As COVID-19 spread across the world, organizations found themselves more exposed to cyber threats than ever before and the cybersecurity skills gap became even more obvious. Are you considering a career in cybersecurity? But even though – accordi…
Read More Starting your cybersecurity career path: What you need to know to be successfulSecurity Orchestration, Automation and Response (SOAR) products offer an appealing solution, promising efficiencies in detecting and responding to threats. However, organizations need to understand how these solutions can also introduce new challenges …
Read More How do I select a SOAR solution for my business?CISOs are responsible for pursuing cybersecurity purchases that align with the overall health of their organizations. All investments must drive tangible value and ROI while also contributing to the organization’s overall security posture. Securi…
Read More Security awareness programs: The difference between window dressing and behavior changeBy the end of 2020, the ransomware market, fueled by the pandemic turbulence, had turned into the biggest cybercrime money artery. Based on the analysis of more than 500 attacks observed during Group-IB’s own incident response engagements and cyber thr…
Read More Number of ransomware attacks grew by more than 150%Turn off Bluetooth if you are not using it on your computer or mobile device. Not only does this make it more secure, but it also saves battery life.
Read More BluetoothConsumers have faced a lot of change over the past year with the shift to a digital-first lifestyle, and tax season with increasing risks is no exception. McAfee’s 2021 Consumer Security Mindset study revealed that while roughly 2 out of 3 Americans (6…
Read More Digital-first lifestyle opens consumers to potential risks during tax seasonMotus released a report which examines the trends that will influence remote work in 2021 and beyond. Remote work in 2021 and beyond While U.S. organizations rapidly implemented temporary remote work policies last March in light of the pandemic, the re…
Read More Trends that will influence remote work in 2021 and beyondWe see the word “cyber” everywhere today. It’s included in all the hashtags, events names and even in hand sanitizer available for purchase at Toys ‘R Us: Cyber Clean (72% ethanol alcohol, with aloe.) With the market booming and the b…
Read More The Humanity and Evolution of CyberTufin released the Vulnerability-Based Change Automation App (VCA). The new app expands Tufin’s vulnerability management capabilities with automated vulnerability checks prior to approving network access changes. When combined with the Vulnerability Mi…
Read More Tufin releases Vulnerability-Based Change Automation AppStrata announced at Microsoft Ignite that its Maverics Identity Orchestrator platform for Microsoft Azure Active Directory (Azure AD) enables organizations to migrate applications to the Cloud without rewriting them so identity can be centrally managed…
Read More Strata Maverics Identity Orchestrator extends Azure AD control to on-premise applicationsCelebrate the winners of SANS + HBCU Cyber Ranges Black History Month Edition 2021.
Read More SANS + HBCU Cyber Range WinnersA look at the Rekt Casino Hack vulnerability management mistakes and how to improve for future.
Read More Rekt Casino Revisited: Operational Series Part 1SANS ICS Blog pertaining to a summary of the SANS ICS Security Summit
Read More A Visual Summary of SANS ICS Security SummitTo this “researcher”, even a job not worth doing was worth overdoing. Here’s what you can learn from the incident…
Read More Poison packages – “Supply Chain Risks” user hits Python community with 4000 fake modulesConfluera announced that its Board of Directors has appointed John Morgan as the new CEO. A leader with a strong business vision, Morgan succeeds co-founder Abhijit Ghosh who will take on a new role as chief technology officer. Morgan brings more than …
Read More John Morgan joins Confluera as CEOTelecommunications services like phone calls and text messaging are fundamental to everyday existence, and service providers are heavily dependent on the availability of affordable and interoperable technologies to meet customer expectation for reliabi…
Read More GSMA’s ISAG Group adds iconectiv’s CTO to help oversee global telecom industryThousands of organizations may have been victims of cyberattacks on Microsoft Exchange servers conducted by China-linked threat actors since January. At least tens of thousands of Microsoft customers may have been hacked by allegedly China-linked threat actors since January, including business and government agencies. The attacks started in January, but the attackers’ activity intensified in […]
The post Chinese hackers allegedly hit thousands of organizations using Microsoft Exchange appeared first on Security Affairs.
Read More Chinese hackers allegedly hit thousands of organizations using Microsoft ExchangeMicrosoft has pushed out a new update for their Microsoft Safety Scanner (MSERT) tool to detect web shells deployed in the recent Exchange Server attacks. […]
Read More Microsoft’s MSERT tool now finds web shells from Exchange Server attacksGoogle has added a new feature to Google Chrome Canary that makes it easier for users to test new hidden features under development. […]
Read More How to use Google’s ‘Chrome Labs’ to test new browser featuresGoogle has added a new feature to Google Chrome Canary that makes it easier for users to test new hidden features under development. […]
Read More Google’s Chrome Labs makes it easier to test new browser featuresU.S. and Canadian federal agencies are urging on-prem Exchange servers be immediately checked and patched.
The post Microsoft’s updated script checks for Exchange vulnerabilities first appeared on IT World Canada.
Microsoft has added XLM macro protection for Microsoft 365 customers by expanding the runtime defense provided by Office 365’s integration with Antimalware Scan Interface (AMSI) to include Excel 4.0 (XLM) macro scanning. […]
Read More Microsoft Office 365 gets protection against malicious XLM macrosRussia-linked APT groups leveraged the Lithuanian nation’s technology infrastructure to launch cyber-attacks against targets worldwide. The annual national security threat assessment report released by Lithuania’s State Security Department states that Russia-linked APT groups conducted cyber-attacks against top Lithuanian officials and decision-makers last in 2020. APT29 state-sponsored hackers also exploited Lithuania’s information technology infrastructure to carry […]
The post Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks appeared first on Security Affairs.
Read More Russia-linked APT groups exploited Lithuanian infrastructure to launch attacksA new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. EU leaders aim at boosting defense and security, including cybersecurity New Zealand-based cryptocurrency exchange Cryptopia hacked again ByteDance […]
The post Security Affairs newsletter Round 304 appeared first on Security Affairs.
Read More Security Affairs newsletter Round 304Zscaler Says it Prevented Over 2,500 Phishing AttacksA Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm Zcaler says. The …
Read More Phishing Attack Uses Fake Google reCAPTCHAThe REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. The REvil/Sodinokibi ransomware operators announced that they are using DDoS attacks and voice calls to victim’s business partners and journalists to force the victims into pay the ransom. The announcement shows […]
The post REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victims appeared first on Security Affairs.
Read More REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victimsHere’s an overview of some of last week’s most interesting news and articles: How do I select a cloud security solution for my business? To select a suitable cloud security solution for your business, you need to think about a variety of fa…
Read More Week in review: Exchange Servers under attack, disinformation economics, Patch Tuesday forecast