This week's episode looks at the heavily scrutinized CMMC 2.0, supply chain attacks, more attacks on several business verticals, and a ransomware gang QUITS (really...).

 


Pentagon Unveils CMMC 2.0 Cybersecurity Plans (nationaldefensemagazine.org)

Attack Type:

CS Standards and Regs

What To Know:  The DoD has made a major revision to a cybersecurity standard that impacts 300,000 private businesses who do business with the DoD.

Why You Should Care:  Our strategic competitors are stealing our technology.  The DoD says these changes are intended to strengthen the standard, but they in fact do the opposite.


Supply chain under attack as 'dark' cyber underground peddles sensitive company data | Fox Business

Attack Type: 

Threat actors

What To Know:  Hackers are targeting international shipping companies which make consumer goods readily available to Americans from markets abroad.

Why You Should Care:  The holiday season is right around the corner, and store shelves are half full as it is due to existing supply chain problems.  This could exacerbate the issue.


KdcSponge, NGLite, Godzilla Webshell Used in Targeted Attack Campaign (paloaltonetworks.com)

Attack Type: 

Malicious Logic   Threat actors

What To Know:  A group of highly skilled hackers are using advanced methods to target specific industries across the technology, defense, healthcare, energy and education industries.  CISA and the NSA have declined to reveal the source of these attacks.

Why You Should Care:  These are highly sophisticated attackers interested in several business verticals that could have a direct impact on national security.


BlackMatter ransomware gang is reportedly quitting operation (hackread.com)

Attack Type: (malicious logic, threat actors,)

Malicious Logic   Threat actors

What To Know:  A group of hackers who use ransomware to make money has publicly disclosed their decision to “close shop” due to pressure from law enforcement and evidently, a lack of staff.

Why You Should Care:  These are cybercriminals who make their living by using technology to extort money from their victims.  Being aware of their operations can help you avoid becoming a victim.

News & Updates

Press Release Mechanicsburg, PA, February 15, 2024 — Appalachia Technologies, announced today that CRN®, a brand of The Channel Company, has named Appalachia Technologies to its Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2024.

Contact Us

Learn more about what Appalachia Technologies can do for your business.

Appalachia Technologies
5012 Lenker Street
Mechanicsburg, Pennsylvania 17050