Iron Range Cyber
Adaptive Cybersecurity that adjusts to your budget.
05/31/2022
The number of and extortion groups grew by 63.2% in the first quarter of 2022 over the same period the previous year, an increase that inevitably led to more organizations falling prey to activity
LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022 - Security News This report delves into the ransomware threat landscape of the first quarter of 2022, with a focus on the three most successful ransomware families and the types of industries and organizations that were affected by their attacks.
More than half of energy professionals believe cyberattacks on the industry in the near future will result in a loss of life and many companies are not doing enough to protect themselves, according to a recent report.
05/27/2022
The advisory, which is titled “Weak Security Controls and Practices Routinely Exploited for Initial Access”, explains that regularly exploit the poor configuration of systems – whether it be because they’re misconfigured or simply left unsecured in the first place.
Malicious hackers are finding it too easy to achieve their initial access According to a recent report, just a small number of techniques are commonly used by malicious hackers to compromise systems.
05/27/2022
The number one disadvantage of is that they are fairly easy to steal. In the early days of the internet, when almost all communications between computers were unencrypted, passwords were transmitted in plain text.
FIDO passkey: a passwordless future Apple, Google and Microsoft have announced support for a FIDO standard that seeks to replace passwords with passkeys.
05/26/2022
Locks that use Low Energy to authenticate keys are vulnerable to remote unlocking. The research focused on , but the exploit is generalizable.
Bluetooth Flaw Allows Remote Unlocking of Digital Locks - Schneier on Security Bluetooth Flaw Allows Remote Unlocking of Digital Locks Locks that use Bluetooth Low Energy to authenticate keys are vulnerable to remote unlocking. The research focused on Teslas, but the exploit is generalizable. In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to op...
05/26/2022
Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act. The policy for the first time directs that good-faith research should not be charged.
Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act The Department of Justice today announced the revision of its policy regarding charging violations of the Computer Fraud and Abuse Act (CFAA).
05/25/2022
The latest case in point is a malicious package for distributing Cobalt Strike on , , and systems, which was uploaded to the widely used Python Package Index (PyPI) registry for application developers.
Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.
05/25/2022
Compromised credentials and identities, third-party breaches, attacks, and application exploits are all foundational entry points for today’s .
Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments.
05/24/2022
While most malicious email campaigns use Word documents to hide and spread malware, a recently discovered campaign uses a malicious PDF file and a 22-year-old bug to propagate the .
Snake Keylogger Spreads Through Malicious PDFs Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug.
05/24/2022
Chinese hackers have been caught spying on Russian defense institutes.
Chinese hackers caught spying on Russian defence institutes A minimum of two research institutes in Russia and third likely in Belarus have suffered an espionage attack carried out by a Chinese nation-state advanced pers
05/19/2022
When critical infrastructure is essential for continued operations, decision-makers rely on for solutions. IT directors and small businesses need to understand the importance of cybersecurity for their organizations.
5 Steps to Better Critical Infrastructure Cybersecurity - Iron Range Cyber Information and network security provide needed defenses against cyberattacks and other malicious activities for businesses operating in the digital space. Reliance on digital assets requires constant surveillance and maintenance of systems and hardware. IT directors and small business owners who de...
05/19/2022
These features—which have access to the iPhone’s Secure Element (SE), which stores sensitive info–stay on even when modern iPhones are powered down, a team of researchers from Germany’s Technical University of Darmstadt discovered.
iPhones Vulnerable to Attack Even When Turned Off Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.
Click here to claim your Sponsored Listing.