From gbhackers.com
Digitial Forensics analysis of USB forensics include preservation, collection, Validation, Identification, Analysis, Interpretation, Documentation, and Presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal.
From 2-spyware.com
When Zzla ransomware payload file is executed on a Windows computer, it immediately uses military-grade coding algorithms to encrypt all personal files stored on the device. Only system files are left unlocked (but heavily modified) so the infected machine could still boot up.
Then the file-locking parasite generates a ransom note, titled _readme.txt, and leaves it on the desktop and in some affected folders. It’s easy to deduct whether this particular strain of Djvu ransomware family infected your device, as all encrypted files are appended with the .zzla extension.
From cyware.com
The Babuk ransomware gang appears to be back in action as it was found targeting and encrypting multiple corporate networks. The recent attack on the Metropolitan Police Department, followed by increased pressure from law enforcement could be the reason behind its exit from the ransomware business.
From securityboulevard.com
oday’s security information and event management (SIEM) solutions are inundated with incoming events and tracking potential threats to network infrastructure. Significant events must be identified and correlated to detect lateral movement and kill chains to signal when an attack has occurred or is in progress.
Given the huge volume of data that must be processed, most SIEM solutions employ “big data” techniques to tackle this challenge. However, using big data to store events in data lakes and process them offline can lead to delays of minutes or hours, giving attackers a key advantage. Is there a way to rethink this software architecture, enhance current techniques and obtain insights fast enough to help interrupt ongoing attacks?
From thehackernews.com
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to run arbitrary code on infected systems.
On Tuesday, the Windows maker issued an emergency out-of-band update to address CVE-2021-34527 (CVSS score: 8.8) after the flaw was accidentally disclosed by researchers from Hong Kong-based cybersecurity firm Sangfor late last month, at which point it emerged that the issue was different from another bug — tracked as CVE-2021-1675 — that was patched by Microsoft on June 8.
From securityaffairs.co
GETTR is a new pro-Trump social media platform created by Jason Miller, a former Trump advisor, the Twitter-like platform suffered a data breach.
The security breach comes a few hours after its launch on July 4.
A threat actor claimed to have scraped the private information of almost 90,000 members by abusing an unsecured API and published it on the RAID hacking forum.
From securityboulevard.com
Cyberattacks on hospitals are rising, and patients are worried. Is my personal data at risk? Could ransomware or hackers effectively shut down the ER near me?
Consider these findings from a March 2021 report by cybersecurity provider Morphisec:
Cybersecurity technology can help protect against threats that target laptops, desktops and the like, but what’s protecting a hospital’s medical devices, which are increasingly connected to a health system’s network? Some medical devices are a gateway into patient data, while others have been shown, in chilling detail, to have vulnerabilities that, when exploited, put patient welfare at risk.