Pentagon Training CMMC Auditors for April
Happy Monday! Last week, Microsoft warned users of a ‘devastating’ cybersecurity threat that is continuing to grow. Microsoft’s threat protection intelligence team stated that “one type of ransomware attack poses a significant and growing threat, particularly to business users, calling it one of the most impactful trends in cyberattacks.” The type of ransomware attack that Microsoft is speaking about is human-operated ransomware. The reason these attacks are so dangerous is because human-operated ransomware targets specific victims. The hackers will already have lots of information on the victim, prior to the attack, and they take advantage of network configuration weaknesses to deploy ransomware payloads.
In other news, the Coronavirus continues to be a common theme in the spread of recent malware. Two of the most common malware campaigns connected to the Coronavirus are a phishing email used to spread Remcos RAT and malware payloads, and the other uses a Microsoft Office document to open a backdoor on a victim’s computer. The phishing email offers a PDF containing information on Coronavirus safety measures. Instead of gaining information on the Coronavirus, downloading the file will execute the malware.
Lastly, the Pentagon just announced that they are hoping to have the first class of auditors to evaluate contractors’ cybersecurity ready by this April. These auditors will be certifying companies under the new CMMC (Cybersecurity Maturity Model Certification). Katie Arrington, CISO for the Office of the Under Secretary of Defense for Acquisition, said that “just because auditors aren’t already working doesn’t mean companies shouldn’t be getting ready.”
That’s all for today! Thank you for tuning in to this week’s segment of “Mondays With Miranda!” Keep up to date with current news by following NeQter Labs on Twitter, Facebook, and LinkedIn. We love comments and questions, so drop me an email firstname.lastname@example.org.