest example of relatively inexperienced cybercriminals using AI to develop weaponized malware. The group claims that over 85 organizations fell victim to its ransomware attacks in December alone, potentially surpassing every other ransomware group in terms of victim numbers. According to Check Point Research: “FunkSec operators appear to use AI-assisted malware development which can enable even inexperienced actors to quickly produce and refine advanced tools…Presenting itself as a new Ransomware-as-a-Service (RaaS) operation, FunkSec appears to have no known connections to previously identified ransomware gangs.”
Copyright infringement scam goes global
Since July of this year, cybersecurity firm Check Point has been tracking an ingenious form of online fraud that is rapidly spreading across the US, Europe, East Asia and South America. The attackers impersonate dozens of legitimate companies, claiming the victim’s organization has infringed their copyright. Weaponized emails, which appear to come from the legal representatives of the impersonated companies, accuse the recipient of misusing their brand on the target’s social media page and requesting the removal of specific images and videos. The phishing emails are typically sent from Gmail accounts and prompt recipients to download an archive file. which then installs the latest version of the Rhadamanthys infostealer stealer (version 0.7) in order to steal critical information from the victim’s organization.
34% of Organizations Lack Cloud Cybersecurity Skills – May 29th
According to a Cado Security report, 34% of organizations lack cloud cybersecurity skills. The report also discloses that 23% of cloud alerts remain uninvestigated due to various challenges and complexities.
Government Vulnerabilities Grow by 151% – January 26th
According to a Bugcrowd report, no other sector saw as much vulnerability growth as the government sector, which saw a 151% surge and a 58% rise in critical vulnerabilities. Following the government sector were the retail (+34%), corporate services (+20%), and computer software (+12%) sectors.
Forty Countries Vow to Not Pay Cyber Ransoms – November 1st
Forty US-allied countries pledged to no longer pay cybercrime ransoms at the second annual meeting of the International Counter Ransomware Initiative. The idea behind the pledge is that as long as ransom is paid to these cyber criminals, it will continue. This initiative would also seek to encourage organizations within the participating countries to focus on improving their cybersecurity infrastructure rather than just folding to these cyber criminals.