Morgan Stanley discloses data breach after the hack of a third-party vendor
The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. Investment banking firm Morgan Stanley has […]
Understanding Why Multi-Signal MDR Matters
Cloud adoption, business applications and remote users continue to expand at exponential rates. Your cybersecurity team is fighting a losing battle to keep pace with your business requirements and growing […]
WildPressure APT expands operations targeting the macOS platform
Researchers from Kaspersky have spotted a new malware used by the WildPressure APT group to targets both Windows and macOS systems. The WildPressure was spotted for the first time in August 2019 […]
The Mobile Attack Pyramid
Identifying Attack Surfaces is Key to Protecting Mobile Applications By David Stewart, CEO, Approov, Inc. A regular pyramid has 5 surfaces, 4 sloping ones and another as its base. In […]
How Various Flavors of PKI Can Protect and Secure Financial Services Data
By Abul Salek, Director of Product Management, Sectigo How much time and budget does your company allocate to cybersecurity to protect you and your customers’ critical data and private information? […]
Linux version of REvil ransomware targets ESXi VM
The REvil ransomware operators added a Linux encryptor to their arsenal to encrypt Vmware ESXi virtual machines. The REvil ransomware operators are now using a Linux encryptor to encrypts Vmware […]
New LinkedIn breach exposes data of 700 Million users
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users. A new massive LinkedIn breach […]
Cybersecurity in Healthcare: Benefits, Examples, and Usage Tips Healthcare cybersecurity framework
By Kate Orekhova, Cleveroad company Health organizations deal with a large amount of sensitive personal information. That’s why they face challenges complying with tightening regulations, and they’re constantly combating increased […]
Five Steps for Safely Migrating your Workloads to the Cloud
Why security in the cloud is a shared responsibility relationship between the infrastructure provider and the customer By Paul Farrall, CISO at Skytap Organizations moving workloads to the cloud must […]
How Our Pharmacy Group Has Readied Secure HIPAA-Compliant WFH Policies
If anticipating a hybrid or remote workforce in the post-pandemic era, here are three best practices to ensure security By Marshall Frost, VP of Corporate Systems, Avita Pharmacy At our […]
All the User Experience, None of The Security?
EU telcos gather a lot of highly sensitive customer information. New research suggests it’s not as well protected as you might think. By Deepika Gajaria, Vice President of Product, Tala […]
In the Midst of COVID-19, We’re Seeing a Pandemic of Cyber Attacks
By Babur Khan, Technical Marketing Engineer – Enterprise Security at A10 Networks In the first quarter of 2021, the COVID-19 pandemic is still wreaking havoc around the globe. The coronavirus […]
New Report Shows Over Two Million Secrets Detected on Public GitHub in 2020 and a 20% growing trend Year-Over-Year.
By Jeremy Thomas, GitGuardian CEO When we started working on GitGuardian’s detection algorithm and got the first detection results, we could not believe it. We were facing a very counterintuitive […]
Three things’ organizations must do to secure “passwordless”
By Jerome Becquart, COO, Axiad The pandemic forced organizations to accelerate their journey to passwordless with secure authentication methods such as multi factor authentication (MFA), as individuals were expected to […]
Threat actors in January attempted to poison the water at a US facility
Threat actors in January attempted to poison the water at a US facility, a circumstance that highlights the importance of cybersecurity for water and wastewater utilities. The news that a […]
Open XDR vs. SIEM
Matching Resources and Business Risk with the Right Solution Gaining visibility and responding to attacks across the entire enterprise infrastructure (endpoints, servers, applications, SaaS, cloud, users, etc.) is a very […]
Norway blames China-linked APT31 for 2018 government hack
Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 […]
UNC2465 cybercrime group launched a supply chain attack on CCTV vendor
UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang, tracked as […]
Manage the Cloud Permissions Gap to Achieve Zero Trust
The Cloud Permissions Gap exposes organizations to highly exploitable risk combined with the inability to implement and manage Zero Trust policies. By Raj Mallempati, CloudKnox Security COO In 2020, when […]
G7 calls on Russia to dismantle operations of ransomware gangs within its borders
The member states of the G7 group have called on Russia and other states to dismantle operations of the ransomware gangs operating within their countries. G7 member states have called […]
Why Ensuring Cyber Resilience Has Never Been More Critical or More Challenging Than It Is Today
By Don Boxley, Co-founder and CEO, DH2i When it comes to optimizing Microsoft SQL Server high availability (HA) and disaster recovery (DR), there’s a strong correlation between greater database transaction […]
A Digital Journey: A Long and Winding Road
How did we build the internet and not secure it? By David Jemmett, CEO and Founder, Cerberus Sentinel Many people are under the impression that the internet is essentially safe […]
Siloscape, first known malware that drops a backdoor into Kubernetes clusters
Siloscape is a new strain of malware that targets Windows Server containers to execute code on the underlying node and spread in the Kubernetes cluster. Researchers from Palo Alto Networks […]
DoJ: Investigations into ransomware attacks must have similar priority as terrorism
The U.S. Department of Justice was to assign investigation on ransomware attacks the same priority as terrorism in the wake of the Colonial Pipeline hack. The U.S. Department of Justice […]
These 2 attacks allow to alter certified PDF Documents
Researchers disclosed two new attack techniques that allow modifying visible content on certified PDF documents without invalidating the digital signature. Researchers from Ruhr-University Bochum have disclosed two new attack techniques, […]
Experts devised a new attack to bypass Microsoft PatchGuard
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug […]
Understanding The Surge in Cyber Extortion
By Jamie Wilson, Founder and Chairman, Cryptoloc Ransomware is on the rise, and it’s not slowing down. Cryptoloc founder and chairman Jamie Wilson explains the perfect storm of conditions that […]
Why A ‘Layers And Lists’ Approach To Cybersecurity Is Doomed To Fail
By Gary Fischer, VP Americas, XM Cyber Why is cyber-defense such an asymmetrical war? Hackers can launch a barrage of attacks on a single target and keep going until they find […]
French intel found flaws in Bluetooth Core and Mesh specs
Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh […]
Zeppelin ransomware gang is back after a temporary pause
Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran, have resumed their […]