IT Security in Organizations After the Pandemic: What’s Next?
By Alan Kakareka, InfoSec consultant to businesses, Demyo inc. The year 2020 has so far represented, the biggest change in the way we live and interact with our environment. After […]
Water After Oldsmar
How to Prevent the Next Attack on Our Water Infrastructure By Josh Cohen, Cyber Director, Economic and Trade Mission at the Embassy of Israel to the U.S. To get a […]
How to Simplify Zero Trust Adoption
By Bhavya Pathak, Product Marketing Manager, ColorTokens Gone are the days when an organization could trust everything within the four walls of its perimeter. Cloud computing, and accelerating digital transformation […]
Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021
An Indian security researcher has published a proof-of-concept (PoC) exploit code for a vulnerability impacting Google Chrome and other Chromium-based browsers. The Indian security researcher Rajvardhan Agarwal has publicly released […]
Monetising Customer Data Without Their Knowledge Is Unethical and Must Stop By Sridhar Iyengar, MD, Zoho Europe
By Sridhar Iyengar, MD, Zoho Europe Large tech corporations have started turning into surveillance companies, tracking the behaviour of businesses and users who have become heavily reliant on their services […]
This man was planning to kill 70% of Internet in a bomb attack against AWS
The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28), […]
More Power, More Responsibility
What the Defense and Intelligence Communities Need to Know About 5G By Brian Green, Senior Vice President, Booz Allen Hamilton With the potential to revolutionize global telecommunications, fifth-generation mobile technology […]
The Best Network Protection: Go Deep or Go Broad?
By Albert Zhichun Li, Chief Scientist, Stellar Cyber Almost since the beginning of network security, vendors and practitioners have wrestled with choices between going deep and going broad for their […]
SOCs to Turn to Security Automation to Cope with Growing Threats
Increasingly complex threats, staffing shortages, and rising costs are driving investments in security automation By Chris Triolo, Vice President of Customer Success, FireEye The cybersecurity landscape is becoming ever more […]
CISA is warning of vulnerabilities in GE Power Management Devices
U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns of flaws in GE Power Management Devices that could allow an attacker to conduct multiple malicious activities on vulnerable systems. U.S. Cybersecurity […]
Redefining Digital Risk: 3 Considerations for Your Cybersecurity Strategy in 2021
As we enter a new era of interconnected cybersecurity threats, companies and organizations would be wise to overhaul their entire view of the online landscape in order to be fully […]
China-linked APT31 group was behind the attack on Finnish Parliament
China-linked cyber espionage group APT31 is believed to be behind an attack on the Parliament of Finland that took place in 2020. China-linked cyber espionage group APT31 is believed to […]
Your Vulnerabilities are Making You Miss Your Misconfigurations
IT organizations regularly configure asset discovery tools in ways that leave them open to abuse by attackers; Vendor configuration documentation lacks details on the risk. By Evan Anderson, Director of […]
Why ‘Thinking Small’ Is the Way to Stop Ransomware and Other Cyber Attacks
By Yuval Baron, CEO at AlgoSec, explains why micro-segmentation is one of the most effective methods to limit the damage of attacks on a network On August 15, 2020, the […]
US DoJ indicted the CEO of Sky Global encrypted chat platform
The CEO of the encrypted communications firm Sky Global has been indicted in the US on charges of facilitating international drug trafficking The head of the Canada-based company Sky Global […]
ProxyLogon Microsoft Exchange exploit is completely out of the bag by now
A security researcher released a new PoC exploit for ProxyLogon issues that could be adapted to install web shells on vulnerable Microsoft Exchange servers. A security researcher has released a […]
REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victims
The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. The REvil/Sodinokibi ransomware operators announced that […]
Working from Home? You’re Not Alone
The rise of cyber hacks in an age of remote working – and how to prevent them By Steve Hanna, Embedded Systems Work Group Co-Chair at Trusted Computing Group (TCG) […]
Cyber Defense Magazine nominated Cobwebs Technologies for Its 2021 InfoSec Awards for threat intelligence
By Udi Levy, CEO & Co-Founder at Cobwebs Technologies With a growing number of malicious cyber activities, threat intelligence has become an integral part of many organizations. Most threat intelligence […]
Gootkit delivery platform Gootloader used to deliver additional payloads
The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used […]
T-Mobile customers were hit with SIM swapping attacks
The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after […]
Brave New World: Safari Content Blocking
By Andrey Meshkov, CEO and CTO at AdGuard Content blocking is not a priority for Apple and WebKit. Content blocking in Safari is possible despite all its issues and limitations. […]
Data Risk, Intelligence and Insider Threats
When it comes to securing networks in today’s business environment, the single biggest challenge firms must contend with is that of the insider threat. While the term is typically associated […]
CD Projekt Red game maker discloses ransomware attack
The gaming firm CD Projekt Red, which developed popular games like Cyberpunk 2077 and The Witcher, has disclosed a ransomware attack. The gaming firm CD Projekt Red, which developed popular […]
Credit Cards, Cash and Compliance, Oh My! Eliminating Audit Fatigue in The Financial Services Sector
By Steve Horvath, Vice President, Strategy & Cloud, Telos Corporation When we think of our finances, we think of them as a responsibility – a commitment to ensure payments are […]
5G Security
Towards trustworthy products for resilient networks By David Soldani, CTSO, Huawei Technologies 5G technologies will be applied to many vertical industries and support various usage scenarios, such as applications […]
Operation NightScout: supply chain attack on NoxPlayer Android emulator
Experts uncovered a new supply chain attack leveraging the update process of NoxPlayer, a free Android emulator for PCs and Macs. UPDATE (February 18, 2021): Following the publication of our […]
Emotet Botnet dismantled in a joint international operation
A global operation of law enforcement has dismantled the infrastructure of the infamous Emotet botnet. A global operation of law enforcement, lead by Europol, has dismantled the infrastructure of the […]
Threat actors took over the domain name perl.com and pointed it to an IP address associated with malware campaigns.
Attackers have taken over the official domain name of The Perl Foundation perl.com and pointed it to an IP address associated with malware campaigns. Users are recommended to avoid visiting […]
Cybersecurity Maturity Model Certification (CMMC)
It is not about compliance, or is it? By Carter Schoenberg, CISSP & CMMC Registered Practitioner Vice President – Cybersecurity SoundWay Consulting, Inc. As of the date of this publication, […]