The investigation strategy proposed by JPCERT/CC covers four types of Windows Event Logs: Application, Security, System, and Setup logs.
Category: Vulnerabilities
How to manage shadow IT and reduce your attack surface
There is a reason why a lot of organizations shy away from people bringing their own devices to work. https://www.bleepingcomputer.com/news/security/how-to-manage-shadow-it-and-reduce-your-attack-surface/
Microsoft warns of ransomware attacks on US healthcare | CSO Online
The threat actor borrowed initial access from a third-party infection to effect lateral movement within the victim system and place INC encryption on their network.
6 things hackers know that they don’t want security pros to know that they know | CSO Online
“Hackers know that the average CISO has a lot on their plates and they don’t have enough [resources] to get everything done.
Unpatchable 0-day in surveillance cam is being exploited to install Mirai | Ars Technica
Akamai said that the attackers are exploiting the vulnerability so they can install a variant of Mirai, which arrived in September 2016 when a botnet of infected devices took down cybersecurity news site Krebs on Security.
Watch out — those movie downloads could actually just be vicious new Windows malware | TechRadar
Be careful when looking for pirated movies online – experts have warners many files are out there just to infect your Windows PCs with dangerous malware and infostealers.
13WMAZ.com: U.S. says Georgia Tech put ‘sensitive government information’ at risk. Here’s why
The lawsuit lists a number of alleged cybersecurity violations, ranging from a lab’s computers not having anti-virus software and the university having essentially “no enforcement” of required cybersecurity regulations.
Protect Your Privacy: How to Blur Your Home on Google Maps – CNET
But for all the good it does, Street View can also be used as a tool for stalkers and criminals. It gives anyone a free ticket to examine parts of your home without actually being there in person.
The cyberattack cycle: First comes outage, next comes phishing
Threat Actors are quick to try to take advantage of tech issues, much in the same way “repair scammers” jump in after storms cause damage at homes. https://www.securityintelligence.com/news/cyberattack-cycle-first-outage-then-phishing/
FBI takes down ransomware gang that hacked dozens of companies | TechCrunch
The FBI said the Radar/Dispossessor group, led by a ringleader named “Brain,” would exploit security flaws in a victim company’s systems, steal vast amounts of data and scramble the company’s data with encryption.