Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Credit to Author: BrianKrebs| Date: Tue, 31 May 2022 19:57:58 +0000

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.

Read more

Threat profile: RansomHouse makes extortion work without ransomware

Credit to Author: Jovi Umawing| Date: Tue, 31 May 2022 20:53:40 +0000

RansomHouse, a new extortion group, distances itself from ransomware. However, it seems like it had ties to ransomware groups in the past.

The post Threat profile: RansomHouse makes extortion work without ransomware appeared first on Malwarebytes Labs.

Read more

Runescape phish claims your email has been changed

Credit to Author: Christopher Boyd| Date: Tue, 31 May 2022 20:08:04 +0000

We take a look at a Runescape-themed phishing mail targeting players of the smash MMORPG title, and explain how they steal the data.

The post Runescape phish claims your email has been changed appeared first on Malwarebytes Labs.

Read more

Windows 11: Should you bypass the hardware block?

Credit to Author: Susan Bradley| Date: Tue, 31 May 2022 12:55:00 -0700

If you’re like most PC users, your current computer can’t run Windows 11. Microsoft has placed a line in the hardware sand to ensure that only modern machines with certain specifications that harden security can run Windows 11. 

Well, sort of. The company provides a workaround, as I’ll discuss in a moment. Whether you should take advantage of this loophole to upgrade PCs (whether yours or your users’) to Windows 11 is the question.

First, if you want to know if a computer can run Windows 11, you can use the PC Health Check app, Microsoft’s diagnostic tool. But if your PC doesn’t support Windows 11, Microsoft’s app doesn’t do a great job of explaining why. Instead, I recommend using either the Windows 11 Requirements Check Tool from ByteJams.com or WhyNotWin11, available on Github. Both tools provide granular detail about why a machine won’t run Windows 11. On my personal laptop at home, for instance, the processor can’t support hardware for hypervisor enforced code integrity, nor does Windows 11 like the graphics display.

To read this article in full, please click here

Read more

Why Industry 4.0 must think more like Apple

Credit to Author: Jonny Evans| Date: Tue, 31 May 2022 12:16:00 -0700

For industrial applications, the Internet of Things risks becoming the Internet of Thieves. Perhaps industries making use of connected solutions should take a leaf out the Apple book and lock down their infrastructure.

What the ethical hackers say

As digital processes become deeply embedded across every industry, it makes sense that industrial control systems were tested at this year’s Pwn2Own contest. Hackers were asked to seek out vulnerabilities in industrial software and systems.

Contest winners Daan Keuper and Thijs Alkemade found that once they managed to break into the IT networks used at these companies, it was “relatively easy” to then cause havoc with systems and equipment.

To read this article in full, please click here

Read more

FBI warns of education sector credentials on dark web forums

Credit to Author: Christopher Boyd| Date: Tue, 31 May 2022 17:24:50 +0000

The FBI warns of education sector credentials being placed for sale on the dark web. We take a look at the risks involved.

The post FBI warns of education sector credentials on dark web forums appeared first on Malwarebytes Labs.

Read more

Streamlining employee onboarding: Microsoft’s response to the Great Reshuffle

Credit to Author: Emma Jones| Date: Tue, 31 May 2022 13:00:00 +0000

Verifiable credentials may help improve employee experience, an important factor HR and IT business leaders must pay attention to as expectations evolve.

The post Streamlining employee onboarding: Microsoft’s response to the Great Reshuffle appeared first on Microsoft Security Blog.

Read more

Secure access for a connected world—meet Microsoft Entra

Credit to Author: Emma Jones| Date: Tue, 31 May 2022 13:00:00 +0000

Identity is not just about directories, and access is not just about the network. Security challenges have become much broader, so we need broader solutions. We need to secure access for every customer, partner, and employee—and for every microservice, sensor, network, device, and database.

The post Secure access for a connected world—meet Microsoft Entra appeared first on Microsoft Security Blog.

Read more