In the Midst of COVID-19, We’re Seeing a Pandemic of Cyber Attacks
By Babur Khan, Technical Marketing Engineer – Enterprise Security at A10 Networks In the first quarter of 2021, the COVID-19 pandemic is still wreaking havoc around the globe. The coronavirus […]
Why A ‘Layers and Lists’ Approach to Cybersecurity Is Doomed to Fail
By Gary Fischer, VP Americas, XM Cyber Why is cyber-defense such an asymmetrical war? Hackers can launch a barrage of attacks on a single target and keep going until they find […]
New Report Shows Over Two Million Secrets Detected on Public GitHub in 2020 and a 20% growing trend Year-Over-Year.
By Jeremy Thomas, GitGuardian CEO When we started working on GitGuardian’s detection algorithm and got the first detection results, we could not believe it. We were facing a very counterintuitive […]
Three things’ organizations must do to secure “passwordless”
By Jerome Becquart, COO, Axiad The pandemic forced organizations to accelerate their journey to passwordless with secure authentication methods such as multi factor authentication (MFA), as individuals were expected to […]
Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers
DarkRadiation is a new strain of ransomware implemented in Bash that targets Linux and Docker cloud containers and leverages Telegram for C2. Trend Micro researchers spotted a new strain of […]
Open XDR vs. SIEM
Matching Resources and Business Risk with the Right Solution Gaining visibility and responding to attacks across the entire enterprise infrastructure (endpoints, servers, applications, SaaS, cloud, users, etc.) is a very […]
Why We Care About Cybersecurity Hygiene
By James Opiyo, Senior Consultant Security Strategy, Kinetic By Windstream Maintaining good cybersecurity hygiene habits is just as important as maintaining good personal hygiene habits. We must maintain high cybersecurity […]
UNC2465 cybercrime group launched a supply chain attack on CCTV vendor
UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang, tracked as […]
Why XDR is Not Enough
By Guy Rosefelt, Security CMO, Sangfor Technologies What is XDR? One of the latest trends in cybersecurity is Extended Detection and Response, more commonly known as XDR. Although originally defined […]
G7 calls on Russia to dismantle operations of ransomware gangs within its borders
The member states of the G7 group have called on Russia and other states to dismantle operations of the ransomware gangs operating within their countries. G7 member states have called […]
Avaddon ransomware gang shuts down their operations and releases decryption keys
The Avaddon ransomware gang has shut down its operations and released the decryption keys to allow victims to recover their files for free. Good news for the victims of the […]
Uncovering hidden cybersecurity risks
By Adam Nichols, Principal of Software Security at GRIMM The technology we use and depend upon has critical vulnerabilities in their software and firmware, lurking just beneath the surface of […]
Why Ensuring Cyber Resilience Has Never Been More Critical or More Challenging Than It Is Today
By Don Boxley, Co-founder and CEO, DH2i When it comes to optimizing Microsoft SQL Server high availability (HA) and disaster recovery (DR), there’s a strong correlation between greater database transaction […]
A Digital Journey: A Long and Winding Road
How did we build the internet and not secure it? By David Jemmett, CEO and Founder, Cerberus Sentinel Many people are under the impression that the internet is essentially safe […]
Crypto-mining campaign targets Kubeflow installs on a large scale
Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow […]
Data Loss Prevention in Turbulent Times
By Otavio Freire, CTO & Co-Founder at SafeGuard Cyber Data, the saying goes, is the new oil. This probably understates the case: Not only is data at the core of […]
Rethinking Remote Monitoring and Management: How MSPs Can Put Security First and Better Protect Their Clients
By Ryan Heidorn, Managing Partner, Steel Root For most Managed Service Providers (MSPs), using a remote monitoring and management (RMM) platform to centrally manage their clients’ networks is a foregone […]
Key Business Lessons Learned from The SolarWinds Hack
By, George Waller, CEO of Strikeforce Technologies A full year of disruption by the global pandemic has forced businesses to adapt fast to the shifting remote work realities. This new […]
Siloscape, first known malware that drops a backdoor into Kubernetes clusters
Siloscape is a new strain of malware that targets Windows Server containers to execute code on the underlying node and spread in the Kubernetes cluster. Researchers from Palo Alto Networks […]
StayHackFree – Your Kid’s Sports Team
Your Kids Sports team is better managed than your Cyber Team. By James Gorman, CISO, Authx Your Kid’s Hockey team has better management than your Cyber Security team. Really, I […]
Addressing the Growing Cybersecurity Risks of Cyber-Physical Systems
By Michael Welch, Managing Director, MorganFranklin Cyber Cyberattacks against critical infrastructure and other cyber-physical systems have increased for years. These attacks are particularly concerning because they pose a real threat […]
These 2 attacks allow to alter certified PDF Documents
Researchers disclosed two new attack techniques that allow modifying visible content on certified PDF documents without invalidating the digital signature. Researchers from Ruhr-University Bochum have disclosed two new attack techniques, […]
New Epsilon Red Ransomware appears in the threat landscape
Researchers spotted a new piece of ransomware named Epsilon Red that was employed at least in an attack against a US company. Researchers from Sophos spotted a new piece of […]
Experts devised a new attack to bypass Microsoft PatchGuard
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug […]
DHS announces security measures for critical pipeline industry
The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for critical pipeline owners and operators. The Colonial pipeline incident continues to have a serious impact on the critical […]
French intel found flaws in Bluetooth Core and Mesh specs
Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh […]
Zeppelin ransomware gang is back after a temporary pause
Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran, have resumed their […]
Executive Protection Needs to Include Digital
By Dr. Chris Pierson, Founder & CEO, BlackCloak Major firms and corporations already know full well the risks and dangers inherent to their executives’ security. Executive Protection is an established […]
5 Tips to Building a Cyber-Smart Culture
Building a strong cybersecurity culture in your organization is not only possible, it’s a necessity. With cyberattacks spanning critical infrastructure, SMBs, retail organizations, and commercial businesses alike, addressing cybersecurity with […]
Identity crisis? It’s time to take the holistic approach.
In planning for a secure future hybrid working reality, many IT leaders have reconsidered how they manage the identities on their network. Their workforce now uses new systems and devices, […]