How bad bots are targeting the healthcare sector

Credential cracking, or password spraying, is one of the most effective ways for cybercriminals to get access to user accounts. It refers to the brute-force automated cracking, or pairing of usernames and passwords by using sophisticated high-speed bots.

“K” for Kurator, or Catch Me If You Can

On 7 July 2020, Ukraine’s Security Service (SBU) announced it arrested what it called a non-staff GRU operative who had played a crucial role in supervising the so-called Donetsk People’s Republic (DNR) in 2014 and 2015. The detainee was identified only as “Andrey K.”, which could be expanded to Andrey Nikolaevich K. based on the telephone intercepts published by the SBU. The SBU also said that Andrey K. took an active part in the creation of the “Intelligence Department of the DNR”, and served as one of the kurators (handlers) on behalf for the Russian GRU, supervising the DNR’s military commanders in the unrecognized Donetsk “republic”.

SMB Myth Busting: Do smaller organizations face different cyberattacks?

As discussed in last week’s article, there are several myths surrounding the cybersecurity of small and medium sized businesses. One common misconception is that SMBs face different, or fewer, threats than larger organizations. Too often it is assumed that attackers won’t target smaller organizations because there is less pay-off. But is this mentality justified, or does it leave SMBs exposed?

The Robots Microsoft Assigned to Do My Job Can’t Do It

The most important skill in journalism is not fucking up, and in early June, MSN’s new programming algorithm fucked up. MSN UK published a story about the British pop duo Little Mix, mistaking one of the duo’s mixed-race singers for the other. It was an error that would have gone unnoticed 99 times out of 100 prior to the installation of AI programming, but trended vigorously because it came just days after the Guardian reported that 50 editors had lost their jobs to make way for this algorithm, which would handle the bulk of MSN’s programming going forward.

The best WiFi 6 home networking tech to upgrade your setup

Wifi 6 is here – making its way to more and more devices, with a noteworthy inclusion on last year’s flagship iPhone 11 lineup. This next-generation Wifi technology provides faster speeds for transferring data between devices, but more importantly, it also means your system will be better equipped to handle multiple Wifi devices connected at one time, without slowdowns or interruptions – and it can even reduce battery drain in mobile devices.

How Analytic Frameworks Lay the Groundwork for Applying Security Intelligence

July 9, 2020 • The Recorded Future Team

Editor’s Note: Over the next several weeks, we’re sharing excerpts from the second edition of our popular book, “The Threat Intelligence Handbook: Moving Toward a Security Intelligence Program.” Here, we’re looking at chapter 11, “Analytical Frameworks for Threat Intelligence.” To read the entire chapter, download your free copy of the handbook.

Fast User Access to SaaS for Users on Home Wi-Fi

Secure Remote Worker Use Case 1: Ensure Fast, Secure Access to SaaS Platforms

Even before Covid-19 forced the adoption of work-from-home policies across the globe, the workforce had been getting more remote, more distributed, and more dependent on Software as a Service (SaaS) platforms. In turn, organizations have been looking for a new way to protect these remote users from today’s increasingly sophisticated cyberattacks. Phishing attacks remain one of the biggest threats as malicious attackers take advantage of the new normal to trick users into downloading malware or giving up their credentials.

Expert Reaction On Office 365 Users Targeted In SurveyMonkey Phishing Attack

Researchers at Abnormal Security have uncovered attempts to steal Office 365 user credentials on the pretext of conducting surveys among employees. In the campaign, the victim receives an email from a genuine SurveyMonkey site, but the message contains a hidden link, which upon clicking, redirects the victim to a Microsoft form submission page. The user has to submit their Office 365 email and password to proceed. This way, the malicious actors steal the unsuspecting user’s Microsoft account security credentials.