Monthly Archives: March 2021
ProxyLogon Microsoft Exchange exploit is completely out of the bag by now
A security researcher released a new PoC exploit for ProxyLogon issues that could be adapted to install web shells on vulnerable Microsoft Exchange servers. A security researcher has released a […]
Closing the Cybersecurity Skills Gap: SOAR with definitive evidence
By Michael Morris, Director of Global Business Development, Endace We’ve all read the news and seen the stats, so it comes as no surprise that SecOps teams are incredibly short-staffed […]
The fire in the OVH datacenter also impacted APTs and cybercrime groups
The fire at the OVH datacenter in Strasbourg also impacted the command and control infrastructure used by several nation-state APT groups and cybercrime gangs. OVH, one of the largest hosting […]
Protect Your Organisation Against the Threat of Magecart – The Steps Towards Mitigation
By Pedro Fortuna, CTO, Jscrambler Magecart has certainly garnered mainstream media attention over the last couple of years. Perhaps it’s the high profile nature of many of their targets (British […]
Hackers stole data from Norway parliament exploiting Microsoft Exchange flaws
Norway parliament, the Storting, has suffered a new cyberattack, hackers stole data by exploiting recently disclosed Microsoft Exchange vulnerabilities. Norway ‘s parliament, the Storting, was hit by a new cyberattack, […]
CMMC – Lessons Learned to Date
By Carter Schoenberg, Vice President of Cybersecurity at SoundWay Consulting. In the January issue of Cyber Defense Magazine, my first article provided an introduction to the Cybersecurity Maturity Model Certification […]
The Best Network Protection: Go Deep or Go Broad?
Combining Breadth and Depth Brings Full Protection By Albert Zhichun Li, Chief Scientist, Stellar Cyber Almost since the beginning of network security, vendors and practitioners have wrestled with choices between […]
Apple fixes CVE-2021-1844 RCE that affects iOS, macOS, watchOS, and Safari
Apple released out-of-band patches to address a remote code execution, tracked as CVE-2021-1844, that affect iOS, macOS, watchOS, and Safari web browser. Apple has released out-of-band security patches to address […]
3 SaaS Backup Rules to Keep Your Data Safer in 2021
By Dmitry Dontov, CEO and Chief Architect of Spin Technology In the wake of the global pandemic, organizations of all types and sizes have pivoted to cloud resources to accommodate […]
UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign
Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched network-attached storage […]
Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA
The European Banking Authority (EBA) disclosed a cyberattack that resulted in the hack of its Microsoft Exchange email system. The European Banking Authority announced that it was the victim of […]
Combating Evolved Cyber Threats Starts With Knowing Where You Stand
by Rob Simopoulos, Co-Founder, Defendify IT professionals are entrusted to recommend methods to help strengthen overall data protection. But for many, it might be difficult to lead the charge toward […]
REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victims
The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. The REvil/Sodinokibi ransomware operators announced that […]
Overcoming ‘Work from Home’ Security Challenges Security Beyond the VPN
By Krupa Srivatsan, Director, Cybersecurity Product Marketing at Infoblox With the remote working trend on the rise due to the COVID-19 pandemic, many IT managers and corporate leaders have naturally […]
Working from Home? You’re Not Alone
The rise of cyber hacks in an age of remote working – and how to prevent them By Steve Hanna, Embedded Systems Work Group Co-Chair at Trusted Computing Group (TCG) […]
Call the Doctor! mHealth Apps are Exposing Medical Records
By George McGregor, VP of Marketing, Approov A new report by Knight Ink, sponsored by Mobile API Security firm Approov describes how thirty leading mHealth applications were tested and everyone […]
Detecting Privilege Escalation
By Garret Grajek, CEO, YouAttest During the first half of 2020 alone, over 36 billion records were exposed through various data breaches, with the FBI reporting an increase of 300% […]
Four zero-days in Microsoft Exchange actively exploited in the wild
Microsoft released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day flaws. Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, […]
Cyber Defense Magazine nominated Cobwebs Technologies for Its 2021 InfoSec Awards for threat intelligence
By Udi Levy, CEO & Co-Founder at Cobwebs Technologies With a growing number of malicious cyber activities, threat intelligence has become an integral part of many organizations. Most threat intelligence […]
Attivo Networks Launches ADAssessor for Continuous Visibility to Active Directory Security Exposures
Attivo Networks, the leader in lateral movement attack detection and privilege escalation prevention, has expanded its Active Directory (AD) protection suite of products with a new and innovative way to […]
Gootkit delivery platform Gootloader used to deliver additional payloads
The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used […]
Security and Remote Management: What Is the Market Looking Like as We Head Towards 2021?
By Gil Pekelamn, CEO, Atera For many IT professionals and managed service providers (MSPs), remote management has always been part of the deal. Especially in this generation’s global economy, service […]
Making the Most of Virtual Cybersecurity Events for your Company and the Community
By Trevor Daughney, VP, product marketing, Exabeam With the pandemic and shutdown orders still in full effect in many regions worldwide, moving in-person events to virtual experiences is the reality […]
EU leaders aim at boosting defense and security, including cybersecurity
During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security. During the recent video conference of the […]
T-Mobile customers were hit with SIM swapping attacks
The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after […]
When Businesses Get Hacked- Who Are the Victims?
This article looks into who the victims are when an organization comes under attack. By Nicole Allen, Marketing Executive, SaltDNA. Cyber-attacks occur every two and a half minutes, according to […]