From itproportal.com
A small but steadily growing group of the UK’s workforce is permanently home-based – according to UK government, the figure is around 1.8 million, compared to 800,000 a decade ago, with a further 2.7 million working in different locations, but from a home base, compared with around 28 million people who work away from their homes, in offices, shops and factories.
From securityaffairs.co
Indian COVID-19 vaccine manufacturer Dr. Reddy’s Laboratories was hit with a cyber attack that forced it to shut down its plants in Brazil, India, Russia, the U.K., and the U.S..
According to The Economic Times the company suffered a data breach.
The Indian company is the contractor for Russia’s “Sputinik V” COVID-19 vaccine, recently the Drug Control General of India (DCGI) gave it the authorization to enter Phase 2 human trials.
According to the BBC, the phone lines at the company’s UK sites in Cambridgeshire and Yorkshire were down.
From securityboulevard.com
Netlogon allows the domain controller to authenticate computers and update passwords in the Active Directory. This feature is particularly vulnerable to this flaw because it allows hackers to impersonate any computer in the company’s network and change the password, even with two-factor authentication. Using Netlogon, hackers are able to change the domain controller’s password, gaining administrative access and taking control of the network.
From malware.news
The Windows operating system contains a lot of system processes that are present every time we boot our machines. These processes are responsible for a lot of things. From initialization and creating the user interface to loading the necessary drivers and DLL’s.
It becomes a must for threat hunters to know what is the normal behavior of these processes. Such as the parent child relationship between them and the number of instances that should be present on a machine or user instance.
Today we’ll discuss these processes and provide an overview that’ll help every threat hunter in his journey (hopefully).
From securityonline.info
This is the repository containing Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques, and procedures (TTPs) and their associated detection properties. These definitions can then be compiled into:
From deepinstinct.com
Since the outbreak of COVID-19, plenty of COVID-19 themed malware attacks have surfaced around the globe. Attackers take every chance they get to spread their malware, and the pandemic has given them ripe opportunities.
Based on data from D-Cloud, Deep Instinct’s Threat intelligence, and telemetry cloud environment, the number of attacks has overall risen. This is particularly seen in the number of malicious executables and Office documents, which are commonly used to deliver the former. We believe this to be linked to an increase in malware attacks and malicious activity during the pandemic. Our data is consistent with trends seen elsewhere, which also point to an increase in attacks since the beginning of the pandemic. For example, the amount of malicious Office documents, which were seen in the first half of 2020, is greater by 62% than the amount of the same type of files, which were seen in the first half of 2019. The increase correlates with waves of COVID-19 phishing attacks, which commonly use this type of file. A comparison for the same time periods in 2019 and 2020, shows the number of malicious executables went up by 40%.
From securityaffairs.co
Researchers this week observed Emotet attacks employing a new template that pretends to be a Microsoft Office message urging the recipient to update their Microsoft Word to add a new feature.