CISA shares a catalog of 306 actively exploited vulnerabilities
The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure […]
50% of internet-facing GitLab installations are still affected by a RCE flaw
Researchers warn of a now-fixed critical remote code execution (RCE) vulnerability in GitLab ‘s web interface actively exploited in the wild. Cybersecurity researchers warn of a now-patched critical remote code […]
NATO releases its first strategy for Artificial Intelligence
This week, NATO Defence Ministers released the first-ever strategy for Artificial Intelligence (AI) that encourages the use of AI in a responsible manner. Artificial Intelligence (AI) is changing the global […]
Protecting SMBs from Current Cybersecurity Threats
A Few Small Practices Can Have a Large Impact By Mike Mosher, Director of Technology, Cinch I.T. If you own a small or medium-sized business, you are a target of […]
Making Sure the Lights Don’t Go Out
By Brett Raybould, EMEA Solutions Architect at Menlo Security The ransomware attack on Colonial Pipeline, the largest fuel pipeline in the US has shown just how vulnerable the energy industry […]
58% of all nation-state attacks in the last year were launched by Russian nation-state actors
Microsoft revealed that Russia-linked cyberespionage groups are behind the majority of the nation-state cyber attacks on US government agencies. Microsoft revealed that most of the cyber attacks on US government […]
Modern Times, Old Prejudices
The Hacker Era By Jordan Marcus Bonagura The century of constant acceleration Twenty-first century, more than a century of human evolution and great changes, a century of constant acceleration. Everything […]
Twitch data breach updates: login credentials or card numbers not exposed
An anonymous individual has leaked the source code and data of the popular video streaming platform Twitch via a torrent file posted on 4chan. An anonymous 4chan user has published […]
UK newspaper The Telegraph exposed a 10TB database with subscriber data
The UK media outlet The Telegraph has leaked 10 TB of subscriber data after failing to properly secure one of its databases. The UK newspaper The Telegraph’, one of the […]
How to Close the Security Gap Between Identity and Access Management (IAM) and Shared Accounts
By Maurice Côté, Vice President of Business Solutions, Devolutions For more than half a century, passengers of London’s underground (a.k.a. The Tube) have been warned to “mind the gap” when […]
Threat actors exploit a flaw in Coinbase 2FA to steal user funds
Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw to bypass 2FA authentication. Threat actors have exploited a vulnerability […]
Russia-linked Nobelium APT group uses custom backdoor to target Windows domains
Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Microsoft Threat Intelligence Center (MSTIC) researchers have discovered a new custom […]
Jupyter infostealer continues to evolve and is distributed via MSI installers
Cybersecurity researchers spotted a new version of the Jupyter infostealer which is distributed via MSI installers. Cybersecurity researchers from Morphisec have spotted a new version of the Jupyter infostealer that […]
Black Matter gang demanded a $5.9M ransom to NEW Cooperative
U.S. The farmers cooperative NEW Cooperative was hit by Black Matter ransomware gang that is demanding a $5.9 million ransom. BlackMatter ransomware gang hit NEW Cooperative, a farmer’s feed and […]
Crystal Valley hit by ransomware attack, it is the second farming cooperative shut down in a week
Minnesota-based farming supply cooperative Crystal Valley was hit by a ransomware attack, it is the second attack against the agriculture business in a few days. Minnesota farming supply cooperative Crystal […]
Europol arrested 106 fraudsters, members of a major crime ring
Europol, along with Italian and Spanish police, dismantled a major crime organization linked to the Italian Mafia that focuses on online frauds. Europol, along with law enforcement agencies in Italy […]
Misconfigurations are the biggest threat to cloud security, period
By eSentire There is no doubt that cloud adoption is accelerating at an exponential rate. Whether it’s for business collaboration or to store critical data assets, organizations are increasingly relying […]
Defeat Ransomware with Immutable Backup Data and Encryption
Move beyond traditional security strategies to protect against the two most common types of ransomware threats By Jon Toor, CMO, Cloudian The Director of the FBI recently described ransomware as […]
Cyber EO and Meeting Cloud Modernization Effort
By Stephen Kovac, Vice President of Global Government and Head of Corporate Compliance, Zscaler In wake of recent high profile attacks and an evolving hybrid work environment, agencies are working […]
New CIOs: 5 Key Steps in Your First 100 Days
Getting the first 100 days right is critical to achieving momentum, credibility, and long-term success. By Etay Maor, Senior Director, Security Strategy, Cato Networks Starting off as a new CIO […]
HTML Smuggling: A Resurgent Cause for Concern
By Vinay Pidathala, Director of Security Research, Menlo Security Cybersecurity is never straightforward. While defense techniques, technologies, policies and methodologies continue to evolve at pace, such defenses often trail in […]
Apple fixes actively exploited FORCEDENTRY zero-day flaws
Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild. Apple rolled out security patches to fix a […]
Revil ransomware operators are targeting new victims
Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of […]
New SOVA Android Banking trojan is rapidly growing
SOVA is a new Android banking trojan that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain. Researchers from cybersecurity firm ThreatFabric have spotted in the […]
TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide
The financially motivated TeamTNT hacking group expanded its arsenal with new tools used to target thousands of victims worldwide. Researchers from AT&T Alien Labs uncovered a new campaign, tracked as Chimaera, […]
Microsoft warns of a zero-day in Internet Explorer that is actively exploited
Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs. Microsoft warns of a zero-day vulnerability (CVE-2021-40444) in Internet Explorer […]
Keeping Health Records Safe from Cyber Criminals
By Dexter Caffey, Founder and CEO, Smart Eye Technology The healthcare industry is currently one of the most lucrative targets for hackers. A recent report by a mobile security company […]
Considering Collateral Intrusion in Digital Forensics
Achieving A Balance Between Public Protection and Public Privacy By Alan McConnell, Forensic Advisor, Cyan The importance of digital evidence contained on the personal devices of suspects, victims, and witnesses […]
Combatting Industry Burnout by Building Resilient Security Teams
By Rick McElroy, Principal Cybersecurity Strategist, VMware We have reached a pivotal point in the history of cybersecurity. Catalyzed by the shift to an anywhere-work environment during COVID-19, attack surfaces […]
The Importance of Multi-Factor Authentication and Strong Passwords
Understanding and implementing MFA and strong password protocol. By Jeff Severino, CyberLock Defense, Lockton Affinity The importance of multi-factor authentication and password security is critical. Often, it is your best […]