Monthly Archives: April 2021
Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs
China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group is a China-linked cyber espionage group that has […]
The SecureDrive® Solution
Comprehensive Tools for Improving Data Security By Sergey Gulyayev, COO, SecureData, Inc. Since 2007, SecureData Inc. has operated on the premise that protecting the world’s most sensitive and vulnerable information […]
Boffins found a bug in Apple AirDrop that could leak users’ personal info
Experts found a bug in Apple’s wireless file-sharing protocol Apple AirDrop that could expose user’s contact information. Boffins from the Technical University of Darmstadt, Germany, have discovered a privacy issue […]
A new Linux Botnet abuses IaC Tools to spread and other emerging techniques
A new Linux botnet uses Tor through a network of proxies using the Socks5 protocol, abuses legitimate DevOps tools, and other emerging techniques. Researchers from Trend Micro have spotted a new Linux botnet […]
Why cybersecurity is a driver for commercial success in 2021
By Laurent Celerier, EVP Technology & Marketing There is no question that COVID-19 has had far reaching and long-lasting impacts on the way people do things, not least the way […]
3 Zero-Day in SonicWall Enterprise Email Security Appliances actively exploited
Security vendor SonicWall has addressed three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products. SonicWall is warning its customers to update their hosted and on-premises email security products to […]
China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors
At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. According to coordinated reports published […]
Patchstack Protects The Web With Community
By Oliver Sild, the co-founder and CEO of Patchstack Web applications today are built with heavy use of open source code – all of which is largely put together by […]
The skills to propel your team’s cyber security defense
By Andrew Loschmann, Chief Operating Officer, Field Effect Advancing your cyber security capabilities as you scale is an obvious need. But if you’re resourced like many infosec departments, either very lean or […]
Gap of The Red Team from The Leak of Fireeye
Use “Imaginary Enemy” methodology to mitigate APT Attack By Jamal Uddin Shaikh, Cybersecurity Architect and Technology Lead , Appxone Introduction Early in the morning, I was pulled up by the […]
IT Security in Organizations After the Pandemic: What’s Next?
By Alan Kakareka, InfoSec consultant to businesses, Demyo inc. The year 2020 has so far represented, the biggest change in the way we live and interact with our environment. After […]
XCSSET malware now targets macOS 11 and M1-based Macs
XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware […]
How to Become Unattractive for Cybercriminals
Map, monitor and manage your attack surface to stay a step ahead By Stijn Vande Casteele, Founder and CEO, Sweepatic All organizations rely heavily on web presence to display their […]
Water After Oldsmar
How to Prevent the Next Attack on Our Water Infrastructure By Josh Cohen, Cyber Director, Economic and Trade Mission at the Embassy of Israel to the U.S. To get a […]
How Zero Trust Networks Can Help Curb IT Burnout
By Stephen Helm, Product Marketing Manager, WatchGuard Technologies Last year was a challenging year for IT teams, and tech workers will continue to feel the mounting burden of maintaining business […]
How to Simplify Zero Trust Adoption
By Bhavya Pathak, Product Marketing Manager, ColorTokens Gone are the days when an organization could trust everything within the four walls of its perimeter. Cloud computing, and accelerating digital transformation […]
A member of the FIN7 group was sentenced to 10 years in prison
Fedir Hladyr (35), a Ukrainian national was sentenced today to 10 years in prison for his role in the financially motivated group FIN7, aka Carbanak. The Ukrainian national Fedir Hladyr […]
Microsoft fixes 2 critical Exchange Server flaws reported by the NSA
Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the NSA. Microsoft patch Tuesday security updates released today have addressed […]
Malware Evasion Techniques
By Stas Gaivoronskii, Malware Analyst at ANY.RUN Cybercriminals create new ways to make malware invisible for detection. They hide malicious indicators and behavior during analysis. Researchers need to know about […]
Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021
An Indian security researcher has published a proof-of-concept (PoC) exploit code for a vulnerability impacting Google Chrome and other Chromium-based browsers. The Indian security researcher Rajvardhan Agarwal has publicly released […]
Cyberattacks could pose a material risk to water and sewer utilities
Fitch Ratings is warning that cyberattacks could pose a risk to water and sewer utilities potentially impacting their ability to repay debt. Fitch Ratings Inc. is an American credit rating […]
Monetising Customer Data Without Their Knowledge Is Unethical and Must Stop By Sridhar Iyengar, MD, Zoho Europe
By Sridhar Iyengar, MD, Zoho Europe Large tech corporations have started turning into surveillance companies, tracking the behaviour of businesses and users who have become heavily reliant on their services […]
This man was planning to kill 70% of Internet in a bomb attack against AWS
The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28), […]
How to provide both a Secure & Seamless Remote Onboarding Experience on a Regula Basis?
By Arif Mamedov, Ph.D., President of Regula Forensics, Inc. Onboarding is like a gateway, where you as a guard can either let the right person in or assure that a […]
More Power, More Responsibility
What the Defense and Intelligence Communities Need to Know About 5G By Brian Green, Senior Vice President, Booz Allen Hamilton With the potential to revolutionize global telecommunications, fifth-generation mobile technology […]
Next Generation Software Fills Some Gaps – But Agencies Still Need Accelerated Visibility and Control of Endpoints
By Boyd White, Director, Technical Account Management, Tanium Endpoint management is critical as agencies try to secure the knowns and unknowns in their IT environments. As cybercriminals become more sophisticated, […]
2021 Cybersecurity Outlook: The More Things Change, The More They Stay the Same
By Nir Gaist, Nyotron, Founder Cybersecurity has gone through many phases over the last few decades. Today, we hear about a new, more volatile-than-the-last attack every day that has the […]
New Cring ransomware deployed targeting unpatched Fortinet VPN devices
Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Threat actors are actively exploiting the CVE-2018-13379 vulnerability in Fortinet […]
Gigaset Android smartphones infected with malware after supply chain attack
A new supply chain attack made the headlines, threat actors compromised at least one update server of smartphone maker Gigaset to deliver malware. The German device maker Gigaset was the victim […]
SAP systems are targeted within 72 hours after updates are released
On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm Onapsis warns. According to a joint study published by Onapsis […]