REvil gang exploited a zero-day in the Kaseya supply chain attack
Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply chain attack made the headlines, on Friday the REvil ransomware […]
New LinkedIn breach exposes data of 700 Million users
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users. A new massive LinkedIn breach […]
In the Midst of COVID-19, We’re Seeing a Pandemic of Cyber Attacks
By Babur Khan, Technical Marketing Engineer – Enterprise Security at A10 Networks In the first quarter of 2021, the COVID-19 pandemic is still wreaking havoc around the globe. The coronavirus […]
Threat actors in January attempted to poison the water at a US facility
Threat actors in January attempted to poison the water at a US facility, a circumstance that highlights the importance of cybersecurity for water and wastewater utilities. The news that a […]
Manage the Cloud Permissions Gap to Achieve Zero Trust
The Cloud Permissions Gap exposes organizations to highly exploitable risk combined with the inability to implement and manage Zero Trust policies. By Raj Mallempati, CloudKnox Security COO In 2020, when […]
Uncovering hidden cybersecurity risks
By Adam Nichols, Principal of Software Security at GRIMM The technology we use and depend upon has critical vulnerabilities in their software and firmware, lurking just beneath the surface of […]
Data Loss Prevention in Turbulent Times
By Otavio Freire, CTO & Co-Founder at SafeGuard Cyber Data, the saying goes, is the new oil. This probably understates the case: Not only is data at the core of […]
Experts devised a new attack to bypass Microsoft PatchGuard
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug […]
Android stalkerware, a danger for victims and stalkers
ESET research shows that Android stalkerware apps are affected by vulnerabilities that further threaten victims. ESET research reveals that common Android stalkerware apps are affected with vulnerabilities that could expose […]
Secure Data Recovery Services: Protecting Business Continuity
By Dmitri Kardashev, Founder and CEO, SecureData, Inc. In today’s world, consumers and businesses alike require consistent and easy access to their data. Whether it’s large customer databases that an […]
China-linked APT uses a new backdoor in attacks at Russian defense contractor
China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor A China-linked cyberespionage group targets a Russian defense contractor involved in designing nuclear submarines for the Russian Navy. […]
Patchstack Protects The Web With Community
By Oliver Sild, the co-founder and CEO of Patchstack Web applications today are built with heavy use of open source code – all of which is largely put together by […]
The skills to propel your team’s cyber security defense
By Andrew Loschmann, Chief Operating Officer, Field Effect Advancing your cyber security capabilities as you scale is an obvious need. But if you’re resourced like many infosec departments, either very lean or […]
New Cring ransomware deployed targeting unpatched Fortinet VPN devices
Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Threat actors are actively exploiting the CVE-2018-13379 vulnerability in Fortinet […]
The Best Network Protection: Go Deep or Go Broad?
By Albert Zhichun Li, Chief Scientist, Stellar Cyber Almost since the beginning of network security, vendors and practitioners have wrestled with choices between going deep and going broad for their […]
Peer-To-Peer Cybersecurity Insights For 2021
Based on real practitioners’ experiences By Stuart Berman, IT Central Station Super User December is typically a month when people who work in the IT field offer predictions for the […]
SOCs to Turn to Security Automation to Cope with Growing Threats
Increasingly complex threats, staffing shortages, and rising costs are driving investments in security automation By Chris Triolo, Vice President of Customer Success, FireEye The cybersecurity landscape is becoming ever more […]
Innovation, Automation and Securing A “Work from Anywhere” Environment In The Middle East
By Mazen A. Dohaji, Vice President, India, Middle East, Turkey & Africa (iMETA), LogRhythm. Throughout 2020, enterprises and public sector organizations across the Middle East have been managing disruption and […]
CISA is warning of vulnerabilities in GE Power Management Devices
U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns of flaws in GE Power Management Devices that could allow an attacker to conduct multiple malicious activities on vulnerable systems. U.S. Cybersecurity […]
China-linked APT31 group was behind the attack on Finnish Parliament
China-linked cyber espionage group APT31 is believed to be behind an attack on the Parliament of Finland that took place in 2020. China-linked cyber espionage group APT31 is believed to […]
ProxyLogon Microsoft Exchange exploit is completely out of the bag by now
A security researcher released a new PoC exploit for ProxyLogon issues that could be adapted to install web shells on vulnerable Microsoft Exchange servers. A security researcher has released a […]
Apple fixes CVE-2021-1844 RCE that affects iOS, macOS, watchOS, and Safari
Apple released out-of-band patches to address a remote code execution, tracked as CVE-2021-1844, that affect iOS, macOS, watchOS, and Safari web browser. Apple has released out-of-band security patches to address […]
Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA
The European Banking Authority (EBA) disclosed a cyberattack that resulted in the hack of its Microsoft Exchange email system. The European Banking Authority announced that it was the victim of […]
Security and Remote Management: What Is the Market Looking Like as We Head Towards 2021?
By Gil Pekelamn, CEO, Atera For many IT professionals and managed service providers (MSPs), remote management has always been part of the deal. Especially in this generation’s global economy, service […]
EU leaders aim at boosting defense and security, including cybersecurity
During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security. During the recent video conference of the […]
Thousands of VMware Center servers exposed online and potentially vulnerable to CVE-2021-21972 flaw
A Chinese security researcher published a PoC code for the CVE-2021-21972 vulnerability in VMware Center, thousands of vulnerable servers are exposed online. A Chinese security researcher published the Proof-of-concept exploit code for […]
Airplane manufacturer Bombardier has disclosed a security breach, data leaked online
Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal […]
Does Sunburst Have Your Confidential Emails and Database Data?
By Randy Reiter CEO of Don’t Be Breached So far three malware strains have been identified in the SolarWinds supply chain attack. They are the SUNBURST, SUPERNOVA, and TEARDROP malware […]
Cyber Defense Magazine nominated Cobwebs Technologies for Its 2021 InfoSec Awards for threat intelligence
By Udi Levy, CEO & Co-Founder at Cobwebs Technologies With a growing number of malicious cyber activities, threat intelligence has become an integral part of many organizations. Most threat intelligence […]
Over 3.2 billion emails and passwords hacked…find out if you are a victim and what to do about it…
It’s time to consider new passwords and multi-factor authentication or password management tools The current breach is really a compilation of many breaches, hence it’s name “Compilation of Many Breaches” […]