COVID 19 | Breaking Cybersecurity News | The Hacker News

"…well, of course!" is what you might think. It's a biological threat, so how could it affect digital assets? But hang on. Among other effects, this pandemic has brought about a massive shift in several technological areas. Not only did it force numerous organizations - that up to now were reluctant - to gear up in cyber to go digital, all at once, oftentimes with hastily pieced together strategies. It also made remote working (and the involved tools) grow in double-digits, causing the good old perimeter (which was already in a questionable state due to cloud adaption) to be basically shattered. The office is now anywhere. And that means access to data needs to be everywhere too.  Keeping all of this in mind, the general assumption was that in the wake of the pandemic we would face a virtual nightmare with vulnerable users, compromised corporate networks en masse and the end of the (digital) world. But let's look at some interesting numbers of what  actually  happ

The Russia-linked threat actor known as APT29 targeted European diplomatic missions and Ministries of Foreign Affairs as part of a series of spear-phishing campaigns mounted in October and November 2021. According to ESET's  T3 2021 Threat Report  shared with The Hacker News, the intrusions paved the way for the deployment of Cobalt Strike Beacon on compromised systems, followed by leveraging the foothold to drop additional malware for gathering information about the hosts and other machines in the same network. Also tracked under the names The Dukes, Cozy Bear, and Nobelium, the advanced persistent threat group is an infamous cyber-espionage group that has been active for more than a decade, with its attacks targeting Europe and the U.S., before it gained widespread attention for the  supply‐chain compromise  of SolarWinds, leading to further infections in several downstream entities, including U.S. government agencies in 2020. The spear-phishing attacks commenced with a COVI

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity. With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people have started relying more on technology and are busy fighting with the pandemic, the attackers now have plenty of options to target them more than ever. According to PWC's April report, the number of security threats to the Indian company doubled in March 2020—especially what's more worrying is a 100% rise between March 17 and 20—from Jan 2020. Sanjay Dhotre, the Union Minister of State for Electronics & Information Technology (MeITY),  said  that India has seen over 350,000 cyberattacks in the second quarter, triple the number of recorded events in the first quarter of 2020. He also highlighted that ther