Apple fixes actively exploited FORCEDENTRY zero-day flaws
Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild. Apple rolled out security patches to fix a […]
Revil ransomware operators are targeting new victims
Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of […]
New SOVA Android Banking trojan is rapidly growing
SOVA is a new Android banking trojan that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain. Researchers from cybersecurity firm ThreatFabric have spotted in the […]
Why Your Hospital Network Needs an IoT Security Policy
By Marc Laliberte, Technical Security Operations Manager, WatchGuard Technologies The Internet of Things (IoT) industry has a security problem that has existed since its inception. From the Mirai botnet that […]
Microsoft warns of a zero-day in Internet Explorer that is actively exploited
Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs. Microsoft warns of a zero-day vulnerability (CVE-2021-40444) in Internet Explorer […]
Combatting Industry Burnout by Building Resilient Security Teams
By Rick McElroy, Principal Cybersecurity Strategist, VMware We have reached a pivotal point in the history of cybersecurity. Catalyzed by the shift to an anywhere-work environment during COVID-19, attack surfaces […]
SEC warns of investment scams related to Hurricane Ida
SEC warns of investment scams related to Hurricane Ida The US Securities and Exchange Commission warns investors of potential investment scams that leverages Hurricane Ida as a bait. The US Securities and Exchange […]
Time to Act: How Real-Time Analytics Can Help Stop the Cyber Kill Chain
Access to Real-Time Contextualized Information through In-Memory Computing Can Help Security Teams Spot Evolving Threats Before It’s Too Late By Dr. William Bain, CEO and Founder of ScaleOut Software In […]
New Report Reveals Traditional Anti-Malware Solutions Miss 74% of Threats
By Corey Nachreiner, Chief Security Officer, WatchGuard Technologies The threat landscape is an erratic and ever-evolving beast. While it knows no master, its behavior is broadly directed by the host […]
Gold Optis: Most Innovative and Socially Conscious Technologies at Black Hat
By Olivia Gallucci, Cybersecurity Reporter, Cyber Defense Magazine I interviewed approximately sixty industry leaders from over forty companies who attended Black Hat. Although this article series—The Optis—can be read as […]
T-Mobile data breach could be worse than initially thought, 54 million customers impacted
T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals were impacted. T-Mobile data breach could be worse than initially […]
Evaluating Security Practices in Response to Colonial Pipeline And South Korean KAERI Attacks
Zero Trust and Enforcing the Principle of Least Privilege Have Become Crucially Important. By Garret Grajek, CEO, YouAttest In recent news, we have seen several high-profile attacks on major institutions […]
Vice Society ransomware also exploits PrintNightmare flaws in its attack
Another ransomware gang, the Vice Society ransomware operators, is using Windows print spooler PrintNightmare exploits in its attacks. The Vice Society ransomware operators are actively exploiting Windows print spooler PrintNightmare […]
UNC215, an alleged China-linked APT group targets Israel orgs
China-linked threat actors UNC215 targeted Israeli organizations in a long-running campaign and used false flags to trick victims into believing the attacks was from Iran. A China-linked cyber-espionage group has […]
Conti ransomware affiliate leaked gang’s training material and tools
An affiliate of the Conti RaaS has leaked the training material shared by the group with its network along with the info about one of the operators. An affiliate of […]
Cloud Security Automation: The Fastest Path to Zero Trust
By John Vecchi, CMO, Anitian Zero Trust Security has made its way into the offerings of most enterprise security companies while becoming a critical and new modern architecture adopted by the Department of Defense (DoD) and […]
LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains
A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez […]
No More Ransom helped ransomware victims to save almost €1B
The No More Ransom initiative celebrates its fifth anniversary, over 6 million victims of ransomware attacks recover their files for free saving almost €1 billion in payments. No More Ransom […]
Boosting Morale During Tough Times Will Also Boost Your Security Resilience
By Nir Polak, CEO, Exabeam While 2020 impacted nearly every business, the pandemic was not the only obstacle leaders faced last year. As we begin 2021, it’s important to remember […]
US DoJ indicts four members of China-linked APT40 cyberespionage group
US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. The U.S. Justice Department (DoJ) indicted four members of […]
BIOPASS malware abuses OBS Studio to spy on victims
Researchers spotted a new malware, dubbed BIOPASS, that sniffs victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio. Researchers from Trend Micro spotted a new malware, dubbed BIOPASS, that […]
Biden discussed Russian ransomware gangs with Putin in a phone call
President Joe Biden expressed concerns about ransomware attacks carried out by Russian gangs during a phone call with President Vladimir Putin. The recent wave of ransomware attacks carried out by […]
Morgan Stanley discloses data breach after the hack of a third-party vendor
The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. Investment banking firm Morgan Stanley has […]
Understanding Why Multi-Signal MDR Matters
Cloud adoption, business applications and remote users continue to expand at exponential rates. Your cybersecurity team is fighting a losing battle to keep pace with your business requirements and growing […]
REvil gang exploited a zero-day in the Kaseya supply chain attack
Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply chain attack made the headlines, on Friday the REvil ransomware […]
How Various Flavors of PKI Can Protect and Secure Financial Services Data
By Abul Salek, Director of Product Management, Sectigo How much time and budget does your company allocate to cybersecurity to protect you and your customers’ critical data and private information? […]
New LinkedIn breach exposes data of 700 Million users
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users. A new massive LinkedIn breach […]
New Report Shows Over Two Million Secrets Detected on Public GitHub in 2020 and a 20% growing trend Year-Over-Year.
By Jeremy Thomas, GitGuardian CEO When we started working on GitGuardian’s detection algorithm and got the first detection results, we could not believe it. We were facing a very counterintuitive […]
ChaChi, a GoLang Trojan used in ransomware attacks on US schools
A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies and US schools. Researchers from BlackBerry Threat Research and Intelligence […]
Norway blames China-linked APT31 for 2018 government hack
Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 […]