According to a new malware analysis conducted by cybersecurity researcher Joakim Kennedy, SunCrypt, a ransomware strain that continued to infect several targets last year, seems to be an updated version of QNAPCrypt ransomware, targeting Linux file sto…Read More Cyber Analysts Find Links Between SunCrypt and QNAPCrypt Ransomware
You may think cybercrime is something quite recent and modern, but at the dizzying pace everything happens today, this is actually a phenomenon that has already gone through several phases of evolution and development. Countries are buying hacking skil…Read More Some Countries are Buying Hacking Skills from Cybercrime Groups
Following the cyberattack on Accellion’s FTA file transfer service, Transport for NSW, which is the main transport and roads agency in New South Wales, Australia, and the state’s ministry of health, is the latest government entity to be entrapped in th…Read More Worldwide Accellion Data Breach Impacted Transport for NSW
According to a recent UHS earnings report, the Ryuk ransomware attack from last September resulted in about $67 million in lost operating income, labor expenses, and overall recovery costs. The incident, which came amidst a wave of suspected Ryuk attac…Read More Ryuk Ransomware Attack Cost UHS $67M in Lost Revenue
Also known as SIM splitting, simjacking, SIM hijacking, and port-out scamming, SIM swapping is a type of fraud that targets your personal information so that cybercriminals can pass themselves off as you and access your bank accounts. In short, the fra…Read More What is SIM Swapping?
After an undisclosed number of subscribers were reportedly hit by malicious SIM swapping attacks, American telecommunications company T-Mobile has announced a data breach. The telecom giant revealed in a security breach notice sent to affected consumer…Read More T-Mobile Confirms Data Breach and SIM Swapping Attacks
It was recently discovered that a new Ryuk variant lists all the IP addresses in the local ARP cache to propagate itself over the local network, and sends what looks like Wake-on-LAN (WOL) packets to each of the discovered devices, BleepingComputer wri…Read More Ryuk Ransomware Now Self-Spreads to Other Windows LAN Devices
Tracking IT assets using IT asset management software can be vital for the operational and financial success of your organization. For this reason, having an effective IT asset lifecycle management (ITALM) process in place is crucial. But how exactly d…Read More Understanding IT Asset Lifecycle Management
I have always found it curious which tech tools organizations use to get their work done daily. I’m thinking it’s probably not a brief list. Every now and then, it happens I realize a tool I’ve forgotten about is way more adequate for a task than the t…Read More What is an IT Asset Management Tool?
After having a busy 2020, it seems that 2021 is going to be at least as equally productive for the North Korean Lazarus group. Considered one of the most dangerous hacking groups at the moment, they have targeted the defense industry with malware dubbe…Read More The Lazarus Group Used Custom Malware to Target Defense Industry
As defined by the International Association of IT Asset Managers, IT Asset Management is a set of business practices that incorporates IT assets across the business units within the organization. It joins the financial, inventory, contractual, and risk…Read More What is an IT Asset Management System?
When referring to an IT asset, we usually talk about hardware (servers, routers, and switches), software (applications and support systems), and confidential information. So, it’s safe to assume that an IT Asset is basically any data, device, or other …Read More What is an IT Asset Inventory?
Over 6,700 VMware vCenter servers have been exposed online and susceptible to a new cyberattack, writes Catalin Cimpanu. With a severity score of 9.8 out of 10, this bug can allow hackers to control unpatched devices and effectively take over companies…Read More More than 6,700 VMware servers exposed, susceptible to takeover attacks
As defined by Jericho Systems, privilege management also referred to as Privileged Account Management (PAM) is “the practice of controlling and administering digital user identities and the rights of those identities to perform actions on specified res…Read More What is Privilege Management?
Last week, the Python Software Foundation (PSF) has released Python 3.9.2 and 3.8.8 to handle two recognized security issues. One of them is an RCE vulnerability, remotely exploitable in theory but in practical use, it can simply be utilized to take a …Read More Python Programming Language Rushes to Address RCE Vulnerability
At the beginning of the week, Accellion File Transfer Appliance (FTA) was subject to a security breach and extortion campaign orchestrated by the FIN11 group. Following the attacks, Accellion issued an official statement announcing that they have patch…Read More Jet Manufacturer Bombardier Data Leaked Following FTA Attack
There are premises outside of economic implications that draw attention to the importance of Automated Patch Management processes. Keeping systems well informed about the newly-released patches is no longer just a recommendation. It’s a necessity. As d…Read More Understanding the Automated Patch Management Process
On Monday, cybersecurity researchers connected a series of attacks targeting Accellion File Transfer Appliance (FTA) servers over the past two months to a data breach and extortion campaign orchestrated by the UNC2546 cybercrime group. Threat actors ta…Read More Accellion Attackers Stole Data and Breached Companies Running FTA Servers
When discussing cyber risks, among the most common terms that are used are vulnerabilities, exploits, and threats. It is necessary to understand the difference between these terms and what they mean in order to properly define Vulnerability Risk Manage…Read More What Is Vulnerability Risk Management?
A short while ago, news reports revealed that social networking app Clubhouse was exposed to a major security breach and the application is currently reviewing its data. The company that owns the app also confirmed that it is looking to use specialized…Read More Clubhouse Chats Have Been Breached
Nowadays, every single organization relies on software and Internet services. This dependence brings along a certain degree of vulnerability. Today’s marketplace businesses are more likely to be disrupted by cybercriminals than real-world crimina…Read More What Is a Zero-Day Vulnerability?
Failed credential-stuffing attack on RIPE NCC’s infrastructure. These assaults aim to compromise a large number of user accounts with stolen credentials. The group, which manages the IP address space for the EMEA region, is asking members to enab…Read More RIPE NCC reveals failed brute-force assault on its SSO service
According to TechTarget, a software patch is a “quick-repair job for a piece of programming designed to resolve functionality issues, improve security and add new features.” Although similar to a hotfix, which users can apply without having to restart …Read More What Is a Software Patch?
After their official statement in September 2020, where they confirmed they were ending support for Adobe Flash Player on its Chromium-based Edge, legacy Edge browsers, and Internet Explorer 11, Microsoft has begun removing the software from Windows de…Read More Windows Starts Removing Adobe Flash Player via KB4577586 update
Just when you thought things were finally going smoothly for a change, the malvertising group widely known as “ScamClub” has made an unfavorable comeback. This time, they exploited a zero-day vulnerability in WebKit-based browsers in order …Read More New Malvertising Campaign by the ScamClub Group Is Actively Exploiting Zero-Days