Cybersecurity Alone Is Not Enough, Systems Need Cyber Resiliency
Electronics systems today need to go beyond preparedness for an attack to resiliency during and after one. By Eric Sivertson, VP of Security Business Development, Lattice Semiconductor The National Vulnerability…
“Owning Your Identity” Through Biometric and Passwordless Innovations
By Bob Eckel, CEO, Aware Consumers around the world have become increasingly comfortable engaging with businesses digitally. Between 2020 and 2021, driven in part by the pandemic, the proportion of…
New Rook Ransomware borrows code from Babuk
Recently launched ransomware operation, named Rook, made headlines for its announcement claiming a desperate need a lot of money. A new ransomware operation named Rook appeared in the threat landscape,…
Enterprises Cannot Achieve Zero Trust Security Without Machine Identity Management
Thanks to the rise of machines and shift towards zero-trust security, organizations’ security will require a new type of identity management By Murali Palanisamy, chief solutions officer, AppViewX The…
PYSA ransomware gang is the most active group in November
PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in…
Conti ransomware gang exploits Log4Shell bug in its operations
The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise…
StayHackFree – Don’t Be Barry
The Holiday call from a buddy you do not want to get – much less make. By James Gorman, CISO, Authx Friday the week before Thanksgiving, driving home for the…
December 2021: Cyber Deception Month
How Bad Are The Breaches? Please take the time to visit a visual mapping of the largest breaches… http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Which I shortened for you… https://tinyurl.com/CDMG-DEC-2021 (you can trust me, I’m…
Experts warn of attacks exploiting CVE-2021-40438 flaw in Apache HTTP Server
Threat actors are exploiting the recently patched CVE-2021-40438 flaw in Apache HTTP servers, warns German Cybersecurity Agency and Cisco. Threat actors are exploiting a recently addressed server-side request forgery (SSRF)…
Multicloud Rolls In: Federal IT Professionals Share Insights and Challenges
By Rick Rosenburg, Vice President and General Manager, Rackspace Government Solutions, Rackspace Technology Federal agencies kicked into IT modernization overdrive during the pandemic and, as 2022 approaches, agencies are looking…
Overcoming the Limitations of VPN, NAC, and Firewalls with Zero Trust Access
During 2020 and 2021, we’ve seen ransomware-as-a-service wreak havoc in the IT supply chain and critical infrastructure. Below we explore how technologies and approaches to help protect organizations from these…
Ransomware attack disrupted store operations in the Netherlands and Germany
Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Electronics retail giant MediaMarkt was a victim of a ransomware attack that forced…
Guntrader Data Breach: Victims Concerned Over Impact
By Aman Johal, Lawyer and Director, Your Lawyers In July 2021, the details of over 111,000 Guntrader users – which included registered firearm owners – were leaked online after a…
CISA shares a catalog of 306 actively exploited vulnerabilities
The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure…
Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen
Cybersecurity researchers uncovered a huge botnet, tracked as Pink, that already infected over 1.6 million devices most of them located in China. Qihoo 360’s Netlab Cybersecurity researchers discovered a huge…
5 Recommendations to Prevent Man in the Middle Attacks (MITMA’s) within the Financial Sector.
MITMA’s stands for Man in The Middle Attacks, and is the term used to describe one the oldest but still exceptionally popular forms of attack. In this attack, a hacker…
Protecting SMBs from Current Cybersecurity Threats
A Few Small Practices Can Have a Large Impact By Mike Mosher, Director of Technology, Cinch I.T. If you own a small or medium-sized business, you are a target of…
Why NDR? See the Entire Elephant in the Room
By Aimei Wei, Chief Technical Officer (CTO) and Founder Network detection and response (NDR) has a long history, evolving out of network security and network traffic analysis (NTA). The historical…
Trickbot spreads malware through new distribution channels
TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the infamous TrickBot (ITG23 and Wizard Spider) malware have resurfaced with new distribution…
Being Mindful of Communication Security
The potential risks of communication APIs and CPaaS and secure vendor selection criteria. By James Ryan, Director of Information Security, BISO, IntelePeer The pandemic accelerated the demand for various things,…
Olympus US was forced to take down computer systems due to cyberattack
Olympus US was forced to take down IT systems in the American region (U.S., Canada, and Latin America) following a cyberattack. The medical technology giant Olympus was forced to shut…
Intercepting data traffic via iPhone
Intercepting data traffic via iPhone By Jordan Marcus Bonagura Introduction This article aims to demonstrate in a simplified way different approach for capturing and intercepting network traffic data originating from…
UK newspaper The Telegraph exposed a 10TB database with subscriber data
The UK media outlet The Telegraph has leaked 10 TB of subscriber data after failing to properly secure one of its databases. The UK newspaper The Telegraph’, one of the…
Source Code Protection Market
Do we need GitHub and Bitbucket backup software? By Marta Przybylska, Marketing Manager, GitProtect.io / Xopero Software Today, the software is the driving force of the world, and developers are…
5 Steps to Protect Your Organization from the Next Ransomware Attack
By Paul Kohler, CTO, S3 We have witnessed the largest ransomware attacks in history in the first half of 2021 alone. From SolarWinds to CNA Financial Corp, Colonial Pipeline, JBS…
Defeat Ransomware with Immutable Backup Data and Encryption
Move beyond traditional security strategies to protect against the two most common types of ransomware threats By Jon Toor, CMO, Cloudian The Director of the FBI recently described ransomware as…
The Biden administration plans to target exchange supporting ransomware operations with sanctions
US Government is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware operations to cash out ransom payments. The Biden administration is putting in place all…
FBI IC3 warns of a spike in sextortion attacks
The FBI Internet Crime Complaint Center (IC3) warns of a spike in sextortion attacks since the beginning of 2021 that caused $8M losses. The FBI Internet Crime Complaint Center (IC3)…
How Trustworthy is Your Cyber Defense?
Make your cybersecurity spending pay off with added defense tactics and provider accreditation By Tom Brennan, Chairman, CREST USA Cyber criminals are branching out from the big guys, the Facebook-type…
Looking Back at Executive Order on Cybersecurity and What it Means for Your Business
By James Gorman, CISO of AuthX On May 12, 2021, President Biden issued an Executive Order focused on improving the nation’s cybersecurity. This executive order strives to accomplish several important objectives for the United States’ approach to safeguarding its data and…