Monthly Archives: November 2021
Experts warn of attacks exploiting CVE-2021-40438 flaw in Apache HTTP Server
Threat actors are exploiting the recently patched CVE-2021-40438 flaw in Apache HTTP servers, warns German Cybersecurity Agency and Cisco. Threat actors are exploiting a recently addressed server-side request forgery (SSRF) […]
SOAR Into More Integrated Cybersecurity
By Josh Magady, Section Manager, Senior Cybersecurity Consultant, and Practice Technical Lead, 1898 & Co. Why is being cybersecurity compliant not the same as preparedness for threats? Shouldn’t compliance mean full […]
The rise of millionaire zero-day exploit markets
Researchers detailed the multi-millionaire market of zero-day exploits, a parallel economy that is fueling the threat landscape. Zero-day exploits are essential weapons in the arsenal of nation-state actors and cybercrime […]
Multicloud Rolls In: Federal IT Professionals Share Insights and Challenges
By Rick Rosenburg, Vice President and General Manager, Rackspace Government Solutions, Rackspace Technology Federal agencies kicked into IT modernization overdrive during the pandemic and, as 2022 approaches, agencies are looking […]
Overcoming the Limitations of VPN, NAC, and Firewalls with Zero Trust Access
During 2020 and 2021, we’ve seen ransomware-as-a-service wreak havoc in the IT supply chain and critical infrastructure. Below we explore how technologies and approaches to help protect organizations from these […]
Why Email Archiving Builds Cyber Resilience
Plus 3 Email Archiving Solutions By Adnan A. Olia, Chief Operating Officer, Intradyn As innovations in technology continue to create new uses across an array of industries, cyber safety has […]
Android.Cynos.7.origin trojan infected +9 million Android devices
Researchers spotted dozens of games on Huawei’s AppGallery catalog containing the Android.Cynos.7.origin trojan. Researchers from Dr. Web AV discovered 190 games on Huawei’s AppGallery catalog (i.e. simulators, platformers, arcades, strategies, and shooters) […]
The 5 Most Common Cyber-Attacks on Mobile Devices In 2021
By Nicole Allen, Marketing Executive, Salt Communications. Many companies are prioritising mobile efforts these days with research suggesting that increased mobility helps businesses enhance their operations and efficiency. Verizon’s 2021 […]
Five Cloud Telephony Security Vulnerabilities That Can Threaten Your Business
The Flip Side of Using Cloud Telephony Services By Sujan Thapaliya, CEO and Co-Founder, KrispCall It is evident that VoIP will be the future of business communications. Historically, it has […]
Utah Imaging Associates data breach impacts 583,643 patients
Utah-based radiology medical center Utah Imaging Associates discloses a data breach that impacted 583,643 former and current patients. Utah Imaging Associates (UIA) discloses a security breach, on September 4, 2021 […]
Securing Today’s Hybrid Remote Workforce
By CISO T.J. Minichillo Work may never be the same again as the world continues to grapple with the global pandemic — pivoting from office-based business environments to fully remote […]
Attackers deploy Linux backdoor on e-stores compromised with software skimmer
Researchers discovered threat actors installing a Linux backdoor on compromised e-commerce servers after deploying a credit card skimmer into e-stores. Security researchers from Sansec Threat Research Team discovered a Linux […]
Get A Great Job in Cyber Security Faster, Here’s How…
Looking for a Hot High Paying Cyber Security Job? Look No Further – Enter CyberDefenseProfessionals.com In the third quarter of 2021, Cyber Defense Media Group, the cybersecurity industry’s leading publisher […]
Iran-linked APT groups continue to evolve
The researchers at Microsoft Threat Intelligence Center (MSTIC) are warning of increasingly sophisticated operations carried out by Iranian threat actors. The Microsoft Threat Intelligence Center (MSTIC) shared the results of […]
New evolving Abcbot DDoS botnet targets Linux systems
Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from Qihoo 360’s Netlab security team have spotted a new botnet, […]
What To Know to Fight Against Cyber Attacks
By Gergo Varga, Senior Content Manager / Evangelist at SEON Cyber attacks have become a part of our reality, not only that we are all constantly getting phishing emails, but […]
Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server
Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email servers of the FBI were hacked to distribute spam email […]
Why The Integration of Netops And Secops Is Here To Stay
By Eileen Haggerty, Sr. Director, Enterprise Business Operations, NETSCOUT The pandemic accelerated digital transformation and increased organizations’ reliance on cloud services, VPNs, and other solutions designed to support remote work. […]
Digital Transformation Security: Guidelines for Success
By Yehudah Sunshine, Head of PR, odix With the workforce going remote and IP existing almost exclusively in the digital domain enterprises, local and federal agencies, and SMBs alike are […]
Sophisticated Android spyware PhoneSpy infected thousands of Korean phones
South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed […]
Ransomware attack disrupted store operations in the Netherlands and Germany
Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Electronics retail giant MediaMarkt was a victim of a ransomware attack that forced […]
Attivo Networks – One Year Later
Dr. Peter Stephenson It’s been a bit over a year since I published my review of Attivo BOTSink and today the company’s product suite does not look at all the […]
New Magecart group uses an e-Skimmer that avoids VMs and sandboxes
A new Magecart group leverages a browser script to evade virtualized environments and sandboxes used by researchers. Malwarebytes researchers have spotted a new Magecart group that uses a browser script […]
Electric Vehicle Charging: The Next Cyberattack Frontier
By Prof. Thomas R. Köhler, Member of the Board of Juice Technology AG The International Energy Agency estimates the global number of electric cars, buses, vans and heavy trucks on […]
You’ve Been Attacked by Ransomware. How Will You Respond?
By Steve Schwartz, director of security, ECI Earlier this year, a ransomware attack on the Colonial Pipeline led to a shutdown of 45% of the East Coast’s fuel supply, 12,000 […]
Guntrader Data Breach: Victims Concerned Over Impact
By Aman Johal, Lawyer and Director, Your Lawyers In July 2021, the details of over 111,000 Guntrader users – which included registered firearm owners – were leaked online after a […]
CISA shares a catalog of 306 actively exploited vulnerabilities
The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure […]
NetOps Enhances Security
Growing numbers of network engineers turn to this IT mindset to address mounting concerns of network safety in an age of hybrid work and edge commuting By Simon Pincus, VP […]
50% of internet-facing GitLab installations are still affected by a RCE flaw
Researchers warn of a now-fixed critical remote code execution (RCE) vulnerability in GitLab ‘s web interface actively exploited in the wild. Cybersecurity researchers warn of a now-patched critical remote code […]
The Top 3 Cyber Security Mistakes and How to Avoid Them
As hacks become more common, organizations have no room for cybersecurity mistakes. By Ivan Paynter, National Cybersecurity Specialist at ScanSource Ransomware cost Americans an estimated $1.4 billion last year, and beyond high-profile hacks […]