Tag: Cyber
Healthcare Attacks will not Slow Down in 2025 – January 22nd
According to a report by Netwrix, 84% of organizations in the healthcare sector faced a cyber attack in 2024 and predicts this will not slow down in 2025. The report also found that nearly 70% of healthcare organizations have dealt with financial damages brought about by cyber incidents. Additionally, 21% reported a change in leadership due to the attacks last year.
The West braces for massive Russian cyber offensive
Russia is believed to be planning widespread cyber-attacks on the West in part retaliation for Ukraine’s cyber-attack, which recently crippled Russia’s financial services. “In retaliation to NATO support for Ukraine, cyberwarfare coinciding with the ongoing Russia-Ukraine conflict will likely include focused state-level attacks against Western critical and military sectors launched by Moscow’s hacker groups,” says Craig Watt, a consultant specializing in strategic and geopolitical intelligence at cybersecurity firm Quorum Cyber.
Apple enters GenAI marketplace
Apple has joined Google and Microsoft in launching its own generative artificial intelligence (AI) offering, OpenELM. Apple claims that OpenELM, “a state-of-the-art open language model,” will offer users more accurate and less misleading results than its widely criticized competitors. “OpenELM uses a layer-wise scaling strategy to efficiently allocate parameters within each layer of the transformer model, leading to enhanced accuracy,” says Apple. Apple claims that OpenELM exhibits a 2.36 percent improvement in accuracy compared to its initial predecessor OLMo, while requiring half as many pre-training tokens. So far, Apple has delayed offering modern AI capabilities on its devices, but it is expected that the next version of its operating systems will need to include some unique AI features. The launch of iOS 18 is scheduled for June 10.
Raspberry Robin attacks via Windows
Raspberry Robin, a tough-to-detect worm carrying malware and ransomware, is now being delivered via Windows Shortcut Files and Windows Script Files. Researchers at Hewlett Packard (HP) first began to identify the new trend in March of this year. Previously, Raspberry Robin was delivered physically by inserting a weaponized USB stick into a targeted device. But now, this highly effective malware is being delivered via Windows Script Files (WSF), which are widely used by administrators and legitimate software to automate tasks within Windows. The WSF file format supports scripting languages, such as JScript and VBScript, that are interpreted by the Windows Script Host component built into the Windows operating system. It can, however, also be abused by attackers. The Windows Script Files are offered for download via various malicious domains and subdomains controlled by the attackers, which can be distributed via spam or fake online advertising campaigns.
Ransomware gang turns SEC informant
When a top mob boss turns his co-criminals over to the authorities, the US Federal Bureau of Information labels him a ‘stool pigeon.’ Similarly, the AlphaV ransomware gang is turning informer, not on its rivals but on its victims. In what is a likely portent of things to come, the gang has had the nerve to inform on MeridianLink (MLNK) to the United States Securities and Exchange Commission (SEC) for being slow to report a ransomware attack that they themselves had initiated earlier in the month.
Growing diversity in cyber, but still a long way to go
The percentage of ethnic minorities working in cyber in the UK has seen an upward trend over the last three years, although it appears to have plateaued at 22 percent after rising from 16 percent in 2020 to 25 percent in 2022. While the cyber workforce is slightly more diverse than that of the digital sector and UK workforce as a whole, the percentages are still lagging far behind where they should be and the US cyber workforce shows similarly lackluster percentages.
Sextortion scams soar by 178%
Security researchers, ESTET reports a 178% increase in sextortion emails between the first half of 2022 and the first six months of 2023, marking the category out as a top email threat. The company ranks sextortion emails third among all email threats in H1 2023.
Lazarus Group arises with new malware strategy – August 25th
A new malware strain that gives the location of an infected device has been identified. The Hacker News explains that the malware has one operation: 'Every minute it triangulates the infected systems' positions by scanning nearby Wi-Fi Access points as a data point for Google's geolocation API.' Cyber experts aren't yet clear 'who or what' is interested in the location of an infected device or the motives behind why this specific form of malware was produced.
Grip Security raises $41M & Duolingo suffers data leak – August 22nd
Popular language learning app Duolingo saw a bug exploited that resulted in a compilation of account information from over 2.6 million users. According to VX-Underground, the largest collection of malware source code, samples, and papers on the internet, “sending a valid email to the API returns generic account information on the user (name, email, languages studied).” The data collected will be used for Doxxing.
Weak cyber M&A activity shows significant slowdown – August 21st
Crunchbase News reported that “The first seven months of the year saw only 34 cyber startups get acquired,” compared to a high of 123 in 2021 and a significantly reduced 82 last year. Rising interest rates and geopolitical tensions that have already hit the tech sector hard are now clearly putting a damper on M&A activity in cyber.
Too little too late for Interpol
Interpol's latest bust may look like a victory, but critics contend that its approach is outdated, ineffective, and all too often political.
How to speak to an analyst according to a Gartner pro
Gartner is practically as ubiquitous in tech as the usage of the word “transformative,” and cyber companies pointing to its iconic Hype Cycle to brag about market size and potential is commonplace. Yet, for all of Gartner’s brand recognition, there are still decision-makers who aren’t familiar with why they should even consider engaging with the analyst firm, and many others who inherit contracts with little idea of how to make the most of their significant expenditure. That’s why we caught up with Nancy Shapira-Aronovic, of Gartner, who has worked at the company for more than 11 years and currently serves as Senior Business Development Director. She’s based in Israel and is primarily focused on working with the country’s cybersecurity companies which make up one of the world’s largest cyber ecosystems.