No, You Don’t Need EDR
By Daniel Petrillo , Director of Security Strategy, Morphisec Endpoint detection and response (EDR) solutions, and their evolution — extended detection and response (XDR) platforms — are increasingly popular. To […]
New enhanced Joker Malware samples appear in the threat landscape
The Joker mobile trojan is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. Experts reported an uptick in malicious Android […]
The Internet of Things Ongoing Directions
By Milica D. Djekic It takes time to get through the journey. Several decades back the global technological landscape has been less developed and different than it is today. In […]
BIOPASS malware abuses OBS Studio to spy on victims
Researchers spotted a new malware, dubbed BIOPASS, that sniffs victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio. Researchers from Trend Micro spotted a new malware, dubbed BIOPASS, that […]
The Mobile Attack Pyramid
Identifying Attack Surfaces is Key to Protecting Mobile Applications By David Stewart, CEO, Approov, Inc. A regular pyramid has 5 surfaces, 4 sloping ones and another as its base. In […]
REvil gang exploited a zero-day in the Kaseya supply chain attack
Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply chain attack made the headlines, on Friday the REvil ransomware […]
All the User Experience, None of The Security?
EU telcos gather a lot of highly sensitive customer information. New research suggests it’s not as well protected as you might think. By Deepika Gajaria, Vice President of Product, Tala […]
New Report Shows Over Two Million Secrets Detected on Public GitHub in 2020 and a 20% growing trend Year-Over-Year.
By Jeremy Thomas, GitGuardian CEO When we started working on GitGuardian’s detection algorithm and got the first detection results, we could not believe it. We were facing a very counterintuitive […]
Overcoming Security as a Barrier to Cloud Adoption
By Ron Newman, SVP at NTT Ltd. Security Division The last year has forced organizations into change, both planned and unplanned. Companies have had to pivot, rethink their business strategies […]
Norway blames China-linked APT31 for 2018 government hack
Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 […]
Crypto-mining campaign targets Kubeflow installs on a large scale
Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow […]
Rethinking Remote Monitoring and Management: How MSPs Can Put Security First and Better Protect Their Clients
By Ryan Heidorn, Managing Partner, Steel Root For most Managed Service Providers (MSPs), using a remote monitoring and management (RMM) platform to centrally manage their clients’ networks is a foregone […]
Key Business Lessons Learned from The SolarWinds Hack
By, George Waller, CEO of Strikeforce Technologies A full year of disruption by the global pandemic has forced businesses to adapt fast to the shifting remote work realities. This new […]
StayHackFree – Your Kid’s Sports Team
Your Kids Sports team is better managed than your Cyber Team. By James Gorman, CISO, Authx Your Kid’s Hockey team has better management than your Cyber Security team. Really, I […]
New Epsilon Red Ransomware appears in the threat landscape
Researchers spotted a new piece of ransomware named Epsilon Red that was employed at least in an attack against a US company. Researchers from Sophos spotted a new piece of […]
French intel found flaws in Bluetooth Core and Mesh specs
Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh […]
Housekeeping Pitfalls of Vulnerability Management
By Srinivas Mukkamala, Co-Founder and CEO, RiskSense Vulnerability management doesn’t always get the attention it needs until it’s too late. Vulnerability management is siloed and is slow to adapt to […]
Humans Just Can’t Cut it Anymore
By Peter Stephenson, PhD, CISSP (lifetime), FAAFS (2015-16) Let’s face it, folks… when it comes to interdicting and stopping a cyberattack we’re tortoises racing the hare. When the adversary unleashes […]
Android stalkerware, a danger for victims and stalkers
ESET research shows that Android stalkerware apps are affected by vulnerabilities that further threaten victims. ESET research reveals that common Android stalkerware apps are affected with vulnerabilities that could expose […]
How to Become Unattractive for Cybercriminals
Map, monitor, and manage your attack surface to stay a step ahead By Stijn Vande Casteele, Founder and CEO, Sweepatic All organizations rely heavily on web presence to display their […]
Darkside gang lost control of their servers and funds
The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of the funds the gang obtained from the victims. Darkside ransomware operators say […]
When it comes to your zero trust strategy, a modern approach to IGA is key
By Rod Simmons, vice president of product strategy, Omada The traditional perimeter approach to security was being dramatically altered long before COVID-19. However, the massive shift to a largely remote […]
Most of Exim email servers could be hacked by exploiting 21Nails flaws
The maintainers of the Exim email server software addressed a collection of 21 issues, dubbed 21Nails, that can allow attackers to fully compromise mail servers. The maintainers of the Exim […]
Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs
China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group is a China-linked cyber espionage group that has […]
Boffins found a bug in Apple AirDrop that could leak users’ personal info
Experts found a bug in Apple’s wireless file-sharing protocol Apple AirDrop that could expose user’s contact information. Boffins from the Technical University of Darmstadt, Germany, have discovered a privacy issue […]
Patchstack Protects The Web With Community
By Oliver Sild, the co-founder and CEO of Patchstack Web applications today are built with heavy use of open source code – all of which is largely put together by […]
XCSSET malware now targets macOS 11 and M1-based Macs
XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware […]
How to Become Unattractive for Cybercriminals
Map, monitor and manage your attack surface to stay a step ahead By Stijn Vande Casteele, Founder and CEO, Sweepatic All organizations rely heavily on web presence to display their […]
Malware Evasion Techniques
By Stas Gaivoronskii, Malware Analyst at ANY.RUN Cybercriminals create new ways to make malware invisible for detection. They hide malicious indicators and behavior during analysis. Researchers need to know about […]
Monetising Customer Data Without Their Knowledge Is Unethical and Must Stop By Sridhar Iyengar, MD, Zoho Europe
By Sridhar Iyengar, MD, Zoho Europe Large tech corporations have started turning into surveillance companies, tracking the behaviour of businesses and users who have become heavily reliant on their services […]