NetOps Enhances Security
Growing numbers of network engineers turn to this IT mindset to address mounting concerns of network safety in an age of hybrid work and edge commuting By Simon Pincus, VP […]
50% of internet-facing GitLab installations are still affected by a RCE flaw
Researchers warn of a now-fixed critical remote code execution (RCE) vulnerability in GitLab ‘s web interface actively exploited in the wild. Cybersecurity researchers warn of a now-patched critical remote code […]
The Top 3 Cyber Security Mistakes and How to Avoid Them
As hacks become more common, organizations have no room for cybersecurity mistakes. By Ivan Paynter, National Cybersecurity Specialist at ScanSource Ransomware cost Americans an estimated $1.4 billion last year, and beyond high-profile hacks […]
Trojan Source attack method allows hiding flaws in source code
Researchers devised a new attack method called ‘Trojan Source’ that allows hide vulnerabilities into the source code of a software project. Trojan Source is a new attack technique demonstrated by […]
5 Recommendations to Prevent Man in the Middle Attacks (MITMA’s) within the Financial Sector.
MITMA’s stands for Man in The Middle Attacks, and is the term used to describe one the oldest but still exceptionally popular forms of attack. In this attack, a hacker […]
Making Sure the Lights Don’t Go Out
By Brett Raybould, EMEA Solutions Architect at Menlo Security The ransomware attack on Colonial Pipeline, the largest fuel pipeline in the US has shown just how vulnerable the energy industry […]
Trustwave released a free decryptor for the BlackByte ransomware
Trustwave’s SpiderLabs researchers have released a free decryptor for the BlackByte ransomware that can allow victims to recover their files. Researchers from Trustwave’s SpiderLabs have released a decryptor that can […]
Why NDR? See the Entire Elephant in the Room
By Aimei Wei, Chief Technical Officer (CTO) and Founder Network detection and response (NDR) has a long history, evolving out of network security and network traffic analysis (NTA). The historical […]
Olympus US was forced to take down computer systems due to cyberattack
Olympus US was forced to take down IT systems in the American region (U.S., Canada, and Latin America) following a cyberattack. The medical technology giant Olympus was forced to shut […]
Modern Times, Old Prejudices
The Hacker Era By Jordan Marcus Bonagura The century of constant acceleration Twenty-first century, more than a century of human evolution and great changes, a century of constant acceleration. Everything […]
How to Close the Security Gap Between Identity and Access Management (IAM) and Shared Accounts
By Maurice Côté, Vice President of Business Solutions, Devolutions For more than half a century, passengers of London’s underground (a.k.a. The Tube) have been warned to “mind the gap” when […]
5 Steps to Protect Your Organization from the Next Ransomware Attack
By Paul Kohler, CTO, S3 We have witnessed the largest ransomware attacks in history in the first half of 2021 alone. From SolarWinds to CNA Financial Corp, Colonial Pipeline, JBS […]
Apple fixes actively exploited FORCEDENTRY zero-day flaws
Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild. Apple rolled out security patches to fix a […]
Revil ransomware operators are targeting new victims
Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of […]
Why Your Hospital Network Needs an IoT Security Policy
By Marc Laliberte, Technical Security Operations Manager, WatchGuard Technologies The Internet of Things (IoT) industry has a security problem that has existed since its inception. From the Mirai botnet that […]
Keeping Health Records Safe from Cyber Criminals
By Dexter Caffey, Founder and CEO, Smart Eye Technology The healthcare industry is currently one of the most lucrative targets for hackers. A recent report by a mobile security company […]
The Importance of Multi-Factor Authentication and Strong Passwords
Understanding and implementing MFA and strong password protocol. By Jeff Severino, CyberLock Defense, Lockton Affinity The importance of multi-factor authentication and password security is critical. Often, it is your best […]
Cyber Security Incident Response Plan: How to Proactively Prepare for a Breach
By Joseph Carson, Advisory CISO, ThycoticCentrify Many organizations are coming to the harsh realization that it’s only a matter of when, not if, they will fall victim to a cyberattack. […]
ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers
Microsoft has fixed a critical flaw in Cosmos DB that allowed any Azure user to remotely take over other users’ databases without any authorization. Researchers from Cloud security company Wiz […]
CISA urges enterprises to fix Microsoft Azure Cosmos DB flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging enterprises to address the recently disclosed vulnerability in Microsoft Azure Cosmos DB. The U.S. Cybersecurity and Infrastructure Security […]
Gold Optis: Most Innovative and Socially Conscious Technologies at Black Hat
By Olivia Gallucci, Cybersecurity Reporter, Cyber Defense Magazine I interviewed approximately sixty industry leaders from over forty companies who attended Black Hat. Although this article series—The Optis—can be read as […]
FBI flash alert warns on OnePercent Group Ransomware attacks
The FBI shared info about OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. The Federal Bureau of Investigation (FBI) has published […]
Looking Back at Executive Order on Cybersecurity and What it Means for Your Business
By James Gorman, CISO of AuthX On May 12, 2021, President Biden issued an Executive Order focused on improving the nation’s cybersecurity. This executive order strives to accomplish several important objectives for the United States’ approach to safeguarding its data and systems. […]
Identity Matching: What You Need to Know About It
When asked how they can improve a bank’s security from financial crime, many bankers are at a loss for words. Granted, the question is a broad one and difficult to […]
The Future of Cybersecurity? Just One Word: Automation
By Dr. Peter Stephenson If you are not better informed, smarter, better equipped, and faster than the adversary, you can count on your system being compromised at some point. When […]
Taking Back Control of Today’s Software Supply Chain
By Jasmine Noel, Senior Product Marketing Manager, ReversingLabs Supply chains are under attack. Malicious actors perpetrating these breaches will continue to succeed until security teams abandon common myths and misconceptions […]
No, You Don’t Need
By Daniel Petrillo , Director of Security Strategy, Morphisec Endpoint detection and response (EDR) solutions, and their evolution — extended detection and response (XDR) platforms — are increasingly popular. To […]
LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains
A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez […]
Boosting Morale During Tough Times Will Also Boost Your Security Resilience
By Nir Polak, CEO, Exabeam While 2020 impacted nearly every business, the pandemic was not the only obstacle leaders faced last year. As we begin 2021, it’s important to remember […]
US DoJ indicts four members of China-linked APT40 cyberespionage group
US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. The U.S. Justice Department (DoJ) indicted four members of […]